Add O_SYMLINK emulation
for MacOSX partial compatibility, defined as O_PATH | O_NOFOLLOW.
fstat(2) and freadlink(3) works on the resulting file descriptors,
but reads on the regular file do not.
More complete but more hackish version was developed but deemed too
hackish.
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D56365
tests/carp: Rework unicast_v4
For unicast tests, it is sufficient to use wait_for_carp() to verify
the setup is sane. Additional sanity checks are not necessarily
required but can serve purpose for redundancy.
For some unclear reason routed(8) is advertising route to carp BACKUP.
That makes the test flaky. Also routed(8) is marked deprecated and may
be removed from base in the future. Let's just add static route entry
manually for additional sanity checks.
Other noticeable changes:
1. Add atf_check to configuration steps to prevent potential failure
on setup. That helps diagnosing on failure.
2. Shorten the names of jails to improve readability.
3. Prefer `[ifconfig|route|sysctl] -j` over `jexec [ifconfig|route|sysctl]`
to make the lines shorter.
MFC note: At the time writing, routed(8) does not know carp addresses
[11 lines not shown]
tests/carp: make a 0.2 second pause before configuring second jail
for all scenarios where both jails have same priority/advskew. There is a
tiny chance that on both sides carp_master_down() will be executed in
parallel and advertisements will also fly through the bridge(4) in
parallel, thus both sides will switch to MASTER before receiving the
announcement from peer. This makes the test to fail. So far this
flakyness was observed for carp:vrrp_v4 only, but in theory it is possible
for any of the patched scenarios.
Note that this sleep does not prolong execution of the tests, as the first
jail is already configured, and if we slept before configuring the second,
we would sleep less in wait_for_carp().
(cherry picked from commit 27ff90cd3d8d2ac8198f30cbebeefb15a49d41bc)
(cherry picked from commit ad2fff6d6a4d74b6bb9008e447eafc567e8660e0)
blacklistd: Fix RFC1918 typo
This is a direct commit to the stable/14 branch, partially cherry picked
from commit 5a6d9479ae2271a97dd23ceee8ad284770302874, as the stable/14
branch only has blacklistd.
The address in the configuration file example was intended to be from
the 192.168.0.0/16 range of IPv4 private addresses (RFC1918).
Reported on mastodon.social at
https://mastodon.social/@asmodai/116316630762241486.
Fix submitted upstream by emaste@. Fixing locally first.
Reported by: asmodai
Reviewed by: emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D56773
libc: correct posix_spawn_file_actions_init ENOMEM error
The return value of posix_spawn_file_actions_init() is an error number.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D56911
tests/carp: make a 0.2 second pause before configuring second jail
for all scenarios where both jails have same priority/advskew. There is a
tiny chance that on both sides carp_master_down() will be executed in
parallel and advertisements will also fly through the bridge(4) in
parallel, thus both sides will switch to MASTER before receiving the
announcement from peer. This makes the test to fail. So far this
flakyness was observed for carp:vrrp_v4 only, but in theory it is possible
for any of the patched scenarios.
Note that this sleep does not prolong execution of the tests, as the first
jail is already configured, and if we slept before configuring the second,
we would sleep less in wait_for_carp().
(cherry picked from commit 27ff90cd3d8d2ac8198f30cbebeefb15a49d41bc)
tests/carp: Rework unicast_v4
For unicast tests, it is sufficient to use wait_for_carp() to verify
the setup is sane. Additional sanity checks are not necessarily
required but can serve purpose for redundancy.
For some unclear reason routed(8) is advertising route to carp BACKUP.
That makes the test flaky. Also routed(8) is marked deprecated and may
be removed from base in the future. Let's just add static route entry
manually for additional sanity checks.
Other noticeable changes:
1. Add atf_check to configuration steps to prevent potential failure
on setup. That helps diagnosing on failure.
2. Shorten the names of jails to improve readability.
3. Prefer `[ifconfig|route|sysctl] -j` over `jexec [ifconfig|route|sysctl]`
to make the lines shorter.
MFC note: At the time writing, routed(8) does not know carp addresses
[10 lines not shown]
tests/carp: make sleep interval in the wait loop smaller
Makes tests to finish slightly faster.
(cherry picked from commit e353cbffd600ae3c00c8584dddcabf9d0ae1202a)
tests/carp: kill routed(8) before destroying interfaces
Otherwise routed logs a warning:
"MCAST_LEAVE_GROUP ALLROUTERS: Can't assign requested address"
that may be misinterpreted as a problem.
(cherry picked from commit 8596810d02a1e361e0312d116339aa106aca4b19)
pf: do not reject rules with colliding hashes
We insert rules in pf_krule_global solely for the benefit of the
'keepcounters' feature. Failing to insert (beause the rule hash
collides, or an identical rule already exists) would be worse than
restoring counts to the wrong rule (or failing to restore them at all).
PR: 282863, 294860, 294859, 294858
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D56745
(cherry picked from commit a0e4c65f1814a7a677364dc29bb703f84323d175)
pci: use uint32_t for eecp
eecp holds the extended capability offset. If that offset is larger
than 0xff, storing it in uint8_t truncates it, which can make the
early EHCI/XHCI capability walk read the wrong location and loop during
boot.
Seen on AMD device 1022:151e, where HCCPARAMS1 = 0x0118ffc5 and the
first xHCI extended capability offset is 0x460. Widen eecp to uint32_t
in xhci_early_takeover(), matching xhci_pci_take_controller().
Signed-off-by: Gisle Nes <gisle at gisle.net>
Reviewed by: zlei, aokblast
MFC after: 3 days
Pull Request: https://github.com/freebsd/freebsd-src/pull/2127
Closes: https://github.com/freebsd/freebsd-src/pull/2127
BSD.root.dist: Correct tag for /etc/sysctl.kld.d
This is only used by rc.subr and belongs in rc, not runtime.
Fixes: fa6d67cd16b5 ("BSD.root.dist: Add package tag for all directories")
MFC after: 3 days
Reviewed by: ivy
Differential Revision: https://reviews.freebsd.org/D56900
pf: do not reject rules with colliding hashes
We insert rules in pf_krule_global solely for the benefit of the
'keepcounters' feature. Failing to insert (beause the rule hash
collides, or an identical rule already exists) would be worse than
restoring counts to the wrong rule (or failing to restore them at all).
PR: 282863, 294860, 294859, 294858
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D56745
(cherry picked from commit a0e4c65f1814a7a677364dc29bb703f84323d175)
fsck_msdosfs: fix FAT header correction not persisting in cache mode
When fsck_msdosfs runs with FAT32 cache mode (used for large
filesystems that cannot be mmap'd), a detected FAT header correction
was written into the in-memory buffer but the corresponding cache
entry (fat32_cache_allentries[0]) was never marked dirty. As a
result, fat_flush_fat32_cache_entry() skipped it, the corrected
bytes were never written to disk, and copyfat() propagated the
uncorrected on-disk data to all backup FAT copies. Every subsequent
fsck run would repeat the same "FAT starts with odd byte sequence /
FIXED" cycle indefinitely.
Fix by marking fat32_cache_allentries[0].dirty = true after applying
the in-memory correction, ensuring the chunk is flushed before
copyfat() runs.
Obtained from: https://android-review.googlesource.com/c/platform/external/fsck_msdos/+/4047981
MFC after: 3 days
