rename(2): do not allow to rename root vnode of the mounted filesystem
Check for tdvp being vp_crossmp. This cannot happen for the normal
rename cases, but could if the target path specified by the syscall
points to the nullfs mount over the regular file. In this case namei()
cannot step over crossmp, and keep it in ni_dvp.
Since crossmp VOP_GETWRITEMOUNT() returns NULL mp, we retry the locking
dance since the belief is that NULL return is transient.
PR: 295826
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57453
renameat(2): when retrying, check for pending signals
The vn_start_write() call there is already interruptible. Check for
user signals before restarting due to ERELOOKUP, or after failed
vn_start_write(). Note that vn_start_write(V_XSLEEP | V_PCATCH)
does not check for signals if not sleeping.
PR: 295826
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57453
loader.efi: Fix when staging moves late
Prior to this commit, we'd compute the page tables and have the last
entries point to the staging area. We'd then add some more metadata to
the image and boot. This assumed the staging area didn't need to move
for this last bit of data.
However, if we go over the staging limit, when we copyin new data, we
grow the staging area, usually be moving it to a lower address. This
overage usually happens when we're loading modules and so things work
out nicely. Sometimes we're close to the limit, and we need to do this
growing inside bi_load, after we've computed the page table, making the
page table wrong, and the code we jump to random rather than the btext
routine we normally start at.
To fix this, move computation of the table (but not its allocation) to
after bi_load, but before we call the trampoline.
This problem was most observed when loading microcode for many peole,
[21 lines not shown]
loader.efi: Fix when staging moves late
Prior to this commit, we'd compute the page tables and have the last
entries point to the staging area. We'd then add some more metadata to
the image and boot. This assumed the staging area didn't need to move
for this last bit of data.
However, if we go over the staging limit, when we copyin new data, we
grow the staging area, usually be moving it to a lower address. This
overage usually happens when we're loading modules and so things work
out nicely. Sometimes we're close to the limit, and we need to do this
growing inside bi_load, after we've computed the page table, making the
page table wrong, and the code we jump to random rather than the btext
routine we normally start at.
To fix this, move computation of the table (but not its allocation) to
after bi_load, but before we call the trampoline.
This problem was most observed when loading microcode for many peole,
[19 lines not shown]
loader.efi: Fix when staging moves late
Prior to this commit, we'd compute the page tables and have the last
entries point to the staging area. We'd then add some more metadata to
the image and boot. This assumed the staging area didn't need to move
for this last bit of data.
However, if we go over the staging limit, when we copyin new data, we
grow the staging area, usually be moving it to a lower address. This
overage usually happens when we're loading modules and so things work
out nicely. Sometimes we're close to the limit, and we need to do this
growing inside bi_load, after we've computed the page table, making the
page table wrong, and the code we jump to random rather than the btext
routine we normally start at.
To fix this, move computation of the table (but not its allocation) to
after bi_load, but before we call the trampoline.
This problem was most observed when loading microcode for many peole,
[17 lines not shown]
APEI: Provide more info on fatal hardware errors
This change refactors fatal error delivery via APEI and prints more info:
- Makes the NMI handler call into the ge handler to establish a common
code flow, no matter how the error is delivered
- Adds the FRU to the panic string so as to provide more information than
just "APEI Fatal Hardware Error!" such as
"APEI Fatal Hardware Error: PcieError"
- Prints more details about fatal pcie errors. Note that we skip acquiring
Giant on fatal errors
- Hexdumps the full GED data on fatal errors, so as to facilitate
offline data analysis
Reviewed by: imp
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D57417
audit: Replace TAILQ with STAILQ
This reduces the size of a trigger entry from 24 bytes to 16 (or from
12 bytes to 8 on 32-bit) with no additional complexity.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: kevans, emaste
Differential Revision: https://reviews.freebsd.org/D57464
audit: Add poll / select support
It was previously not possible to poll() or select() on the trigger
device, which made implementing proper signal handling in auditd
difficult.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: kevans, markj
Differential Revision: https://reviews.freebsd.org/D57457
udp: Fix resource leaks in an error path in udp6_send()
Reported by: Andrew Griffiths <andrew at calif.io>
Fixes: 069a67374ed9 ("ip6: Remove support for RFC2675 (Jumbo Payload Option)")
Reviewed by: pouria, tuexen, glebius
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57341
arch.7: Restore (non-SPE) 32-bit powerpc to MD tables
powerpc is still relevant for lib32. powerpcspe cannot use lib32 so
remains removed.
Reported by: Minsoo Choo <minsoo at minsoo.io>
Reviewed by: Minsoo Choo <minsoo at minsoo.io>
Sponsored by: The FreeBSD Foundation
Fixes: 2ea49bb595df ("arch.7: Remove 32-bit powerpc from tables")
Differential Revision: https://reviews.freebsd.org/D57473
fts: add fts regression tests
Add ATF regression tests for previously-fixed fts(3) bugs:
- PR 45723: directory with read but no execute is traversed via
FTS_DONTCHDIR fallback, not silently skipped
(commit 1e03bff7f2b7)
- PR 196724: FTS_SLNONE must not be returned for a non-symlink;
time-bounded race test runs for 1 second with concurrent
file creation/deletion
(commit bf4374c54589)
- PR 262038: readdir(2) errors produce FTS_DNR with fts_errno
set, not silently treated as end-of-directory
(commit 0cff70ca6654)
- SVN r246641: normal traversal works correctly with O_DIRECTORY
fix in fts_safe_changedir()
(commit f9928f1705ee)
- SVN r261589: no crash when tree modified during traversal;
time-bounded race test runs for 1 second with concurrent
[7 lines not shown]
linux: Drop unneeded PHOLDs
There's no point in acquiring a hold if the proc lock isn't going to be
dropped.
Reviewed by: kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D57468
arch.7: Remove 32-bit powerpc from tables
Most 32-bit architecture support has been deprecated for FreeBSD 16.
Reviewed by: des
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57472
arch.7: arch.7: Add wchar_t signedness
Most architectures have the same signedness for char and wchar_t, but
powerpc has the unusual combination of unsigned char and signed wchar_t.
Reviewed by: des, jhb, markj
Sponsored by: The FreeBSD Foundation
arm64: Add exception flag for ksiginfo_t and set in trapsignal
The `ksiginfo_t` flag `KSI_TRAP` is set both for exceptions and when
copying between userspace and the kernel fails. In the latter case, the
exception syndrome register as captured in `struct trapframe` won't be
valid. That means we can't use `KSI_TRAP` to determine whether `tf_esr`
is valid. This motivates the addition of a new flag, here called
`KSI_EXCEPT`, for specifically identifying signals caused by exceptions.
It is added to `ksi_flags` via `trapsignal`.
Signed-off-by: Alex Arslan <ararslan at comcast.net>
Reported by: andrew
Pull Request: https://github.com/freebsd/freebsd-src/pull/2053
arm64: Expose ESR in mcontext
At present, the exception syndrome register (ESR) is not accessible via
the user context on FreeBSD AArch64, which makes it difficult to
determine the cause of an exception. For example, a signal handler might
get a `SIGSEGV` with `SEGV_ACCERR`, but it can't know whether that
occurred due to a bad read or write. The change implemented here
includes ESR in `struct __mcontext`, thereby allowing access via
`ucontext_t` for use by signal handlers, sanitizers, debuggers, etc.
Note that this addition consumes one of the seven spare 64-bit slots in
`struct __mcontext`.
Signed-off-by: Alex Arslan <ararslan at comcast.net>
Reviewed by: andrew
Pull Request: https://github.com/freebsd/freebsd-src/pull/2053
bhyve(8): allow cpu pinning using N-M:X-Y ranges
bhyve's -p allows to pin guest's virtual CPU vcpu to hostcpu, however
this becomes very tedious work when you have to pin more than a single
CPU.
This allows to pass a range to -p, e.g. -p 0-3:4-7 which will pin the
cpus 0:4, 1:5, 2:6, 3:7. The ranges must be equal and the CPU numbers
must be ascending.
Sponsored by: Armenian Bioinformatics Institute
Reviewed by: corvink, markj
Tested by: bnovkov
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D54937
rc: Bail if /dev/null is not a device
On startup, check that /dev/null exists and is a character device.
Otherwise, one of two things will happen: either /dev is a writable
directory and we will immediately create /dev/null as a regular file
and dump garbage into it, or it does not and we will spit out a stream
of error messages about failing to create /dev/null.
PR: 295782
MFC after: 1 week
Reviewed by: jhb, emaste
Differential Revision: https://reviews.freebsd.org/D57447
etcupdate: Make nobuild the default
The common case for etcupdate is to run it after building and installing
the world, in which case we already have an object directory to draw on.
Add a -b option to turn nobuild off (opposite of -B), and turn nobuild
on by default.
MFC after: 1 week
Reviewed by: jhb, emaste
Differential Revision: https://reviews.freebsd.org/D57306
fts: address post-merge feedback on fts_children_test.c
- Remove fts_check_debug() which is only needed by test cases
that use the fts_test() helper; fts_children_test.c does not
call fts_test()
- Remove fts_lexical_compar where traversal order does not matter
for the test result
- Drop fts_test.h and copy fts_lexical_compar locally
- Pull up NULL argument onto same line as fts_open
Fixes: e624417db8a1 ("lib/libc/tests/gen: add fts_children() tests")
Sponsored by: Google LLC (GSoC 2026)
Reviewed by: des, asomers
MFC after: 2 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/2260
