pf: don't reject route-to'd too-large packets
If we're sending a packet via pf_route()/pf_route6() we check for packet
size and potentially generate ICMP(6) packet too big messages. If we do,
don't consider this a rejected packet. That is, return PF_PASS and set
the mbuf to NULL rather than returning PF_DROP.
This matters for locally generated packets, because with PF_DROP we
can end up returning EACCES to userspace, causing the connection to
terminate. Instead, with PF_PASS and a NULL mbuf this is translated to
PFIL_CONSUMED, which does not return an error to userspace.
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
netlink: Don't directly access ifnet members
Summary:
Remove the final direct access of struct ifnet members from netlink.
Since only the first address is used, create the iterator and then free,
without fully iterating.
Reviewed By: kp
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D42972
(cherry picked from commit b224af946a17b8e7a7b4942157556b5bc86dd6fb)
mac_ipacl: Use IfAPI
Use `if_t` instead of `struct ifnet *`, and if_name() accessor.
Sponsored by: Juniper Networks, Inc.
(cherry picked from commit b820820ece099a73511d7daec407d78f38185a9b)
unionfs: detect common deadlock-producing mount misconfigurations
When creating a unionfs mount, it's fairly easy to shoot oneself
in the foot by specifying upper and lower file hierarchies that
resolve back to the same vnodes. This is fairly easy to do if
the sameness is not obvious due to aliasing through nullfs or other
unionfs mounts (as in the associated PR), and will produce either
deadlock or failed locking assertions on any attempt to use the
resulting unionfs mount.
Leverage VOP_GETLOWVNODE() to detect the most common cases of
foot-shooting at mount time and fail the mount with EDEADLK.
This is not meant to be an exhaustive check for all possible
deadlock-producing scenarios, but it is an extremely cheap and
simple approach that, unlike previous proposed fixes, also works
in the presence of nullfs aliases.
PR: 172334
Reported by: ngie, Karlo Miličević <karlo98.m at gmail.com>
[5 lines not shown]
unionfs: Implement VOP_GETLOWVNODE
This function returns the vnode that will be used to resolve the
access type specified in the 'flags' argument, and is useful for
optimal behavior of vn_copy_file_range(). While most filesystems
can simply use the default implementation which returns the passed-
in vnode, unionfs (like nullfs) ideally should resolve the access
request to whichever base layer vnode will be used for the I/O.
For unionfs, write accesses must be resolved through the upper vnode,
while read accesses will be resolved through the upper vnode if
present or the lower vnode otherwise. Provide a simple
unionfs_getlowvnode() implementation that reflects this policy.
Reviewed by: kib, olce
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D53988
(cherry picked from commit 5c025978fc3649730329994eecc56ada119e6717)
m4: avoid warnings about too-long initializer strings
Mark `digits` as `__non_string`, to avoid warnings from clang 21 similar
to:
usr.bin/m4/misc.c:123:27: error: initializer-string for character array is too long, array size is 36 but initializer has size 37 (including the null terminating character); did you mean to use the 'nonstring' attribute? [-Werror,-Wunterminated-string-initialization]
123 | static char digits[36] = "0123456789abcdefghijklmnopqrstuvwxyz";
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MFC after: 3 days
makefs: avoid warnings about too-long initializer strings
Mark `direntry::deName` as `__non_string`, to avoid warnings from clang
21 similar to:
usr.sbin/makefs/msdos/msdosfs_vnops.c:512:4: error: initializer-string for character array is too long, array size is 11 but initializer has size 12 (including the null terminating character); did you mean to use the 'nonstring' attribute? [-Werror,-Wunterminated-string-initialization]
512 | { ". ", /* the . entry */
| ^~~~~~~~~~~~~
usr.sbin/makefs/msdos/msdosfs_vnops.c:522:4: error: initializer-string for character array is too long, array size is 11 but initializer has size 12 (including the null terminating character); did you mean to use the 'nonstring' attribute? [-Werror,-Wunterminated-string-initialization]
522 | { ".. ", /* the .. entry */
| ^~~~~~~~~~~~~
MFC after: 3 days
fsck_msdosfs: avoid warnings about too-long initializer strings
Mark `dot_name` and `dotdot_name` as as `__non_string`, to avoid
warnings from clang 21 similar to:
sbin/fsck_msdosfs/dir.c:466:39: error: initializer-string for character array is too long, array size is 11 but initializer has size 12 (including the null terminating character); did you mean to use the 'nonstring' attribute? [-Werror,-Wunterminated-string-initialization]
466 | static const u_char dot_name[11] = ". ";
| ^~~~~~~~~~~~~
sbin/fsck_msdosfs/dir.c:467:39: error: initializer-string for character array is too long, array size is 11 but initializer has size 12 (including the null terminating character); did you mean to use the 'nonstring' attribute? [-Werror,-Wunterminated-string-initialization]
467 | static const u_char dotdot_name[11] = ".. ";
| ^~~~~~~~~~~~~
MFC after: 3 days
