FreeBSD/src 57bf745sys/kern vfs_vnops.c

vfs offset: fix assertion failure in face of racing ffofset and setfl locking

Both use the same 16 bit var to store their locked and waiters bits,
then this in file_v_unlock:

        state = atomic_load_16(flagsp);
        if ((state & lock_wait_bit) == 0 &&
            atomic_cmpset_rel_16(flagsp, state, state & ~lock_bit))
                return;

can fail if for example foffset is being unlocked while setfl is getting
locked.

Afterwards the code assumes there are blocked waiters on foffset.

Reviewed by: kib, markj
Sponsored by:   Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D52915
DeltaFile
+12-6sys/kern/vfs_vnops.c
+12-61 files

FreeBSD/src f43e19dsys/kern vfs_vnops.c

vfs offset: fix assertion failure in face of racing ffofset and setfl locking

Both use the same 16 bit var to store their locked and waiters bits,
then this in file_v_unlock:

        state = atomic_load_16(flagsp);
        if ((state & lock_wait_bit) == 0 &&
            atomic_cmpset_rel_16(flagsp, state, state & ~lock_bit))
                return;

can fail if for example foffset is being unlocked while setfl is getting
locked.

Afterwards the code assumes there are blocked waiters on foffset.

Reviewed by: kib, markj
Sponsored by:   Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D52915
DeltaFile
+12-6sys/kern/vfs_vnops.c
+12-61 files

FreeBSD/src ac19e85. .cirrus.yml

Cirrus-CI: Use nproc instead of sysctl -n hw.ncpu

It is available on all supproted FreeBSD versions.

Sponsored by:   The FreeBSD Foundation

(cherry picked from commit 5bba547a678beb280bf4080375f45b04ceb44fc5)
(cherry picked from commit f283515a1015b5e02dee2b3f4504e7a5ca1a5cfe)
DeltaFile
+2-2.cirrus.yml
+2-21 files

FreeBSD/src f283515. .cirrus.yml

Cirrus-CI: Use nproc instead of sysctl -n hw.ncpu

It is available on all supproted FreeBSD versions.

Sponsored by:   The FreeBSD Foundation

(cherry picked from commit 5bba547a678beb280bf4080375f45b04ceb44fc5)
DeltaFile
+2-2.cirrus.yml
+2-21 files

FreeBSD/src 2ef79b0. .cirrus.yml

Cirrus-CI: Build packages in parallel

Reviewed by:    ivy
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52857

(cherry picked from commit e2796f0359afad522113c25d720fa30677a044ab)
DeltaFile
+1-1.cirrus.yml
+1-11 files

FreeBSD/src 608043e. .cirrus.yml

Cirrus-CI: Bump to FreeBSD 14.3 image

Sponsored by:   The FreeBSD Foundation

(cherry picked from commit cca9295dd6adc4245fbeeefbe05c13c52d089bd7)
DeltaFile
+1-1.cirrus.yml
+1-11 files

FreeBSD/src ba89a06. .cirrus.yml

Cirrus-CI: Switch back to tzst packages, but use level 1

We previously used `PKG_FORMAT: tar` to avoid spending a lot of time in
zstd compression.  Instead just set PKG_LEVEL to compression level 1,
which still produces packages that are much smaller than uncompressed
tarballs with only a small penalty in build time.

Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52858

(cherry picked from commit ae5914c0e4478fd35ef9db3f32665b60e04d5a6f)
DeltaFile
+1-1.cirrus.yml
+1-11 files

FreeBSD/src ead7219sys/kern uipc_usrreq.c, tests/sys/kern unix_stream.c

unix/stream: repair SO_SNDTIMEO

The send operations are waiting on the peer's socket buffer, but we shall
use our timeout value.  Provide a test for that.

Reported by:            phk
Reviewed by:            asomers
Differential Revision:  https://reviews.freebsd.org/D53081
Fixes:                  d15792780760ef94647af9b377b5f0a80e1826bc
DeltaFile
+27-0tests/sys/kern/unix_stream.c
+18-2sys/kern/uipc_usrreq.c
+45-22 files

FreeBSD/src c8359b3tests/sys/netinet multicast.sh

tests/multicast: fix test flakyness

The receiver is run as a background job, so we need a wait loop to
make sure it has been fully functional before launching sender.

Reported by:    Siva Mahadevan <me svmhdvn.name>
PR:             290210
DeltaFile
+16-13tests/sys/netinet/multicast.sh
+16-131 files

FreeBSD/src 1985940sys/conf std.debug std.nodebug

conf: enable TCP_HPTS_KTEST on debug builds

Enable the kernel build option TCP_HPTS_KTEST on debug builds and
disable it on non-debug builds.

PR:                     290234
Reviewed by:            Nick Banks, glebius
Sponsored by:           Netflix, Inc.
Differential Revision:  https://reviews.freebsd.org/D53108
DeltaFile
+1-0sys/conf/std.debug
+1-0sys/conf/std.nodebug
+2-02 files

FreeBSD/src ad13fd5lib/libsys socket.2

socket.2: spell
DeltaFile
+1-1lib/libsys/socket.2
+1-11 files

FreeBSD/src 880d180sys/fs/unionfs union_subr.c union_vnops.c

unionfs: fix NULL deref on closing an fd passed through SCM_RIGHTS

If the last reference to an open file is contained in an SCM_RIGHTS
message in a UNIX domain socket, and that message is discarded without
being read out by the receiver, VOP_CLOSE will ultimately be called
with ap->a_td == NULL.

Change unionfs_close() to check for this condition instead of blindly
passing the thread to unionfs_find_node_status() which will try to
dereference it.  Also add relevant asserts on the node status lookup
paths.

PR:             289700
Reported by:    asomers
Reviewed by:    asomers, olce
MFC after:      3 days
Differential Revision: https://reviews.freebsd.org/D53079
DeltaFile
+2-0sys/fs/unionfs/union_subr.c
+1-1sys/fs/unionfs/union_vnops.c
+3-12 files

FreeBSD/src 663a571lib/libsys socket.2, sys/sys socket.h

sockets: add PF_HYPERV alias

Just make it like all other sockets that have PF_FOO -> AF_FOO alias.
DeltaFile
+1-1lib/libsys/socket.2
+1-0sys/sys/socket.h
+2-12 files

FreeBSD/src 86d1723lib/libsys socket.2

socket(2): refactor the manual page

Create a chapter on every important socket type: stream, datagram,
seqpacket.  Always list what protocol families do support what kinds of
sockets.  Improve some statements possessing language from the
specification [1].  Reduce some statements that are mostly specific to
TCP.  Provide more external links and references to various important
syscalls that can be used on sockets.

Add a paragrph on non-blocking mode.

The big factual change is documentation of SOCK_SEQPACKET.  In FreeBSD 15
this socket now fully follows the specification and is a stream socket
with record boundaries.

[1] https://pubs.opengroup.org/onlinepubs/9799919799/functions/V2_chap02.html#tag_16_10_06

Differential Revision:  https://reviews.freebsd.org/D52771
DeltaFile
+215-89lib/libsys/socket.2
+215-891 files

FreeBSD/src dbd1e32usr.sbin/bsdinstall/scripts auto jail

bsdinstall: Tweak pkgbase/dist set labels

Have the button labels refer to the artifact type directly (distribution
sets / packages), and use "Tech Preview" as packaged base is no longer
experimental.

Reviewed by:    ivy, cperciva
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52999

(cherry picked from commit abd9424590ba37ac10e92723ad6428f0448024c1)
DeltaFile
+2-2usr.sbin/bsdinstall/scripts/auto
+2-2usr.sbin/bsdinstall/scripts/jail
+4-42 files

FreeBSD/src eb895ad. .cirrus.yml

Revert ".cirrus.yml: Reenable CI with pre-commit CI scripts"

This reverts commit 676d64ee8327851063d92d0dd6a4ceee6b3a25e6.

These tests take a combined 3h to run and are consuming our montly
Cirrus-CI credits in short order, before failing.

In the PR markj reports that the failure appeared somewhere between:

good: da64f6e047b5f6cd9b9e8450d19072cb0b6e44d0
bad:  b197d2abcb6895d78bc9df8404e374397aa44748

Unfortunately, even after we find the offending commit and have a fix we
still do not have sufficient monthly compute credit.  Disable these
tests for now, pending a solution to both issues.

PR:             289696
Reviewed by:    ngie
Differential Revision: https://reviews.freebsd.org/D52618

    [2 lines not shown]
DeltaFile
+2-0.cirrus.yml
+2-01 files

FreeBSD/src d1bd541tests/sys/fs/fusefs bad_server.cc

fusefs: fix intermittency in the BadServer.ShortWrite test

This test implicitly depended on the order in which two threads
completed.  If the test thread finished first, the test would pass.  But
if the mock file system thread did, it would attempt to read from an
unmounted file system, and fail.  As a result, the test would randomly
fail once out of every several thousand executions.  Fix it by telling
the mock file system's event loop to exit without attempting to read any
more events.

Reported by:    Siva Mahadevan <me at svmhdvn.name>
MFC after:      1 week
Reviewed by:    Siva Mahadevan <me at svmhdvn.name>
Differential Revision: https://reviews.freebsd.org/D53080
DeltaFile
+5-0tests/sys/fs/fusefs/bad_server.cc
+5-01 files

FreeBSD/src d06e31dlib/msun/src e_remainder.c

libm: remainder: make sure x is zero

Make sure the entirety of x is zero before flipping the sign bit.
Otherwise the sign would be wrong for small values of x when x is
negative and |n*y| > |x|

Reported by:    alfredo
PR:             251091
Reviewed by:    kargl
MFC after:      3 days
Differential Revision: https://reviews.freebsd.org/D53023

(cherry picked from commit 25cca51ed294890d20a3c0290814cd26875db686)
DeltaFile
+2-2lib/msun/src/e_remainder.c
+2-21 files

FreeBSD/src 439909clib/msun/src e_remainder.c

libm: remainder: make sure x is zero

Make sure the entirety of x is zero before flipping the sign bit.
Otherwise the sign would be wrong for small values of x when x is
negative and |n*y| > |x|

Reported by:    alfredo
PR:             251091
Reviewed by:    kargl
MFC after:      3 days
Differential Revision: https://reviews.freebsd.org/D53023

(cherry picked from commit 25cca51ed294890d20a3c0290814cd26875db686)
DeltaFile
+2-2lib/msun/src/e_remainder.c
+2-21 files

FreeBSD/src 583e976lib/msun/src e_remainder.c

libm: remainder: make sure x is zero

Make sure the entirety of x is zero before flipping the sign bit.
Otherwise the sign would be wrong for small values of x when x is
negative and |n*y| > |x|

Reported by:    alfredo
PR:             251091
Reviewed by:    kargl
MFC after:      3 days
Differential Revision: https://reviews.freebsd.org/D53023

(cherry picked from commit 25cca51ed294890d20a3c0290814cd26875db686)
DeltaFile
+2-2lib/msun/src/e_remainder.c
+2-21 files

FreeBSD/src 7117c86sys/kern kern_exec.c

exec: Check for errors when mapping the shared object

In the non-ASLR case, there is no check for an error from
vm_map_fixed().  Restore it, it was dropped in commit 939f0b6323e0a.
This bug could result in a refcount leak of the object used to map the
VDSO page.

Reviewed by:    kib
Reported by:    Ilja Van Sprundel <ivansprundel at ioactive.com>
MFC after:      1 week
Fixes:  939f0b6323e0 ("Implement shared page address randomization")
Differential Revision:  https://reviews.freebsd.org/D53065
DeltaFile
+1-1sys/kern/kern_exec.c
+1-11 files

FreeBSD/src 2df39cesys/netpfil/ipfw ip_fw_nat.c

ipfw: Check for errors from sooptcopyin() and sooptcopyout()

Note, it looks like this code may be unused since commit 4a77657cbc01
("ipfw: migrate ipfw to 32-bit size rule numbers").  In particular, it
looks like the ipfw_nat_*_ptr pointers are unused now.

Reviewed by:    ae
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D53068
DeltaFile
+7-5sys/netpfil/ipfw/ip_fw_nat.c
+7-51 files

FreeBSD/src ec8e07eusr.sbin/certctl certctl.8

certctl.8: Update documentation of BUNDLE

- Fix a typo.
- Provide the default path.

Reviewed by:    des
MFC after:      3 days
Differential Revision:  https://reviews.freebsd.org/D53001
DeltaFile
+4-2usr.sbin/certctl/certctl.8
+4-21 files

FreeBSD/src 8033663sys/amd64/amd64 elf_machdep.c, sys/amd64/linux linux_sysvec.c

imgact: Mark brandinfo and note structures as const

No functional change intended.

Reviewed by:    olce, kib, emaste
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D53062
DeltaFile
+14-14sys/kern/imgact_elf.c
+9-15sys/compat/ia32/ia32_sysvec.c
+6-8sys/amd64/amd64/elf_machdep.c
+6-6sys/amd64/linux32/linux32_sysvec.c
+6-6sys/amd64/linux/linux_sysvec.c
+5-5sys/arm64/linux/linux_sysvec.c
+46-545 files not shown
+56-6511 files

FreeBSD/src 2110ae0sys/rpc svc_auth_unix.c

sys/rpc: UNIX auth: Do not log on bogus AUTH_SYS messages

Remove the printf() stances added in commit d4cc791f3b2e ("sys/rpc: UNIX
auth: Fix OOB reads on too short message").

Even if it can be helpful to know why an authentication message is
rejected, printing explanatory messages on each request attempt is
a remote log filler that could be triggered by accident, and the generic
RPC code generally does not do that.  These printf() calls should be
restored only after some limiting or configuration mechanism is devised.

MFC with:       d4cc791f3b2e ("sys/rpc: UNIX auth: Fix OOB reads on too short message")
Sponsored by:   The FreeBSD Foundation
DeltaFile
+3-17sys/rpc/svc_auth_unix.c
+3-171 files

FreeBSD/src a4105a5sys/rpc authunix_prot.c svc_auth_unix.c

sys/rpc: UNIX auth: Style: Remove unnecessary headers, minor changes

MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
DeltaFile
+3-7sys/rpc/authunix_prot.c
+1-3sys/rpc/svc_auth_unix.c
+4-102 files

FreeBSD/src 4ae70c3sys/rpc authunix_prot.c

sys/rpc: UNIX auth: Support XDR_FREE

xdr_authunix_parms() does not allocate any auxiliary memory, so we can
simply support XDR_FREE by just returning TRUE.

Although there are currently no callers passing XDR_FREE, this makes us
immune to such a change in a way that doesn't cost more but is more
constructive than a mere KASSERT().

Suggested by:   rmacklem
MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
DeltaFile
+4-0sys/rpc/authunix_prot.c
+4-01 files

FreeBSD/src d4cc791sys/rpc svc_auth_unix.c

sys/rpc: UNIX auth: Fix OOB reads on too short message

In the inline version (_svcauth_unix()), fix multiple possible OOB reads
when the credentials part of a request is too short to contain mandatory
fields or with respect to the hostname length or number of groups it
advertises.  The previously existing check was arriving too late and
relied on possibly wrong data coming from earlier OOB reads.

While here, use 'uint32_t' as the length/size type, as it is more than
enough and removes the need for conversions, explicit or implicit.
While here, factor out setting 'stat' to AUTH_BADCRED and then jumping
to 'done' on error, through the new 'badcred' label.  While here,
through comments, refer to what the non-inline version is doing
(xdr_authunix_parms() in 'authunix_prot.c') and the reasons.

Reviewed by:    rmacklem
Fixes:          dfdcada31e79 ("Add the new kernel-mode NFS Lock Manager.")
MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52964
DeltaFile
+61-40sys/rpc/svc_auth_unix.c
+61-401 files

FreeBSD/src e665c0fsys/rpc svc_auth_unix.c

sys/rpc: UNIX auth: Use AUTH_SYS_MAX_{GROUPS,HOSTNAME} as limits (2/2)

Remove local defines from 'svc_auth_unix.c' and use the new limit
macros instead.

Reviewed by:    rmacklem
MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52963
DeltaFile
+2-5sys/rpc/svc_auth_unix.c
+2-51 files

FreeBSD/src 47e9c81sys/rpc authunix_prot.c

sys/rpc: UNIX auth: Fix OOB accesses, notably writes on decode

When the received authentication message had more than XU_NGROUPS, we
would write group IDs beyond the end of cr_groups[] in the 'struct
xucred' being filled (as 'ngroups_max' is always greater than
XU_NGROUPS).

For robustness, prevent various OOB accesses that would result from
a change of value of XU_NGROUPS or a 'struct xucred' with an invalid
'cr_ngroups' field, even if these cases are unlikely.

Reviewed by:    rmacklem
Fixes:          dfdcada31e79 ("Add the new kernel-mode NFS Lock Manager.")
MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52960
DeltaFile
+21-19sys/rpc/authunix_prot.c
+21-191 files