Revert "sys: Bump 32-bit kernel removal to 16.0"
32-bit powerpc and i386 kernels still exist in 14.x, so we don't want to
imply that those may persist until 16.0. The message only claims that
the kernels "may be" removed in 15.0 anyhow.
This reverts commit c19688407a2c797e74762aebd90c1f1cc70ab726.
Reported by: jhb
proc: Fix proc_init / proc_dtor ordering issues
* Move the initialization of p_ktr into proc_init() and make the check
in proc_dtor() unconditional. Prior to this, it was possible to fail
and invoke proc_dtor() after the first thread had been created (which
was the condition for checking p_ktr in proc_dtor()) but before p_ktr
had been initialized.
* Move the p_klist initialization in fork1() past the last possible
failure point so we don't have to free it on failure. We didn't,
which meant we were leaking a knlist every time we failed to fork
due to hitting the resource limit.
PR: 291470
MFC after: 1 week
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D54215
(cherry picked from commit 026d962ef14dafe19fa73361bea6dcc95f141dfa)
ipfilter: Prevent stack buffer overflow
When copying ipfs data from user space, don't just check that the payload
length is nonzero, but also that it does not exceed the size of the stack
buffer we're copying it into.
While we're at it, use a union to create a buffer of the exact size we
need instead of guessing that 2048 will be enough (and not too much).
Finally, check the size of the payload once it gets to where it's used.
MFC after: 3 days
Reported by: Ilja Van Sprundel <ivansprundel at ioactive.com>
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D54194
(cherry picked from commit a34c50fbd2a52bb63acde82e5aec4cb57880e39b)
vfs: Let prison_enforce_statfs zero the fsid
Currently, we unconditionally zero the fsid before returning a struct
statfs to a jailed process. Move this into prison_enforce_statfs() so
it only happens if enforce_statfs is greater than 1, or enforce_statfs
is 1 but the mountpoint is outside the jail.
PR: 291301
MFC after: 1 week
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D54214
(cherry picked from commit d4f25d0c7957f0f1960028eec82625c2d6405537)
ipfilter: Prevent stack buffer overflow
When copying ipfs data from user space, don't just check that the payload
length is nonzero, but also that it does not exceed the size of the stack
buffer we're copying it into.
While we're at it, use a union to create a buffer of the exact size we
need instead of guessing that 2048 will be enough (and not too much).
Finally, check the size of the payload once it gets to where it's used.
MFC after: 3 days
Reported by: Ilja Van Sprundel <ivansprundel at ioactive.com>
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D54194
(cherry picked from commit a34c50fbd2a52bb63acde82e5aec4cb57880e39b)
vfs: Let prison_enforce_statfs zero the fsid
Currently, we unconditionally zero the fsid before returning a struct
statfs to a jailed process. Move this into prison_enforce_statfs() so
it only happens if enforce_statfs is greater than 1, or enforce_statfs
is 1 but the mountpoint is outside the jail.
PR: 291301
MFC after: 1 week
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D54214
(cherry picked from commit d4f25d0c7957f0f1960028eec82625c2d6405537)
proc: Fix proc_init / proc_dtor ordering issues
* Move the initialization of p_ktr into proc_init() and make the check
in proc_dtor() unconditional. Prior to this, it was possible to fail
and invoke proc_dtor() after the first thread had been created (which
was the condition for checking p_ktr in proc_dtor()) but before p_ktr
had been initialized.
* Move the p_klist initialization in fork1() past the last possible
failure point so we don't have to free it on failure. We didn't,
which meant we were leaking a knlist every time we failed to fork
due to hitting the resource limit.
PR: 291470
MFC after: 1 week
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D54215
(cherry picked from commit 026d962ef14dafe19fa73361bea6dcc95f141dfa)
ipfilter: Prevent stack buffer overflow
When copying ipfs data from user space, don't just check that the payload
length is nonzero, but also that it does not exceed the size of the stack
buffer we're copying it into.
While we're at it, use a union to create a buffer of the exact size we
need instead of guessing that 2048 will be enough (and not too much).
Finally, check the size of the payload once it gets to where it's used.
MFC after: 3 days
Reported by: Ilja Van Sprundel <ivansprundel at ioactive.com>
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D54194
(cherry picked from commit a34c50fbd2a52bb63acde82e5aec4cb57880e39b)
proc: Fix proc_init / proc_dtor ordering issues
* Move the initialization of p_ktr into proc_init() and make the check
in proc_dtor() unconditional. Prior to this, it was possible to fail
and invoke proc_dtor() after the first thread had been created (which
was the condition for checking p_ktr in proc_dtor()) but before p_ktr
had been initialized.
* Move the p_klist initialization in fork1() past the last possible
failure point so we don't have to free it on failure. We didn't,
which meant we were leaking a knlist every time we failed to fork
due to hitting the resource limit.
PR: 291470
MFC after: 1 week
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D54215
(cherry picked from commit 026d962ef14dafe19fa73361bea6dcc95f141dfa)
vm: Fix kstack alignment assertion
The expectation that the allocation will be aligned to the kstack size
only applies when allocating from a kstack arena, not when allocating a
non-standard size from the kernel arena.
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: NetApp, Inc.
Fixes: 7a79d0669761 ("vm: improve kstack_object pindex calculation to avoid pindex holes")
Reviewed by: bnovkov, siderop1_netapp.com
Differential Revision: https://reviews.freebsd.org/D54171
(cherry picked from commit a35545ee02680cee04c354b50182dd94d4489666)
vfs: Let prison_enforce_statfs zero the fsid
Currently, we unconditionally zero the fsid before returning a struct
statfs to a jailed process. Move this into prison_enforce_statfs() so
it only happens if enforce_statfs is greater than 1, or enforce_statfs
is 1 but the mountpoint is outside the jail.
PR: 291301
MFC after: 1 week
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D54214
(cherry picked from commit d4f25d0c7957f0f1960028eec82625c2d6405537)
usr.bin: Remove intrinsic utilities
These utilities can only function correctly if implemented as shell
builtins and exist only because POSIX previously required them. As of
POSIX 2024, they have all been reclassified as intrinsic utilities and
are no longer required to exist in PATH. We can therefore retire them.
Cf. XBD 1.7, XRAT C.1.8, Austin Group bug 854.
Note that kill(1) is also considered an intrinsic utility (because
only the shell can interpret job IDs correctly), but we have a working
standalone implementation, which we will keep.
PR: 291686
Relnotes: yes
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D54239
netlink: Don't overwrite existing data in a linear buffer in snl_writer
First, a bit of background on some of the data structures netlink uses
to manage data associated with a netlink connection.
- struct linear_buffer contains a single virtually-contiguous buffer
of bytes. Regions of this buffer are suballocated via lb_allocz()
which uses a simple "bump" where the buffer is split into an
allocated region at the start and a free region at the end. Each
allocation "bumps" the boundary (lb->offset) forward by the
allocation size.
Individual allocations are not freed. Instead, the entire buffer is
freed once all of the allocations are no longer in use.
Linear buffers also contain an embedded link to permit chaining
buffers together.
- snl_state contains various state for a netlink connection including
[52 lines not shown]
tcp: fix checksum calculation bug
The new function in_delayed_cksum_o() was introduced to compute
the checksum in the case the mbuf chain does not start with the
IP header. The offset of the IP header is specified by the
parameter iph_offset.
If iph_offset was positive, the function computed an incorrect
checksum.
Reviewed by: sobomax, tuexen
Fixes: 5feb38e37847 ("netinet: provide "at offset" variant of the in_delayed_cksum() API")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D54269
vtnet: expose features via sysctl tree
Right now the 64-bit flags field needs to be casted to a 32-bit field,
because clang warns if more than 32-bits are used.
Once clang is fixed, this restriction will be removed and more bits
will be added.
Reviewed by: markj, Timo Völker
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D54288
printf.9: Support more than 32 bits in %b
This will be usable after clang has been extended to accept length
modifiers for %b when compiling kernel code.
But we need FreeBSD to support it first...
Reviewed by: markj, Timo Völker
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D54286
ipf: copy{in,out}ptr -> ipf_copy{in,out}_indirect
These functions take the source or destintation address indirectly from
a potentially missaligned buffer. Rename them to refect this and to
free up the copy{in,out}ptr names.
Some of the code in question is dead code and doesn't or won't compile,
but I've changed it all for consistency.
NB: If the pointers are actually stored under aligned then this code is
broken with CHERI.
Reviewed by: cy
Effort: CHERI upstreaming
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D54232
thread0: Clear td_rux stats in proc0_post
proc0_post aims to reset the CPU usage accounting for all threads and
processes in the system to zero once the time of day is verified.
However, not all of the per-thread stats were not being cleared,
resulting in over-reported time for thread0 post-boot.
Reviewed by: olce, kib, markj
Fixes: bed4c5241663 ("Implement RUSAGE_THREAD. Add td_rux...")
Differential Revision: https://reviews.freebsd.org/D54040
(cherry picked from commit dafe50ebd874ca3ccd5908c441cee9f478c501f0)
bsdinstall: Mount /dev and /packages after using the shell to partition disks
Normally after partitions are created by the installer, the 'mount'
script is used to mount the target disk partitions under /mnt. The
tail end of this script also mounts a couple of additional filesystems
under /mnt so that chrooted programs can work such as devfs and
/packages.
When the "Shell" option is used to permit the user to manually mount
the destination filesystem, the "mount" script is not used as the user
is instructed to mount the target filesystems and construct
/mnt/etc/fstab, etc. However, this means that the user is responsible
for mounting devfs (which is not included in /etc/fstab) and /packages
as well. The help message for the "Shell" option doesn't mention
these requirements, so users may not know to do so. This can lead to
confusing errors as chrooted commands can fail to find needed /dev
entries. For example, running fwget to fetch wireless firmware fails
because /dev/pci doesn't exist.
[12 lines not shown]
proc0_post: Clear relevant thread stats directly
rufetch() has several other effects besides clearing these per-thread
stats most of which are explicitly discarded by the subsequent calls
to ruxreset(). Just clear the relevant stats directly instead.
Reviewed by: olce, kib, markj
Differential Revision: https://reviews.freebsd.org/D54050
(cherry picked from commit acd02443a952b1f5412d35d03f081ad48bae34d7)
thread0: Stop calling thread0 "swapper"
Just leave it as "kernel". While here, replace "parked" with "-" (the
typical wait channel for idle threads).
Reviewed by: olce, kib, markj
Differential Revision: https://reviews.freebsd.org/D54039
(cherry picked from commit 431b3b224db2a69d09c359ce1cfb37ba3da4705c)
