libfetch: Gracefully skip unsupported protocols
If socket() fails because the address family or protocol is unsupported,
just continue with the next address.
MFC after: 1 week
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D55407
libfetch: Fail hard if interrupted while connecting
This fixes an issue where the first address that DNS returns is blocked
by a packet filter, so we hang for a while, then the user hits Ctrl-C,
interrupting connect(2), whereupon we move on to the next address, get
a connection, request the file, and return to fetch(1), which sees that
SIGINT was caught and bails.
Note that we make no attempt to enforce fetchTimeout in the connection
phase, and never have. It's feasible, but non-trivial, so we'll leave
it as an exercise for future us.
PR: 293312
MFC after: 1 week
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D55406
libfetch: Clean up fetch_info usage
* Provide a wrapper for the common if (verbose) fetch_info(...) idiom.
* Replace remaining instances of fprintf(stderr, ...) with fetch_info().
* Fix a few style nits.
MFC after: 1 week
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D55405
libnetbsd: import `__CTASSERT(..)` macros
These compile-time assert macros are similar to `Static_assert` on FreeBSD.
These macros are in use in newer versions of `contrib/netbsd-tests`.
Obtained from: https://github.com/NetBSD/src (c26cc77b3a0b26b95a2)
MFC after: 1 week
tcp: improve validation of received TCP over UDP packets
Reviewed by: glebius, pouria
MFC after: 3 days
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D55410
nvmf: Limit the default I/O queue size to 128 entries
Previously the size defaulted to the maximum supported size reported
by the remote host. The value of 128 matches the default on Linux and
avoids excessive resource usage for I/O queues.
Sponsored by: Chelsio Communications
ctld: Honor the default maximum I/O queue size for NVMeoF controllers
<dev/nvmf.h> exports a constant to set the default maximum I/O queue
size which is used by ctl(4) if an explicit size is not set. This
value was chosen to match Linux's default, but it also avoids
excessive resource usage for I/O queues.
ctld was using the absolute maxium size as the default instead.
Sponsored by: Chelsio Communications
gre tests: Fix gcc warnings on gre netlink tests
Avoid using `snl_add_msg_attr_ip` for now and directly use
`snl_add_msg_attr_ip4` to silence gcc warnings.
Fixes: e1e18cc12e68
Differential Revision: https://reviews.freebsd.org/D54443
libsys/arm: include ARM EABI unwind bits into libsys
libsys required ARM EABI unwind symbols like __aeabi_unwind_cpp_pr0.
These symbols are normally provided by libc, but if a binary does
not link libc, the symbol ends up not being resolved.
Among other problems, this prevented gcc14 and newer from building
on arm.
Add the relevant symbols as hidden symbols into libsys to avoid this
problem.
(this patch was posted by jrtc27 who has asked me to move it along)
PR: 292539
Tested by: fuz, Mark Millard <marklmi26-fbsd at yahoo.com>
Reviewed by: mmel
Approved by: markj (mentor)
MFC after: 1 week
[3 lines not shown]
libc/arm: use __builtin_trap() instead of abort() in aeabi_unwind stubs
This avoids a dependency on the abort symbol in libsys.
PR: 292539
Reviewed by: mmel
Approved by: markj (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D55255
(cherry picked from commit 1782bc9a0a8da2d6aca31b7790981e1980c9e4b9)
i386,amd64: Explicitly set ECX=0 in do_cpuid() to be future-proof
In principle, do_cpuid() should only be used for CPUID leaves without
sub-leaves. Even accessing sub-leaf zero (ECX=0), one must use
cpuid_count(ax, 0) rather than cpuid(ax).
However, one might assume do_cpuid(ax) is equivalent to
cpuid_count(ax, 0), but the old do_cpuid() did not initialize ECX before
executing the CPUID instruction. If ECX contained a non-zero value, the
instruction could return unexpected results, potentially leading to
subtle and hard-to-debug issues, especially in ported code.
To be future-proof and to help port code, adjust do_cpuid(ax) to be
cpuid_count(ax, 0) to explicitly set ECX=0.
It's believed that this change does not fix any real bugs in FreeBSD.
See also the DragonFly commit:
https://github.com/DragonFlyBSD/DragonFlyBSD/commit/0087a1d163488a57787a9a6431dd94070b1988d4
[4 lines not shown]
hwpstate_amd(4): Fix punctuation in 'desired_performance' knob's description
To be consistent with that of the others.
No functional change.
Sponsored by: The FreeBSD Foundation
hwpstate_amd(4): CPPC: Switch the default to maximum performance
Set controls to maximum performance to avoid regressions now that CPPC
is activated by default and to match what the P-state support does.
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D55253
cpufreq(4): cpufreq_levels_sysctl(): Remove always false NULL test
'sc->levels_buf' is initialized with malloc(M_WAITOK), so can never be
NULL. Another sysctl handler function (cpufreq_curr_sysctl()) already
relies on that.
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
hwpstate_amd(4): CPPC: Allow attaching even if CAPABILITY_1 cannot be read
If that MSR cannot be read, we fallback to defaults specified by the
ACPI specification, as we are already doing when the minimum and maximum
values in there look bogus.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D55252
hwpstate_amd(4): Consistency of cached CPPC_REQUEST value
If writing to the CPPC_REQUEST MSR fails, make sure we do not set the
softc's 'cppc.request' field to the intended new value. Both
set_cppc_request_cb() and enable_cppc_cb() were changed to this effect.
In case enable_cppc_cb() could not read CPPC_REQUEST, mark that through
a new softc flag, HWPFL_CPPC_REQUEST_NOT_READ, so that we do not keep
and use a wrong value when the content of CPPC_REQUEST is read/written
through sysctl(9) knobs, but instead retry reading the MSR (this is the
purpose of the new get_cppc_request() sub-function).
When setting CPPC_REQUEST has failed, distinguish the case where it
could not be read at all from the case where it could not be written, by
respectively returning EIO and EOPNOTSUPP in these cases. The previous
return value of EFAULT was confusing as sysctl(3) documents it as
happening if the passed arguments are invalid.
While here, add some herald comment before sysctl_cppc_dump_handler()
[5 lines not shown]
chore: asmc: use designated initializers in macros
This code cleanup makes it easier for human readers to understand what each
of the fields actually represents, as well as makes it easier to modify
what the macros actually do under the covers, without introducing
potential human errors.
No functional change intended.
MFC after: 1 week
asmc: use symbolic names with the MacPro3,1 model
Use `ASMC_LIGHT_FUNCS_DISABLED` and `ASMC_SMS_FUNCS_DISABLED` instead of
the unrolled versions of the macros.
This makes it easier to adjust the underlying macros/fields for
`struct asmc_model`.
No functional change intended.
MFC after: 1 week
asmc: use `ASMC_FAN_FUNCS2` with the Macmini4,1
The Macmini4,1 model does not have "fansafespeed" support. This issue
typically manifests with messages like so:
```
asmc0: asmc_key_read for key F0Sf failed 10 times, giving up
```
Swap out `ASMC_FAN_FUNCS` with `ASMC_FAN_FUNCS2` to explicitly drop
"fansafespeed" checks in the driver for the model as it doesn't support
that hardware feature.
MFC after: 1 week
Reported by: @probonopd
Closes: https://github.com/helloSystem/ISO/issues/357
ipfilter: Fix possible overrun
The destination buffer is FR_GROUPLEN (16 bytes) in length. When
gname is created, the userspace utilities correctly use FR_GROUPLEN
as the buffer length. The kernel should also limit its copy operation to
FR_GROUPLEN bytes to avoid any user written code from exploiting this
vulnerability.
Reported by: Ilja Van Sprundel <ivansprundel at ioactive.com>
(cherry picked from commit e40817302ebdf89df2f3bcd679fb7f2a18c244dc)
ipfilter: Interface name must not extend beyond end of buffer
sifpidx (an interface name) cannot extend beyond the end of the
fr_names buffer.
We do the validation for fr_sifpidx here because it is a union that
contains an offset only when fr_sifpidx points to an interface name,
an offset into fr_names. The union is an offset into fr_names in this
case only.
interr_tbl now becomes a static variable outside a function to facilitate
its use by two functions within fil.c
Note that sifpidx is only used in ipf_sync() which implments ipf -y.
Reported by: Ilja Van Sprundel <ivansprundel at ioactive.com>
MFC after: 1 week
(cherry picked from commit 47fb51847fdea3f1cce841b5f2bbbcd6f8a04ee0)
ipfilter: Interface name must not extend beyond end of buffer
sifpidx (an interface name) cannot extend beyond the end of the
fr_names buffer.
We do the validation for fr_sifpidx here because it is a union that
contains an offset only when fr_sifpidx points to an interface name,
an offset into fr_names. The union is an offset into fr_names in this
case only.
interr_tbl now becomes a static variable outside a function to facilitate
its use by two functions within fil.c
Note that sifpidx is only used in ipf_sync() which implments ipf -y.
Reported by: Ilja Van Sprundel <ivansprundel at ioactive.com>
MFC after: 1 week
(cherry picked from commit 47fb51847fdea3f1cce841b5f2bbbcd6f8a04ee0)
ipfilter: Fix possible overrun
The destination buffer is FR_GROUPLEN (16 bytes) in length. When
gname is created, the userspace utilities correctly use FR_GROUPLEN
as the buffer length. The kernel should also limit its copy operation to
FR_GROUPLEN bytes to avoid any user written code from exploiting this
vulnerability.
Reported by: Ilja Van Sprundel <ivansprundel at ioactive.com>
(cherry picked from commit e40817302ebdf89df2f3bcd679fb7f2a18c244dc)
ipfilter: Interface name must not extend beyond end of buffer
sifpidx (an interface name) cannot extend beyond the end of the
fr_names buffer.
We do the validation for fr_sifpidx here because it is a union that
contains an offset only when fr_sifpidx points to an interface name,
an offset into fr_names. The union is an offset into fr_names in this
case only.
interr_tbl now becomes a static variable outside a function to facilitate
its use by two functions within fil.c
Note that sifpidx is only used in ipf_sync() which implments ipf -y.
Reported by: Ilja Van Sprundel <ivansprundel at ioactive.com>
MFC after: 1 week
(cherry picked from commit 47fb51847fdea3f1cce841b5f2bbbcd6f8a04ee0)
ipfilter: Fix possible overrun
The destination buffer is FR_GROUPLEN (16 bytes) in length. When
gname is created, the userspace utilities correctly use FR_GROUPLEN
as the buffer length. The kernel should also limit its copy operation to
FR_GROUPLEN bytes to avoid any user written code from exploiting this
vulnerability.
Reported by: Ilja Van Sprundel <ivansprundel at ioactive.com>
(cherry picked from commit e40817302ebdf89df2f3bcd679fb7f2a18c244dc)
