nullfs: close a race when syncing inotify flags from the lower vnode
After a bypassed VOP, nullfs mirrors the lower vnode's inotify state
onto the upper vnode. The flags were checked with lockless reads
before being updated with the asserting flag set/unset primitives, so
two threads syncing the same vnode concurrently (or a sync racing a
watch being established) could both decide to make the same change;
the loser then trips the "flags already set" assertion on an
INVARIANTS kernel. On other kernels the race is harmless.
Keep the lockless check as the fast path, but re-make the decision
under the vnode interlock before actually changing the flags.
Reproduced in a 4-CPU VM with one thread cycling an inotify watch on
a lower-filesystem file while several threads stat(2) the same file
through a nullfs mount: the unpatched INVARIANTS kernel panics under
this load, the patched kernel runs it to completion.
Fixes: f1f230439fa4 ("vfs: Initial revision of inotify")
[4 lines not shown]
certctl: Enforce 0444 mode on new files
When writing to a file, call fchmod() to ensure the file mode matches
the intended mode, which is 0444. This was already done when replacing
an existing file, but not when creating a new file, which meant if the
process umask was 077, the resulting certificates and bundle would be
unreadable by unprivileged users.
MFC after: 1 week
Reviewed by: des
Differential Revision: https://reviews.freebsd.org/D58304
i386: supply thermal interrupt handler
This fixes a build break for i386.
Reviewed by: kib, olce, Koine Yuusuke <koinec at yahoo.co.jp>
Fixes: 87ba088fa310 ("x86/local_apic.c: Add support for installing a thermal interrupt handler")
Differential Revision: https://reviews.freebsd.org/D58332
dpaa2: Apply if_flags and MAC filters in dpaa2_ni_init()
dpaa2_ni_init() only enabled the DPNI object; it never pushed the
promiscuous/allmulti state or the multicast filter table to the MC
firmware. The SIOCSIFFLAGS handler ignores flag changes that arrive
while the interface is down, yet still latches them into sc->if_flags,
so a promiscuous mode request made before the first up was silently
lost and could never be applied afterwards: the up path runs
dpaa2_ni_init(), which did not read the flags, and every later
SIOCSIFFLAGS compares against the already-latched value and sees no
change.
This is exactly what happens when if_bridge adds a dpni member while
the dpni is still down, e.g. rc.conf's
create_args_bridge0="... addm dpni0"
running at bridge clone time, before ifconfig_dpni0="up" is processed.
bridge_ioctl_add() puts the member into promiscuous mode at addm time;
[18 lines not shown]
vm_phys: Add a sysctl to dump registered fictitious memory ranges
I've wanted this a couple of times in the past. Save the memattr in
the fictitious memory segment structure so that we can report it from
the sysctl handler, and add conversion routines for each platform.
Reviewed by: kib
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D58283
bhyve: add configurable SMBIOS OEM Strings
Add the option "oemstring" to allow setting the DMI type 11 ("OEM
Strings") SMBIOS structure. These are free-form strings, available for
any purpose, but can be especially useful to pass configuration,
secrets, and credential information into a Linux guest and consumed by
systemd.
MFC after: 1 month
Relnotes: yes
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57516
tcp: Align PRR implementation with RFC 9937
- Early return when no new data is delivered
- Switching from PRR-CRB to PRR-SSRB only when both SND.UNA advances and no further loss is indicated.
- Accounting for sequence ranges SACKed before entering recovery in RecoverFS calculation.
- Force a fast retransmit upon entering recovery when prr_out is 0 AND SndCnt is 0.
- Set cwnd to ssthresh post recovery.
Obtained from: mohnishhemanthkumar_gmail.com
Reviewed by: rscheff, tuexen
Differential Revision: https://reviews.freebsd.org/D56535
MFC after: 3 months
nfs_clstate.c: Fix handling of delegation upgrades
Commit 016570c4463d modified the client to handle
the upgrade of a read delegation to a write delegation,
where the server provides the same delegation stateid
to the client. However, it failed to check if the
delegation structure was currently in use. Without this
patch, if the structure was in use, a use after free
could occur.
This patch handles the "in use" case by copying the
necessary fields into the current/old structure and
free's the new one instead of the old one that is
"in use".
PR: 296224
(cherry picked from commit fe6677e7f440d1aa52de036639efc55047ab9a2b)
nfs_clstate.c: Fix handling of delegation upgrades
Commit 016570c4463d modified the client to handle
the upgrade of a read delegation to a write delegation,
where the server provides the same delegation stateid
to the client. However, it failed to check if the
delegation structure was currently in use. Without this
patch, if the structure was in use, a use after free
could occur.
This patch handles the "in use" case by copying the
necessary fields into the current/old structure and
free's the new one instead of the old one that is
"in use".
PR: 296224
(cherry picked from commit fe6677e7f440d1aa52de036639efc55047ab9a2b)
arm64/vmm: Fix vgic_v3 dropping EOI for disabled IRQs
Now that IRQs can properly be disabled by GICD_ICENABLERn, an EOI for a
disabled IRQ ends up being lost, since we don't assign it to a list
register and don't enable maintenance interrupts for such cases. As a
result, we keep the IRQ active, which stops it from ever being delivered
again (which would be true even if we supported the active and pending
state). Keep disabled but active IRQs around in list registers so we can
see the EOI having taken place in a future sync (noting that since we
already don't create list registers in active and pending state there
are no concerns with causing a disabled IRQ to be delivered).
Fixes: 47e073941f4e ("Import the kernel parts of bhyve/arm64")
MFC after: 1 week
arm64/vmm: Fix vgic_v3 copy paste error for writing to GICD_ICENABLERn
Otherwise we try to disable the wrong IRQ.
Fixes: 47e073941f4e ("Import the kernel parts of bhyve/arm64")
MFC after: 1 week
LinuxKPI: 802.11: stop ieee80211_start_tx_ba_session() if no HT supported
rtw89(4) would constantly try to start a TX BlockACK session even if no
HT or higher was available. The only way to stop this (currently) is
to return -EINVAL instead of any other error.
Note: we should investigate if/when to call (*set_tid_config)() as that
will also offer the ability to forbid BA.
Sponsored by: The FreeBSD Foundation
Reported by: arved, bnovkov
Tested by: bnovkov
MFC after: 3 days
man: Fix RFC 1918 network prefix lengths
According to RFC 1918, the following IP prefixes are reserved for
private internets:
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
This PR fixes the prefix lengths in references to private networks
("RFC 1918 networks", "the standard private IP address ranges").
The changes are limited to man pages.
Signed-off-by: Yusuke Ichiki <public at yusuke.pub>
Pull Request: https://github.com/freebsd/freebsd-src/pull/2328
MFC after: 3 days
LinuxKPI: skbuff: add initial page pool support
Add an internal flag which is set by skb_mark_for_recycle() and upon
"skb_free" then selects whether the skb is freed or returned to the
page pool.
There will likely be more details to figure out once the LinuxKPI page
work is done and we support more of the page pool than the bare minimum.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
mt76: disable debugfs due to missing piece still in review
Until D57524 is not reviewed and committed we will have a missing
function declaration which prevents us to compile (in) debugfs for
mt76 core and mt7921. Temporary disable debugfs again.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
LinuxKPI: skbuff: add skb_put_zero()
Add skb_put_zero() as a simple wrapper around __skb_put_zero().
Sponsored by: The FreeBSD Foundation
MFC after: 3 days