jail: Don't define malloc type M_PRISON_RACCT on !RACCT
Reviewed by: emaste, jamie
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54271
vmem: Fix the gcc build
gcc complains when building libuvmem because the last two operands of ?:
in ORDER2SIZE and SIZE2ORDER have different signs. Add explicit casts
to address this.
Reported by: Jenkins
Reviewed by: alc, kib
MFC after: 1 week
Fixes: 1ecf01065b45 ("libuvmem: usermode port of vmem(9)")
Differential Revision: https://reviews.freebsd.org/D54268
snmp_pf: fix refresh
Some refresh functions had two layers of 'do we need to refresh now?'
checks, leading to inconsistent refreshes.
Consolidate them.
PR: 291725
Sponsored by: Rubicon Communications, LLC ("Netgate")
vtnet: define flags in a consistent way
This allows adding flags in the upper 32 bits in a consistent way.
No functional change intended.
MFC after: 1 week
if_rge: fix typo in man page
Fix the list of devices supported by the driver: RTL8125 occured
twice, should have been RTL8127 in one case.
Approved by: adrian
if_tuntap: defer transient destroy_dev() to a taskqueue
We're in the dtor, so we can't destroy it now without deadlocking after
recent changes to make destroy_dev() provide a barrier. However, we
know there isn't any other dtor to run, so we can go ahead and clean up
our state and just prevent a use-after-free if someone races to open
the device while we're trying to destroy it. tunopen() now uses the
net epoch to protect against softc release by a concurrent
tun_destroy().
While we're here, allow a destroy operation to proceed if we caught a
signal in cv_wait_sig() but tun_busy dropped to 0 while we were waiting
to acquire the lock.
This was more of an inherent design flaw, rather than a bug in the
below-refed commit.
Reviewed by: kib, markj
(cherry picked from commit 96c1d8db39dfeea78ea3f27d67649252a39bbf2e)
unionfs: Support renaming symbolic links
This adds support for renaming a symbolic link found on the lower fs,
which necessitates copying it to the upper fs, as well as basic tests.
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: NetApp, Inc.
Reviewed by: olce, siderop1_netapp.com, jah
Differential Revision: https://reviews.freebsd.org/D54229
tests/ci: Fix building in Github
When we are using Cirrus-CI and using a PR branch it creates a filename
in the form "pull/XXXX" which becomes a path seperator and the file
creation process fails.
Fails to complete the process with the following:
/bin/sh: cannot create
/tmp/meta.hUNGUq/ci-FreeBSD-16.0-pull/1932-amd64-nullhash-GENERIC.env:
No such file or directory
For future also apply the same regex for OSRELEASE and VOLUME_LABEL.
ixgbe: Remove unused function ixgbe_is_media_cage_present
Remove the unused function ixgbe_is_media_cage_present that
generates a compiler warning.
Signed-off-by: Yogesh Bhosale yogesh.bhosale at intel.com
Reported by: markj
Differential Revision: https://reviews.freebsd.org/D52467
(cherry picked from commit 275f7d72ff6a71bbe46b4282a88f0ea9a24be22a)
LinuxKPI: Move vmap-related code from linux_compat.c to linux_page.c
Coming vmap_pfn() implementation requires is_vmalloc_addr() to be in
the same file with other vmap-related code. Move code out from the
overcrowded file. No functional changes intended.
MFC after: 1 week
Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D54223
vlan: plug a new panic associated with interface removal
The ac6a7f621668 enabled execution of vlan_clone_dump_nl(), which
previously was effectively disabled. The function itself was added back
in 089104e0e01f0. This exposed a bug when Netlink dumps info on all
interfaces using a dangerous KPI if_foreach_sleep(), which may call its
callbacks on completely detached interfaces, hanging on the last
reference. The ifc_dump_ifp_nl_default() is able to digest such interface
without a panic, but vlan_clone_dump_nl() can't. Neither of the above
revisions is the actual culprit, rather it is design problem of detaching
interfaces and if_foreach_sleep().
Plug the problem with removing pointer to freed memory on detach and
making a NULL check later.
Reported by: pho
devfs: make destroy_dev() a release barrier for cdevpriv destructors runs
Ensure that all destructors for cdevpriv finished running before
destroy_dev() returns to the caller. Otherwise, since
devfs_destroy_cdevpriv() removes the cdevpriv data from the list, drops
the cdevpriv_mtx, and then starts the destructor, it is possible for
destroy_dev() to return before destructor finished in other thread.
This should allow drivers to safely remove cdev instance data that might
be referenced by cdevpriv data.
Diagnosed by: kevans
Reviewed by: kevans, markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D53303
(cherry picked from commit 4dbe6628179d8e6bf400bfdb4bfa869bdc102a56)
bpf: virtualize bpf_iflist
The reason the global list worked before 8774a990ee40 is that bpf_setif()
used if_unit(), which is a VNET-aware function, and then went through the
global list looking for bpf_if with matching pointer.
PR: 291735
Fixes: 8774a990ee4094f16d596d4b78e0f3239e5d0c88
.cirrus.yml: Add persistent worker
As we have received an external box sponsored by NetActuate we can now
enable the pre-commit tasks to be run in this box.
Once we have enabled this debug if there are any errors and after
confirmation we can enable this for other tasks too.
Sponsored by: NetActuate
Sponsored by: The FreeBSD Foundation
Approved by: emaste, lwhsu
Differential Revision: https://reviews.freebsd.org/D54220
example.3: Show updated library macro usage
The LIBRARY section has been deprecated by upstream.
Show the updated usage of the Lb macro in SYNOPSIS.
Fixes: 4c07abdbacf49 (mandoc: Vendor import of upstream at 2025-06-13)
examples/mdoc: Remove document description quotes
Quotes in roff do not work the way quotes in shell do,
remove them from the examples to hopefully lead less people astray.
MFC after: 3 days
bectl: log modifying functions to zpool history
Modeled directly after the method used by the zfs/zpool commands: flag
commands with a "please log me" flag, and when there, reconstruct the
command line. On success, call the library function to add it to the
log.
(Majority of the change by Rob; minor edits by kevans@)
Signed-off-by: Rob Norris <rob.norris at klarasystems.com>
Co-authored-by: Kyle Evans <kevans at FreeBSD.org>
Sponsored by: Modirum MDPay
Sponsored by: Klara, Inc.
sdhci: Try to complete the last transaction if dumping
If the kernel panics while a thread is in the middle of an SDHCI
transaction, trying to dump to a dump target on the MMC would result in
a hang. Fix this by completing the transaction first.
Reviewed by: imp
Obtained from: Hewlett Packard Enterprise
Differential Revision: https://reviews.freebsd.org/D54255
vmm: Add ability to destroy VMs on close
This change adds the ability to tie a virtual machine's lifecycle to
a /dev/vmmctl file descriptor. A user can request `vmmctl` to destroy a
virtual machine on close using the `VMMCTL_CREATE_DESTROY_ON_CLOSE` flag
when creating the virtual machine. `vmmctl` tracks such virtual machines
in per-descriptor lists.
Differential Revision: https://reviews.freebsd.org/D53729
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Sponsored by: Klara, Inc.
MFC after: 3 months
bhyve: Introduce monitor mode
This change introduces "monitor mode", a mechanism for automatically
releasing virtual machine resources when bhyve dies, bringing us
closer towards making non-root bhyve viable.
Under this regime bhyve will create a transient virtual machine using
`vmmctl`'s `VMMCTL_CREATE_DESTROY_ON_CLOSE` flag and automatically
reboot said virtual machine as long as it exits with "reboot" status.
This is done by splitting bhyve into two processes. The parent process
creates the virtual machine while the child process initializes and
runs the virtual machine. When the child exits the parent inspects
its exit status and either exits or forks again. `vmmctl` automatically
destroys the underlying virtual machine once the parent process dies.
Differential Revision: https://reviews.freebsd.org/D53731
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Sponsored by: Klara, Inc.
MFC after: 3 months
bhyve: Eliminate exit status magic numbers
bhyve's exit status codes indicate how the VM was terminated.
Unfortunately, their meaning within the source code is somewhat
unclear since they are only used as magic numbers.
Fix this by defining exit status macros and using them to replace
the magic numbers in exit(3) function calls.
Differential Revision: https://reviews.freebsd.org/D53730
Reviewed by: markj, corvink, emaste
Sponsored by: The FreeBSD Foundation
Sponsored by: Klara, Inc.
MFC after: 3 months
kern: Introduce RLIMIT_VMM
This change introduces a new per-UID limit for controlling the
number of vmm instances, in anticipation of unprivileged bhyve.
This allows ut to limit the amount of kernel memory allocated
by the vmm driver and prevent potential memory exhaustion attacks.
Differential Revision: https://reviews.freebsd.org/D53728
Reviewed by: markj, olce, corvink
MFC after: 3 months
Sponsored by: The FreeBSD Foundation
Sponsored by: Klara, Inc.
