linux_ntsync(9): check the file type before calling native ntsync(9)
Reported by: Alex S <iwtcex at gmail.com>
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
vnode: move VIRF_KNOTE to v_v2flag
The semantic of the flag has the natural march to the code scope that is
protected by the vnode lock.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D56912
struct vnode: assign v_rl.resv1 as v_type and v_rl.resv2 as v_state
Use the avaliable space to introduce vnode-locked flag v_v2flag.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D56912
sys/rangelock.h: explicitly enumerate padding at the end of the structure
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D56912
vfs: work around the race between vget() and vnlru
Specifically, do not let vtryrecycle() to recycle a used vnode. It is
possible for a vnode to be vref-ed or vuse-ed lockless after it is held
by vhold_recycle_free(). Then, since vtryrecycle() does not recheck the
hold count, we might end up freeing vused vnode.
Since vget_finish() increments v_usecount after obtaining the vnode
lock, we would observe the hold reference anyway when the parallel
vget() is blocked waiting on the vnode lock.
PR: 281749
Reported and tested by: Steve Peurifoy <ssw01 at mathistry.net>, Vladimir Grebenshchikov <vova at zote.me>
Reviewed by: olce
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57305
rtld-elf: add some tests for parse_integer()
Reviewed by: des, dim
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57549
rtld parse_integer(): support binary, octal, and hex C notations
Reviewed by: des, dim
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57549
www/caddy: Update to 2.11.4 (security)
Changes:
Security-related patches:
- caddyhttp: Normalize Windows backslashes in path matcher (thanks
@Vincent550102)
- rewrite: Prevent placeholder re-expansion in injected query
(thanks @WhiskerEnt)
- templates: Improved stripHTML action to more reliably remove
malformed HTML (thanks to @jmrcsnchz)
- caddyhttp: Ignore header fields with underscores to prevent
collisions (thanks @Vincent550102 for the report and @dunglas for
the patch)
NB: These security patches may be breaking if your application
relies on the buggy behaviors.
What's Changed:
- reverseproxy: further prevent body closes from dial errors by
[37 lines not shown]