pfctl: ctime(3) and ctime_r(3) can fail when timestamps are way off.
Add missing error checks
Input kettenis, millert
OK millert
Obtained from: OpenBSD, florian <florian at openbsd.org>, a7b9eedcb4
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf: Show pf fragment reassembly counters.
Framgent count and statistics are stored in struct pf_status. From
there pfctl(8) and systat(1) collect and show them. Note that pfctl
-s info needs the -v switch to show fragments.
input claudio@; OK henning@
Obtained from: OpenBSD, bluhm <bluhm at openbsd.org>, 19e99d0613
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf.conf.5: hint how to set tcp timeout collectively
Hint that the tcp timeout values can be adjusted collectively via "set
optimization".
from jesper wallin
ok bluhm
Obtained from: OpenBSD, jmc <jmc at openbsd.org>, df80715c2d
Sponsored by: Rubicon Communications, LLC ("Netgate")
pfctl: fix anchortypes bounds test
found by "buffer overflow 'anchortypes' 10 <= 12" smatch error
feedback and ok sashan@, ok miod@ on an earlier version
Obtained from: OpenBSD, jsg <jsg at openbsd.org>, 730c5d0121
Sponsored by: Rubicon Communications, LLC ("Netgate")
acpi: Fix build when `ACPI_DEBUG_OUTPUT` defined
Reviewed by: olce
Fixes: ce5e22b28ef6 ("acpi: Use sleep types defined in sys/power.h")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52545
jail.2: Mention EPERM is returned on open directories
The manual page does not directly mention this reason for getting EPERM,
instead referring the reader to chroot(2). We have had some questions
about it recently, in part due to a bug (fixed), and this case is not an
obvious permission/problem, so let's be more explicit.
PR: 280809
Reviewed by: jamie
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52319
jaildesc: remove desc from the sysctl parameter list
Like lastjid, desc should count as a pseudo-parameter. The difference
lies entirely in the security.jail.param sysctls, which list all of
the jail parameters. Since desc opens and returns a file descriptor,
it has no place in such uses as "jls all." Like lastjid, it's still
recognized by the kernel if passed in/out, and hard-coded into libjail
so it can be recognized there.
(cherry picked from commit e75dda31c1eead9ad40580bd8fec17f2bbf55a21)
jaildesc: add kevent support
Give jail descriptors the same kevent flags as jails. Also fix the
event reporting in jails, where it was including data for events the
user didn't ask for.
(cherry picked from commit 66d8ffe3046ded1eb3f78599c6af8eb965482ef5)
jail: simplify EVFILT_JAIL events
Instead of using the EVFILT_PROC model of attempting to automatically
register new events when a child jail is created, just give a single
event when a child jail is created. As was already done with jail
attach events, make a best-effort report of the added jail's id in
kn_data. If the are multiple NOTE_JAIL_CHILD and/or NOTE_JAIL_ATTACH
events, set the NOTE_JAIL_MULTI flag, and don't report anything in
data, indicating that the caller will need to query the system state
on their own.
(cherry picked from commit dbcaac13e49c88d1c077f34f56dd2b7ba77a145a)
iwlwifi: Don't compile for gcc before 14
gcc 13 and earlier don't have __builtin_bitcountg. The linux wifi kpi
uses this unconditionally. While in this one use, it might not be
needed, I opted to not compile iwlwifi when building gcc12 or 13 rather
than risk breaking it for everbody else.
With this change gcc12 builds the kernel. Maybe this will stop jenkins
email for every commit I make.
Sponsored by: Netflix
fusefs: fix the last_local_modify LLM/LastLocalModify.lookup/3 test
The LastLocalModify tests were originally written to simulate a race
condition between VOP_SETATTR and VOP_LOOKUP. They were later extended
to cover some other VOPs that can affect file size, including VOP_WRITE.
However, the test never correctly simulated the race with VOP_WRITE. So
that test only ever passed by accident. Fix it by always opening the
file with O_DIRECT.
PR: 289237
Reported by: Siva Mahadevan <me at svmhdvn.name>
MFC after: 1 week
sys/power: Sleep type reporting by PM backends
Allow PM backends to report supported sleep types when registering
through `power_pm_register`. Expose this information through
`kern.power.supported_stype` sysctl, and set defaults for
`power_standby/suspend/hibernate_stype` based on this.
Implement this in ACPI PM backend.
Reviewed by: mckusick (mentor), markj
Approved by: mckusick (mentor), markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52044
