| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mostly automatic, using
`CHILD_REQUIRE\(([^|&\n]*) ==` -> `CHILD_REQUIRE_EQ_INT($1,`
`ATF_REQUIRE\(([^|&\n]*) ==` -> `REQUIRE_EQ_INT($1,` followed by
git-clang-format -f and then manually checking ones that contain ||/&&.
Test Plan:
Still getting the same failure but now it prints
`psr.sr_error (0) == EBADF (9) not met` instead of just failing
without printing the values.
PR: 243605
Reviewed By: jhb
Differential Revision: https://reviews.freebsd.org/D28887
(cherry picked from commit 96a9e50e63bfcbca7309c012c2c7a477c8826824)
|
|
|
|
|
|
|
| |
It appears this test no longer fails after c203bd70b5957f85616424b6fa374479372d06e3.
PR: 215690
(cherry picked from commit 1eec5861d52e074bc20d08aef051af59cc70040e)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the CheriBSD CI, we run the testsuite with /tmp as tmpfs. This causes
the extattr audit tests to fail since tmpfs does not (yet) support
extattrs. Skip those tests if the target path is on a file system that
does not support extended file attributes.
While touching these two files also convert the ATF_REQUIRE_EQ(-1, ...)
checks to use ATF_REQURIE_ERRNO().
Reviewed By: asomers
Differential Revision: https://reviews.freebsd.org/D28392
(cherry picked from commit 40407d3998d1a12cbe929721f4dbe72b4be478a6)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This changes the behaviour to a 30s total timeout (needed when running
on slow emulated uniprocessor systems) and timing out after 10s without
any input. This also uses timespecsub() instead of ignoring the
nanoseconds field.
After this change the tests runs more reliably on QEMU and time out less
frequently.
Reviewed By: asomers
Differential Revision: https://reviews.freebsd.org/D28391
(cherry picked from commit 869cc06480b75b4caea0d049e0cf7f82bb5aeed1)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Traditionally routing socket code did almost zero checks on
the input message except for the most basic size checks.
This resulted in the unclear KPI boundary for the routing system code
(`rtrequest*` and now `rib_action()`) w.r.t message validness.
Multiple potential problems and nuances exists:
* Host bits in RTAX_DST sockaddr. Existing applications do send prefixes
with hostbits uncleared. Even `route(8)` does this, as they hope the kernel
would do the job of fixing it. Code inside `rib_action()` needs to handle
it on its own (see `rt_maskedcopy()` ugly hack).
* There are multiple way of adding the host route: it can be DST without
netmask or DST with /32(/128) netmask. Also, RTF_HOST has to be set correspondingly.
Currently, these 2 options create 2 DIFFERENT routes in the kernel.
* no sockaddr length/content checking for the "secondary" fields exists: nothing
stops rtsock application to send sockaddr_in with length of 25 (instead of 16).
Kernel will accept it, install to RIB as is and propagate to all rtsock consumers,
potentially triggering bugs in their code. Same goes for sin_port, sin_zero, etc.
The goal of this change is to make rtsock verify all sockaddr and prefix consistency.
Said differently, `rib_action()` or internals should NOT require to change any of the
sockaddrs supplied by `rt_addrinfo` structure due to incorrectness.
To be more specific, this change implements the following:
* sockaddr cleanup/validation check is added immediately after getting sockaddrs from rtm.
* Per-family dst/netmask checks clears host bits in dst and zeros all dst/netmask "secondary" fields.
* The same netmask checking code converts /32(/128) netmasks to "host" route case
(NULL netmask, RTF_HOST), removing the dualism.
* Instead of allowing ANY "known" sockaddr families (0<..<AF_MAX), allow only actually
supported ones (inet, inet6, link).
* Automatically convert `sockaddr_sdl` (AF_LINK) gateways to
`sockaddr_sdl_short`.
Reported by: Guy Yur <guyyur at gmail.com>
Reviewed By: donner
Differential Revision: https://reviews.freebsd.org/D28668
(cherry picked from commit 2fe5a79425c79f7b828acd91da66d97230925fc8)
|
|
|
|
|
|
|
|
|
|
| |
df093aa9463b linked against libprivateauditd.a, but that is currently
(and incorrectly) built as position-dependent. For now just force PIE
off for this test to fix the WITH_PIE build.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 4621c4f2fd179eff0923140da9af122c42dbe78b)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure that we not only block on some interfaces, but also forward on
some. Without the previous commit we wound up discarding on all ports,
rather than only on the ports needed to break the loop.
MFC after: 1 week
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D28917
(cherry picked from commit 7a4dbffa4205fc274b4884a6332d4831c5791320)
|
|
|
|
|
|
|
|
|
|
|
| |
This is basically the same test as the existing STP test, but now on top
of VLAN interfaces instead of directly using the epair devices.
MFC after: 1 week
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D28861
(cherry picked from commit 26492ba2716f8b839f743bb663ce47405990fdf0)
|
|
|
|
|
|
|
|
|
| |
MFC note: this plus the merge of two preliminary removal of __NO_TLS
definitions for mips and risc-v break ABI. It was decided that doing
ABI break on tier 2 platforms at this stage of 13.0 release process is
better than drag on __NO_TLS presence for the 13.x branch lifetime.
(cherry picked from commit 3ae8d83d04a7a6ec11b64c89ee60c180b0bde30e)
|
|
|
|
|
|
|
|
|
|
| |
If we install the scapy package (which we do list as a dependency) we
don't automatically install python (but we do have python3).
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC (“Netgate”’)
(cherry picked from commit 4a7d84058d88244c405fc0b73d6985681eb661f5)
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure that pf's urpf-failed keyword works as expected.
PR: 253479
MFC after: 1 week
Reviewed by: melifaro@
Differential Revision: https://reviews.freebsd.org/D28694
(cherry picked from commit 6b52139eb8e8eda0ea263b24735556194f918642)
|
|
|
|
| |
(cherry picked from commit cd579b6fba46b9f5005358d1e82def7b26703224)
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will allow a system to be a true RFC 6598 NAT444 setup, where each
network segment (e.g. user, subnet) can have their own dedicated port
aliasing ranges.
Reviewed by: donner, kp
Approved by: 0mp (mentor), donner, kp
Differential Revision: https://reviews.freebsd.org/D23450
(cherry picked from commit a08cdb6cfb1c84b80b5337d46c574b55d0e15c63)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 601ac82194693fcae9d7d2a7ec7d66ebaf3fd61e.
Seems that git cherry-pick mis-merges files for this software.
It associates files in completely unrelated sub-trees with same name
files from this package, e.g. README.md and .gitignore.
My attempt to fix the mis-merge was incomplete and wrong.
Therefore I'm reverting the commit that as a result of my failed
attempt at conflict resolution lead to README.md and .gitignore
in the top source directory to be deleted.
This mistake has been carried over to releng/13.0, which now
also lacks README.md and .gitignore in /usr/src.
I'll try to re-apply the failed commit over the next hours and to get
the fix merged to releng/13.0 with re approval.
|
|
|
|
| |
(cherry picked from commit 47a52dc4d48f259ab7d9f9ba6b65f4f2331a22dc)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rtinit[1]() is a function used to add or remove interface address prefix routes,
similar to ifa_maintain_loopback_route().
It was intended to be family-agnostic. There is a problem with this approach
in reality.
1) IPv6 code does not use it for the ifa routes. There is a separate layer,
nd6_prelist_(), providing interface for maintaining interface routes. Its part,
responsible for the actual route table interaction, mimics rtenty() code.
2) rtinit tries to combine multiple actions in the same function: constructing
proper route attributes and handling iterations over multiple fibs, for the
non-zero net.add_addr_allfibs use case. It notably increases the code complexity.
3) dstaddr handling. flags parameter re-uses RTF_ flags. As there is no special flag
for p2p connections, host routes and p2p routes are handled in the same way.
Additionally, mapping IFA flags to RTF flags makes the interface pretty messy.
It make rtinit() to clash with ifa_mainain_loopback_route() for IPV4 interface
aliases.
4) rtinit() is the last customer passing non-masked prefixes to rib_action(),
complicating rib_action() implementation.
5) rtinit() coupled ifa announce/withdrawal notifications, producing "false positive"
ifa messages in certain corner cases.
To address all these points, the following has been done:
* rtinit() has been split into multiple functions:
- Route attribute construction were moved to the per-address-family functions,
dealing with (2), (3) and (4).
- funnction providing net.add_addr_allfibs handling and route rtsock notificaions
is the new routing table inteface.
- rtsock ifa notificaion has been moved out as well. resulting set of funcion are only
responsible for the actual route notifications.
Side effects:
* /32 alias does not result in interface routes (/32 route and "host" route)
* RTF_PINNED is now set for IPv6 prefixes corresponding to the interface addresses
Differential revision: https://reviews.freebsd.org/D28186
|
|
|
|
|
|
| |
As discovered by syzcaller this used to provoke panics.
MFC after: 1 week
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, we would accept any kind of LIO_* opcode, including ones
that were intended for in-kernel use only like LIO_SYNC (which is not
defined in userland). The situation became more serious with
022ca2fc7fe08d51f33a1d23a9be49e6d132914e. After that revision, setting
aio_lio_opcode to LIO_WRITEV or LIO_READV would trigger an assertion.
Note that POSIX does not specify what should happen if aio_lio_opcode is
invalid.
MFC-with: 022ca2fc7fe08d51f33a1d23a9be49e6d132914e
Reviewed by: jhb, tmunro, 0mp
Differential Revision: <https://reviews.freebsd.org/D28078
|
|
|
|
|
|
|
|
| |
Don't try to cleanup the zpool if we couldn't create a zpool in the
first place.
Submitted by: tmunro
MFC-with: 022ca2fc7fe08d51f33a1d23a9be49e6d132914e
|
|
|
|
|
|
|
| |
aio_fsync(O_DSYNC, ...) is the asynchronous version of fdatasync(2).
Reviewed by: kib, asomers, jhb
Differential Review: https://reviews.freebsd.org/D25071
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
POSIX AIO is great, but it lacks vectored I/O functions. This commit
fixes that shortcoming by adding aio_writev and aio_readv. They aren't
part of the standard, but they're an obvious extension. They work just
like their synchronous equivalents pwritev and preadv.
It isn't yet possible to use vectored aiocbs with lio_listio, but that
could be added in the future.
Reviewed by: jhb, kib, bcr
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D27743
|
|
|
|
|
|
|
|
|
|
| |
This updates the FUSE protocol to 7.28, though most of the new features
are optional and are not yet implemented.
MFC after: 2 weeks
Relnotes: yes
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D27818
|
|
|
|
|
|
|
|
|
|
| |
An order-of-operations problem caused an expectation intended for
FUSE_READ to instead match FUSE_ACCESS. Surprisingly, only one test
case was affected.
MFC after: 2 weeks
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D27818
|
|
|
|
|
| |
MFC after: 2 weeks
X-MFC with: 37df9d3bba8577fcdd63382ff5a4a5cbb4aa55b4
|
|
|
|
|
|
|
|
|
|
| |
FUSE_LSEEK reports holes on fuse file systems, and is used for example
by bsdtar.
MFC after: 2 weeks
Relnotes: yes
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D27804
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
maxphys is now a tunable, ever since r368124. The default value is also
larger than it used to be. That broke several fusefs tests that made
assumptions about maxphys.
* WriteCluster.clustering used the MAXPHYS compile-time constant.
* WriteBackAsync.direct_io_partially_overlaps_cached_block implicitly
depended on the default value of maxphys. Fix it by making the
dependency explicit.
* Write.write_large implicitly assumed that maxphys would be no more
than twice maxbcachebuf. Fix it by explicitly setting m_max_write.
* WriteCluster.clustering and several others failed because the MockFS
module did not work for max_write > 128KB (which most tests would set
when maxphys > 256KB). Limit max_write accordingly. This is the same
as fusefs-libs's behavior.
* Bmap's tests were originally written for MAXPHYS=128KB. With larger
values, the simulated file size was too small.
PR: 252096
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D27769
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It turns out pf incorrectly updates the TCP checksum if the TCP option
we're modifying is not 2-byte algined with respect to the start of the
packet.
Create a TCP packet with such an option and throw it through a scrub
rule, which will update timestamps and modify the packet.
PR: 240416
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D27688
|
|
|
|
| |
MFC after: 1 week
|
|
|
|
|
|
|
|
| |
All but one of these (tap_ipv6_up_stress) currently pass, so we should enable
them so we don't regress.
Notes:
svn path=/head/; revision=368743
|
|
|
|
|
|
|
|
|
| |
Reviewed by: kib, markj
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D27564
Notes:
svn path=/head/; revision=368570
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Work around bogus gcc -Wreturn-type.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=44511
Reviewed by: kevans, rew
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D27563
Notes:
svn path=/head/; revision=368569
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Macfilter to route packets through different hooks based on sender MAC address.
Based on ng_macfilter written by Pekka Nikander
Sponsered by Retina b.v.
Reviewed by: afedorov
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D27268
Notes:
svn path=/head/; revision=368443
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enable in-kernel acceleration of SHA1 and SHA2 operations on arm64 by adding
support for the ossl(4) crypto driver. This uses OpenSSL's assembly routines
under the hood, which will detect and use SHA intrinsics if they are
supported by the CPU.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D27390
Notes:
svn path=/head/; revision=368350
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changing a table from not having counters to having counters (or vice versa)
may trigger panics.
PR: 251414
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D27441
Notes:
svn path=/head/; revision=368277
|
|
|
|
|
|
|
|
|
| |
PR: 220398, 251515
MFC after: 1 week
MFC-With: r368265
Notes:
svn path=/head/; revision=368272
|
|
|
|
|
|
|
|
|
|
|
| |
We've fixed the vnet/epair cleanup race, so it is now safe to re-enable these
tests.
MFC after: 2 weeks
Sponsored by: Modirum MDPay
Notes:
svn path=/head/; revision=368239
|
|
|
|
|
|
|
| |
MFC-with: r368045
Notes:
svn path=/head/; revision=368046
|
|
|
|
|
|
|
|
|
| |
Pointy hat to: jhb
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D27367
Notes:
svn path=/head/; revision=368008
|
|
|
|
|
|
|
|
|
|
| |
Attempt to provoke the panic fixed in r367987.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D27350
Notes:
svn path=/head/; revision=367990
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During the life of a process, new file descriptor tables may be allocated. When
a new table is allocated, the old table is placed in a free list and held onto
until all processes referencing them exit.
When a new file descriptor table is allocated, the old file descriptor table
can be freed when the current process has a single-thread and the file
descriptor table is not being shared with any other processes.
Reviewed by: kevans
Approved by: kevans (mentor)
Differential Revision: https://reviews.freebsd.org/D18617
Notes:
svn path=/head/; revision=367927
|
|
|
|
|
|
|
|
| |
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D27255
Notes:
svn path=/head/; revision=367869
|
|
|
|
|
|
|
|
|
| |
Reviewed by: markj, olivier, tuexen
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D27173
Notes:
svn path=/head/; revision=367685
|
|
|
|
|
|
|
|
|
| |
Reviewed by: markj, imp, cem,
Approved by: markj
Differential Revision: https://reviews.freebsd.org/D26792
Notes:
svn path=/head/; revision=367647
|
|
|
|
|
|
|
|
| |
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC (Netgate)
Notes:
svn path=/head/; revision=367388
|
|
|
|
|
|
|
|
|
| |
sysctl 'kern.cryptodevallowsoft' was renamed to 'kern.crypto.allow_soft' in
r359374 and the prevous one is only available in kernel built with
"options COMPAT_FREEBSD12".
Notes:
svn path=/head/; revision=367351
|
|
|
|
| |
Notes:
svn path=/head/; revision=367185
|
|
|
|
|
|
|
|
|
|
|
|
| |
Foundation copyrights, approved by emaste@. It does not include
files which carry other people's copyrights; if you're one
of those people, feel free to make similar change.
Reviewed by: emaste, imp, gbe (manpages)
Differential Revision: https://reviews.freebsd.org/D26980
Notes:
svn path=/head/; revision=367105
|
|
|
|
|
|
|
|
|
| |
Kyua is now available in the base system.
While here, reword the usage section a bit.
Notes:
svn path=/head/; revision=367074
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
802.1ad interfaces are created with ifconfig using the "vlanproto" parameter.
Eg., the following creates a 802.1Q VLAN (id #42) over a 802.1ad S-VLAN
(id #5) over a physical Ethernet interface (em0).
ifconfig vlan5 create vlandev em0 vlan 5 vlanproto 802.1ad up
ifconfig vlan42 create vlandev vlan5 vlan 42 inet 10.5.42.1/24
VLAN_MTU, VLAN_HWCSUM and VLAN_TSO capabilities should be properly
supported. VLAN_HWTAGGING is only partially supported, as there is
currently no IFCAP_VLAN_* denoting the possibility to set the VLAN
EtherType to anything else than 0x8100 (802.1ad uses 0x88A8).
Submitted by: Olivier Piras
Sponsored by: RG Nets
Differential Revision: https://reviews.freebsd.org/D26436
Notes:
svn path=/head/; revision=366917
|
|
|
|
| |
Notes:
svn path=/head/; revision=366773
|