From nobody Tue Aug 20 04:58:15 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny073Nv2z5VFrT; Tue, 20 Aug 2024 04:58:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny072sV1z4NdK; Tue, 20 Aug 2024 04:58:15 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129895; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wBGc7NYxBGZH0Vp8EEzD9xi7K7qBBngUcz0+XKy9q4Q=; b=uSrBBP/YaR8WKupDcBgR7pdhBK5clV1WsMIM2QrPfyt/XBvhSsRzBnDliT9+lw3eVAuIP3 VAKp95wm4og8dtMleg87CX0HenYUJ1FTCNRnncegitzLFuQxYI2RcTVHcrVd1QmLIhAfTH IGCV+LJoeOwCa0SkQSOh09080S4AsoEKPAswulbdwlE7KU5xrxOLIh75KkSbnIVopjAWwj Fk/xKXuRZJU/xX8WlazGcb/GpPy7jx+vGVP+AaI8jLU+IsYPS242kyc6Q8h9I9AQKuXOhn 7x05q2ZFZfPawlPMqbFCxzgpBUkpJbcu07fHOjd0dWEPye3d+C+eHWLVY/u9ew== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724129895; a=rsa-sha256; cv=none; b=fz30/92VE1gsKc+PeRzn2FivqF8DlZ7W+1XewREKH1DO2KEYnYepTFiGiJqR5VqxuF6zqo R67YIkVIXWE2gfje4qZyw+vmSVz2K5W+bHXvT+Bj/paX3HpM4mPBb4tNH+qD4uij0oY9RK 5FpkVstX/nB8Qc8bEZwbGXa3PRSn130biOv99vABz9o7+CXNP8MGfBbRKXRky4qNJhGRCn F2iozhYCnm9upqLjlLIvWGBiz0a7aSg/RaR/T7yW3AbVf4S4Bbgaal+0eAfrBCqAOrLAaS iYU83e6HBlR0sLVBHppjE5cpZ8oVAOgUzr117QZr3+xk5PU2EDqDQPSO/UOJVg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129895; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wBGc7NYxBGZH0Vp8EEzD9xi7K7qBBngUcz0+XKy9q4Q=; b=ruWKT95Xdh9uRnGqzSUIMTPcKp7yrbTb+MBuAyt/tsRYF8y4BlSTiEz9HD//f5Aw+poSdx 0IAIxUihQlASew0YRYBnYzjk7jEAMRryMcxvABFgS8A1mazfpeBKkF0ISa2VOg7akXjQE/ cpOOCEKKLyAfr8cUMiTXUPeOcZmOeQV/nfpBTHNMQTJ4HedM6o6WZ6CduOKfAxQndQqgA4 LtsDo5bGx/JyN9ZHIEj4eKaRG5r4QN4i4V+R1ojvHz05O4zScq0fhM5GqS2I5k56rU+aLn mmZdfqMUGz36JEWGLtUXzaZaV8htenZHsi1jCa7mdO/HS93A94yzw0Tskeln/Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny0722mgzn1N; Tue, 20 Aug 2024 04:58:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K4wFcj054119; Tue, 20 Aug 2024 04:58:15 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K4wFgI054116; Tue, 20 Aug 2024 04:58:15 GMT (envelope-from git) Date: Tue, 20 Aug 2024 04:58:15 GMT Message-Id: <202408200458.47K4wFgI054116@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 99c5c0cb1556 - stable/14 - dhclient: Switch timeouts from time_t to timespec List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 99c5c0cb1556daf2818e99a934dc6a2f99fa30f9 Auto-Submitted: auto-generated The branch stable/14 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=99c5c0cb1556daf2818e99a934dc6a2f99fa30f9 commit 99c5c0cb1556daf2818e99a934dc6a2f99fa30f9 Author: Isaac Cilia Attard AuthorDate: 2024-07-08 05:43:09 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:57:08 +0000 dhclient: Switch timeouts from time_t to timespec Introduce a new function, add_timeout_timespec(), to use timespec structs to handle timeouts. Make add_timeout() into a wrapper for the latter function to retain compatibility with the rest of the codebase. No functional change intended. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit 16a235f23c066d27b3a53c66cf6aa329be07cdb9) --- sbin/dhclient/dhcpd.h | 3 ++- sbin/dhclient/dispatch.c | 28 +++++++++++++++++++--------- 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/sbin/dhclient/dhcpd.h b/sbin/dhclient/dhcpd.h index 399b5c1ecf6c..56a38d733501 100644 --- a/sbin/dhclient/dhcpd.h +++ b/sbin/dhclient/dhcpd.h @@ -219,7 +219,7 @@ struct interface_info { struct timeout { struct timeout *next; - time_t when; + struct timespec when; void (*func)(void *); void *what; }; @@ -321,6 +321,7 @@ void reinitialize_interfaces(void); void dispatch(void); void got_one(struct protocol *); void add_timeout(time_t, void (*)(void *), void *); +void add_timeout_timespec(struct timespec, void (*)(void *), void *); void cancel_timeout(void (*)(void *), void *); void add_protocol(const char *, int, void (*)(struct protocol *), void *); void remove_protocol(struct protocol *); diff --git a/sbin/dhclient/dispatch.c b/sbin/dhclient/dispatch.c index 310f477f8a4f..aa15c35a9f15 100644 --- a/sbin/dhclient/dispatch.c +++ b/sbin/dhclient/dispatch.c @@ -155,7 +155,8 @@ dispatch(void) int count, live_interfaces, i, to_msec, nfds = 0; struct protocol *l; struct pollfd *fds; - time_t howlong; + struct timespec howlong; + struct timespec time_now = { .tv_sec = cur_time, .tv_nsec = 0 }; for (l = protocols; l; l = l->next) nfds++; @@ -173,7 +174,7 @@ another: if (timeouts) { struct timeout *t; - if (timeouts->when <= cur_time) { + if (timespeccmp(&timeouts->when, &time_now, <=)) { t = timeouts; timeouts = timeouts->next; (*(t->func))(t->what); @@ -188,10 +189,10 @@ another: * int for poll, while not polling with a * negative timeout and blocking indefinitely. */ - howlong = timeouts->when - cur_time; - if (howlong > INT_MAX / 1000) - howlong = INT_MAX / 1000; - to_msec = howlong * 1000; + timespecsub(&timeouts->when, &time_now, &howlong); + if (howlong.tv_sec > INT_MAX / 1000) + howlong.tv_sec = INT_MAX / 1000; + to_msec = howlong.tv_sec * 1000; } else to_msec = -1; @@ -219,6 +220,7 @@ another: if (count == -1) { if (errno == EAGAIN || errno == EINTR) { time(&cur_time); + time_now.tv_sec = cur_time; continue; } else error("poll: %m"); @@ -226,6 +228,7 @@ another: /* Get the current time... */ time(&cur_time); + time_now.tv_sec = cur_time; i = 0; for (l = protocols; l; l = l->next) { @@ -356,7 +359,14 @@ active: } void -add_timeout(time_t when, void (*where)(void *), void *what) +add_timeout(time_t when_s, void (*where)(void *), void *what) +{ + struct timespec when = { .tv_sec = when_s, .tv_nsec = 0 }; + add_timeout_timespec(when, where, what); +} + +void +add_timeout_timespec(struct timespec when, void (*where)(void *), void *what) { struct timeout *t, *q; @@ -395,7 +405,7 @@ add_timeout(time_t when, void (*where)(void *), void *what) /* Now sort this timeout into the timeout list. */ /* Beginning of list? */ - if (!timeouts || timeouts->when > q->when) { + if (!timeouts || timespeccmp(&timeouts->when, &q->when, >)) { q->next = timeouts; timeouts = q; return; @@ -403,7 +413,7 @@ add_timeout(time_t when, void (*where)(void *), void *what) /* Middle of list? */ for (t = timeouts; t->next; t = t->next) { - if (t->next->when > q->when) { + if (timespeccmp(&t->next->when, &q->when, >)) { q->next = t->next; t->next = q; return; From nobody Tue Aug 20 04:58:16 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny083qFpz5VFx4; Tue, 20 Aug 2024 04:58:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny082sLrz4NbS; Tue, 20 Aug 2024 04:58:16 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129896; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ywdYdfdLBgc5K/ES/RBZGDrjQQZnZF4NSO2YcallinE=; b=rhL5G+oTMAUQ3x6Azda24coU4FhVcBAMk2MPCJ+yNFxuV3FH2X9fduzCMna9ZtZdtDkeQk G2r5UOMIHjYvmOjpIi6/5SeJDmzvinAYR/oz5h9Bs60RfPBC4ujs+H+FbS0GKvL+6vw7K0 IbZH0hLHrQXKHdx6Hz2UVgghsZJODRqc3+Ui1RWRVKnPJMtjabtabZ457EMFyBwd8reE7r mgBAvdpObvUOpQ+G7cELy0sjwJQ6na8iJBLqv0WcwupRjhrdSyrBZHpFO2t3VyUF8SIhD6 tyUKu0h21Zihwph+VIdOh6hV1kjWs/aOU4JiHgDCJnXaCperKssEa3Ma6IR1wQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724129896; a=rsa-sha256; cv=none; b=aehAtBvo+VhJXW/H8tZo7/p4WtpJQfaNEEas+dmwR4sLR6c0d35wo04HEduRl1W3dSKNAt 5CDGP19F4xcIc232Df6vtFGgRcoMUZkereceLgr2THZZLGkFzaPmiqThHW1Zb9XIuX03Hq w1iqSW3/Sk7q7J25vWbCCatDuK0n2SzN2448a/xPpVSWLRiN0J086wPZGbs+iZ0v/lUwi2 AL7UDVfsoM02EywDf37H7DBRAolaT74swwKKrXMrGZ0f5FQ2Io7IyGieA/zQd5uIl0qcWi 9U4FFBv9OLEctTS+ImdXj7vQXSo/p/SCyLooOKTu+Pcb28h8UpYUcbc6YbKQgQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129896; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ywdYdfdLBgc5K/ES/RBZGDrjQQZnZF4NSO2YcallinE=; b=KWdeSUBNBvcHtycSynmnI2JU9vh/Jm1avsG2p9PiZZNDg7DpFATOwme3hXlxI+xkJ4CBE+ L0ODsIXHNtF/uAUec4rjuqTg3YXZMWeHp4NFgeFXEFXNULwtR6fNQ6gEqVFQz/oHDG2c+P p1uLF8HNy+mXu2MRMT4JGdW95qQjWBQCU16tPdYQiIE89cwrTCOp4yY96OB1E7UVcq5wIN YEes2j6Al9iBRkpefURiWX/VKrlPoiHkRj5dMIVe8uCILmEm7r1mc06bF1tjYZPtLEFyJI gkvFPxK0xHUw+7dCJ474zxv5XD0Ab4YjmCAMR6H5MuPc6v5XAAqdyH5kwj4A7w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny082SZKzn1P; Tue, 20 Aug 2024 04:58:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K4wG8m054161; Tue, 20 Aug 2024 04:58:16 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K4wGpp054158; Tue, 20 Aug 2024 04:58:16 GMT (envelope-from git) Date: Tue, 20 Aug 2024 04:58:16 GMT Message-Id: <202408200458.47K4wGpp054158@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 49be9c8b0029 - stable/14 - dhclient: Timeouts for entering state_selecting List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 49be9c8b00298a219c3b8a5271d0e8969e82a47d Auto-Submitted: auto-generated The branch stable/14 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=49be9c8b00298a219c3b8a5271d0e8969e82a47d commit 49be9c8b00298a219c3b8a5271d0e8969e82a47d Author: Isaac Cilia Attard AuthorDate: 2024-07-08 06:11:08 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:57:08 +0000 dhclient: Timeouts for entering state_selecting Use the new add_timeout_timespec() API to handle timeouts for state_selecting within dhclient.c. No functional change intended. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit 76e0ffd9f8fd09f8790a4d96581782225d9019ea) --- sbin/dhclient/dhclient.c | 38 ++++++++++++++++++++++++++++---------- sbin/dhclient/dhcpd.h | 1 + sbin/dhclient/dispatch.c | 3 ++- 3 files changed, 31 insertions(+), 11 deletions(-) diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c index 62e55eb4d01f..b53a6f6c892f 100644 --- a/sbin/dhclient/dhclient.c +++ b/sbin/dhclient/dhclient.c @@ -91,6 +91,7 @@ cap_channel_t *capsyslog; time_t cur_time; +struct timespec time_now; static time_t default_lease_time = 43200; /* 12 hours... */ const char *path_dhclient_conf = _PATH_DHCLIENT_CONF; @@ -120,6 +121,8 @@ struct pidfh *pidfile; */ #define TIME_MAX ((((time_t) 1 << (sizeof(time_t) * CHAR_BIT - 2)) - 1) * 2 + 1) +static struct timespec arp_timeout = { .tv_sec = 2, .tv_nsec = 0 }; +static const struct timespec zero_timespec = { .tv_sec = 0, .tv_nsec = 0 }; int log_priority; static int no_daemon; static int unknown_ok = 1; @@ -1022,7 +1025,11 @@ dhcpoffer(struct packet *packet) struct interface_info *ip = packet->interface; struct client_lease *lease, *lp; int i; - int arp_timeout_needed, stop_selecting; + struct timespec arp_timeout_needed; + struct timespec stop_selecting = { .tv_sec = 0, .tv_nsec = 0 }; + time_now.tv_sec = cur_time; + time_now.tv_nsec = 0; + const char *name = packet->options[DHO_DHCP_MESSAGE_TYPE].len ? "DHCPOFFER" : "BOOTREPLY"; @@ -1078,12 +1085,13 @@ dhcpoffer(struct packet *packet) /* If the script can't send an ARP request without waiting, we'll be waiting when we do the ARPCHECK, so don't wait now. */ if (script_go()) - arp_timeout_needed = 0; + arp_timeout_needed = zero_timespec; + else - arp_timeout_needed = 2; + arp_timeout_needed = arp_timeout; /* Figure out when we're supposed to stop selecting. */ - stop_selecting = + stop_selecting.tv_sec = ip->client->first_sending + ip->client->config->select_interval; /* If this is the lease we asked for, put it at the head of the @@ -1099,9 +1107,13 @@ dhcpoffer(struct packet *packet) offer would take us past the selection timeout, then don't extend the timeout - just hope for the best. */ + + struct timespec interm_struct; + timespecadd(&time_now, &arp_timeout_needed, &interm_struct); + if (ip->client->offered_leases && - (cur_time + arp_timeout_needed) > stop_selecting) - arp_timeout_needed = 0; + timespeccmp(&interm_struct, &stop_selecting, >)) + arp_timeout_needed = zero_timespec; /* Put the lease at the end of the list. */ lease->next = NULL; @@ -1118,16 +1130,22 @@ dhcpoffer(struct packet *packet) /* If we're supposed to stop selecting before we've had time to wait for the ARPREPLY, add some delay to wait for the ARPREPLY. */ - if (stop_selecting - cur_time < arp_timeout_needed) - stop_selecting = cur_time + arp_timeout_needed; + struct timespec time_left; + timespecsub(&stop_selecting, &time_now, &time_left); + + if (timespeccmp(&time_left, &arp_timeout_needed, <)) { + timespecadd(&time_now, &arp_timeout_needed, &stop_selecting); + } /* If the selecting interval has expired, go immediately to state_selecting(). Otherwise, time out into state_selecting at the select interval. */ - if (stop_selecting <= 0) + + + if (timespeccmp(&stop_selecting, &zero_timespec, <=)) state_selecting(ip); else { - add_timeout(stop_selecting, state_selecting, ip); + add_timeout_timespec(stop_selecting, state_selecting, ip); cancel_timeout(send_discover, ip); } } diff --git a/sbin/dhclient/dhcpd.h b/sbin/dhclient/dhcpd.h index 56a38d733501..c375d4087367 100644 --- a/sbin/dhclient/dhcpd.h +++ b/sbin/dhclient/dhcpd.h @@ -362,6 +362,7 @@ char *piaddr(struct iaddr); extern cap_channel_t *capsyslog; extern const char *path_dhclient_conf; extern char *path_dhclient_db; +extern struct timespec time_now; extern time_t cur_time; extern int log_priority; extern int log_perror; diff --git a/sbin/dhclient/dispatch.c b/sbin/dhclient/dispatch.c index aa15c35a9f15..fecc9a5fa5b4 100644 --- a/sbin/dhclient/dispatch.c +++ b/sbin/dhclient/dispatch.c @@ -156,7 +156,8 @@ dispatch(void) struct protocol *l; struct pollfd *fds; struct timespec howlong; - struct timespec time_now = { .tv_sec = cur_time, .tv_nsec = 0 }; + time_now.tv_sec = cur_time; + time_now.tv_nsec = 0; for (l = protocols; l; l = l->next) nfds++; From nobody Tue Aug 20 04:58:17 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny09695Vz5VFp1; Tue, 20 Aug 2024 04:58:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny094VsLz4NWH; Tue, 20 Aug 2024 04:58:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129897; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Yc+WN6p4TPBrMUq9qUCXeYqPk1/k8WNDgBkJDoZ3LYU=; b=wMe7l75fAS1wRmXh66IyDVp/e9b9Zb4/xZ2MA8k8POXNGV04vmVI7U68I7FVHV/qxa8NCa sbqqCyGauo8C8G4BlX9IbviEtBb43RXYBEqNbkiUY3Nc9DfRbTstqtt2H8fXXUCDuvwQ6E GwocnK1SNHviLs0LSRS68AC5Q1qVIEQfZBHtODfyblTho9lMj9m56SlucP/imc9c27hS1s crVT2MLWOgxZ4dvrO3SAjS0j41mYXXCixMJH9qEtCPyT/n3kqhvbgoc98+At5w5m8euB+j HV1JyaInK2+jTWqkfa/UlKAfhyX0UjUnLOwyB6ZYSumfsglH0KnzjylBWYOEWw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724129897; a=rsa-sha256; cv=none; b=i343PuVvBHkKUassoIx7VMyzgqdL90lUWck7tg58b32CU0fmjMu4C0DeZ7udW6uStWbsUg 6/vFOQeBKb0LntR7PxA25SYHd0Ev6ZyipzM/1j+u3IdNxMLITy3ZKreGcbcIU+9ZMkdQNC pKlNfiQ94T339LHE6ui7UDuZOwRw5scIDgzH3J4SMCkDp5n3JQG1IgowPjUxtjAaarY8ED V9yBQjHxrtmnwYfp8RDhjqwukoM+/4ZoB6p7y8VzpDPPN9b1Uae3gR8+UuFdaXD77ZxrsC 1eTBuEc8RRsntN5AfaOnl6zSYbChMUx17PEebLgPDE8+0TNNBZSHQ0L1drGOyw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129897; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Yc+WN6p4TPBrMUq9qUCXeYqPk1/k8WNDgBkJDoZ3LYU=; b=sNcE0v6bdAeD00l+yG+ZqzIFxzupLxjOLc0sRby4DPaBYNHbzQZduXR5GlgT1JbG7myllG c92TzrK8PxrZicm/XKAV3JJrvDihJ9a02UimUyogT6rG6LvqRpohoGJYLTwf9lbvvJliap 36OMkh0a2PyNk5Gjqpr0UreYeAq/eFW43nFo0nkiY3apA1wC2LJwbtm2w55+07mnOxArbe Gv8whDOEblJtckFBn5bX7iVvS28OZl8PO6EUrQVyDjh5fxIP2lKKBY/rWdcKQ60wBQ4Jy3 wg3mwe8ODcXX3PYeS0Z6idCbEwB5JugGZKzFHg8m9i/jzQkkbJO4SutM9w5LLQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny093lGPzlqn; Tue, 20 Aug 2024 04:58:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K4wHZa054216; Tue, 20 Aug 2024 04:58:17 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K4wHr9054213; Tue, 20 Aug 2024 04:58:17 GMT (envelope-from git) Date: Tue, 20 Aug 2024 04:58:17 GMT Message-Id: <202408200458.47K4wHr9054213@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 7ee68314d368 - stable/14 - dhclient: Use clock_gettime() instead of time() List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 7ee68314d36856b349457204ea938a302b4d17a4 Auto-Submitted: auto-generated The branch stable/14 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=7ee68314d36856b349457204ea938a302b4d17a4 commit 7ee68314d36856b349457204ea938a302b4d17a4 Author: Isaac Cilia Attard AuthorDate: 2024-07-08 06:23:00 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:57:08 +0000 dhclient: Use clock_gettime() instead of time() Change the use of time() to clock_gettime() to have millisecond-accurate rather than second-accurate timeouts. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit f0a38976b01e15956fdba48f8b58db22d0af1f7e) --- sbin/dhclient/dhclient.c | 3 ++- sbin/dhclient/dispatch.c | 18 +++++++++++------- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c index b53a6f6c892f..043f7808bb9d 100644 --- a/sbin/dhclient/dhclient.c +++ b/sbin/dhclient/dhclient.c @@ -446,7 +446,8 @@ main(int argc, char *argv[]) log_perror = 0; tzset(); - time(&cur_time); + clock_gettime(CLOCK_MONOTONIC, &time_now); + cur_time = time_now.tv_sec; inaddr_broadcast.s_addr = INADDR_BROADCAST; inaddr_any.s_addr = INADDR_ANY; diff --git a/sbin/dhclient/dispatch.c b/sbin/dhclient/dispatch.c index fecc9a5fa5b4..9b31a8395e0c 100644 --- a/sbin/dhclient/dispatch.c +++ b/sbin/dhclient/dispatch.c @@ -56,6 +56,10 @@ #define assert_aligned(p, align) assert((((uintptr_t)p) & ((align) - 1)) == 0) static struct protocol *protocols; +static const struct timespec timespec_intmax_ms = { + .tv_sec = INT_MAX / 1000, + .tv_nsec = (INT_MAX % 1000) * 1000000 +}; static struct timeout *timeouts; static struct timeout *free_timeouts; static int interfaces_invalidated; @@ -191,9 +195,9 @@ another: * negative timeout and blocking indefinitely. */ timespecsub(&timeouts->when, &time_now, &howlong); - if (howlong.tv_sec > INT_MAX / 1000) - howlong.tv_sec = INT_MAX / 1000; - to_msec = howlong.tv_sec * 1000; + if (timespeccmp(&howlong, ×pec_intmax_ms, >)) + howlong = timespec_intmax_ms; + to_msec = howlong.tv_sec * 1000 + howlong.tv_nsec / 1000000; } else to_msec = -1; @@ -220,16 +224,16 @@ another: /* Not likely to be transitory... */ if (count == -1) { if (errno == EAGAIN || errno == EINTR) { - time(&cur_time); - time_now.tv_sec = cur_time; + clock_gettime(CLOCK_MONOTONIC, &time_now); + cur_time = time_now.tv_sec; continue; } else error("poll: %m"); } /* Get the current time... */ - time(&cur_time); - time_now.tv_sec = cur_time; + clock_gettime(CLOCK_MONOTONIC, &time_now); + cur_time = time_now.tv_sec; i = 0; for (l = protocols; l; l = l->next) { From nobody Tue Aug 20 04:58:18 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny0B6nn3z5VFjX; Tue, 20 Aug 2024 04:58:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny0B5Njvz4Nh7; Tue, 20 Aug 2024 04:58:18 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129898; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=l5qjD9IMKWl2OtJaKwazcoVv1LSBRTkDZtqO5C9mcw0=; b=Eq98KrKIfB08n0z+/3kgcrZRi0o9Bu+OmQiYqa3EY0M+MLq1C131b1Noj/UPbbw/idpXDn 7K68E/UFy4mqHjFtUbNobCJ/Mfe+T/PuqxQNKy7pR57cFbWC52cPhzsuLUBLKxUNY3KC/Z DZjBFX4PRrgVmyVsCD0WGawRl4u5Sgb4HHb0cr/axsmXaUFjLf6A1gRkNVXOZVNKZkJld6 EgBWeWXbSGi4ezbg846AO1zvSVjPpoadcPb3vB2fK8KwkurvTj1S0lYpRjZVBNsoalE110 dIwSaLVIs/Ec0ZBjrTCyOJq6JMUUEe2TRy4z805QGnlaIFQn6lqYZhV7rBM07w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724129898; a=rsa-sha256; cv=none; b=Ryieqa5qn0EwSxyR2CAkFLRvvFhivg8rYWzHMSywNsq+1immfSHie5mraXUECkIcB4EH8b ZjisDYT0VJrT4Jjx5wEg7IoHboS9UO7viShNECBFco1cCGF686xMvd7VL5r+GtOB3S86V+ kurMydHwdYRag/3oLDklFdoilKIwc8tQybUrhutWB0YHRmL8PY0guWINmFsvQDIiGWEyVA dmsor9L1xHXHOfeL11PCf33QOEco42dBUwr+RKdfppuzUboHC0dplz62umhghxGL1dd9rO bau5qypSucCarXRHjjR7ssN+H0iXN9jIIdZRzlKNbO7TS342dSywJTwnyhoNdw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129898; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=l5qjD9IMKWl2OtJaKwazcoVv1LSBRTkDZtqO5C9mcw0=; b=UIJqWJDxIPpyJg4xFc2QZsknb4S4Do/0XIgtaLeiP4zZKTdiHNK+E2A684rq3/adv7vE1e RZXyqH4J72okixl8K1uf5b2gR8GOFeM0NuCdSdhvI2N+dYnsFSktV3Z/iYR5oqDrJJV+Li f1CncbR9zya0n/zbMsfOkf8js04gNwVZoG4P3oGKC7n6hatKcSmXwAlWXDUGqOGbatYKjR W1SuMGhmdk7aX21I8gKL993yLQ0mfNVaNqbT0z6ngALHFJloTFje2kDHC/s+nITf+Tt3Pm 2mU/8LtNwKhXsDaTZPTBn4psBm+cuwVJeb2hqYYFGG4tHGTR6Rk5VeRjmxvEXQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny0B4pzXzmKj; Tue, 20 Aug 2024 04:58:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K4wIWp054255; Tue, 20 Aug 2024 04:58:18 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K4wIDN054252; Tue, 20 Aug 2024 04:58:18 GMT (envelope-from git) Date: Tue, 20 Aug 2024 04:58:18 GMT Message-Id: <202408200458.47K4wIDN054252@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 7bdd17d8d30a - stable/14 - dhclient: Make arp_timeout configurable List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 7bdd17d8d30a2c29dd5d8ea733435917be39eefe Auto-Submitted: auto-generated The branch stable/14 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=7bdd17d8d30a2c29dd5d8ea733435917be39eefe commit 7bdd17d8d30a2c29dd5d8ea733435917be39eefe Author: Isaac Cilia Attard AuthorDate: 2024-07-08 06:33:13 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:57:08 +0000 dhclient: Make arp_timeout configurable Make arp_timeout available to dhclient.c, set the default timeout to 250 ms, and provide a new command-line argument, 'n' for setting the timeout to 0. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit b51569ad3c806688befc00dad51d15a7e61659fb) --- sbin/dhclient/dhclient.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c index 043f7808bb9d..4a674cec5888 100644 --- a/sbin/dhclient/dhclient.c +++ b/sbin/dhclient/dhclient.c @@ -121,7 +121,7 @@ struct pidfh *pidfile; */ #define TIME_MAX ((((time_t) 1 << (sizeof(time_t) * CHAR_BIT - 2)) - 1) * 2 + 1) -static struct timespec arp_timeout = { .tv_sec = 2, .tv_nsec = 0 }; +static struct timespec arp_timeout = { .tv_sec = 0, .tv_nsec = 250 * 1000 * 1000 }; static const struct timespec zero_timespec = { .tv_sec = 0, .tv_nsec = 0 }; int log_priority; static int no_daemon; @@ -386,7 +386,7 @@ main(int argc, char *argv[]) cap_openlog(capsyslog, getprogname(), LOG_PID | LOG_NDELAY, DHCPD_LOG_FACILITY); cap_setlogmask(capsyslog, LOG_UPTO(LOG_DEBUG)); - while ((ch = getopt(argc, argv, "bc:dl:p:qu")) != -1) + while ((ch = getopt(argc, argv, "bc:dl:np:qu")) != -1) switch (ch) { case 'b': immediate_daemon = 1; @@ -400,6 +400,9 @@ main(int argc, char *argv[]) case 'l': path_dhclient_db = optarg; break; + case 'n': + arp_timeout = zero_timespec; + break; case 'p': path_dhclient_pidfile = optarg; break; @@ -576,7 +579,7 @@ void usage(void) { - fprintf(stderr, "usage: %s [-bdqu] ", getprogname()); + fprintf(stderr, "usage: %s [-bdnqu] ", getprogname()); fprintf(stderr, "[-c conffile] [-l leasefile] interface\n"); exit(1); } From nobody Tue Aug 20 04:58:19 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny0D1J4yz5VFh1; Tue, 20 Aug 2024 04:58:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny0C684nz4NWq; Tue, 20 Aug 2024 04:58:19 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129899; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WJC2MQLOBrX0Gel5lYZDc/0BBVVNkRt9I1Dim/+TlJ4=; b=kR15WH0O3pNKNZlk3wJ/a12egknYTwqP7E2HryYfwDq5SAx+2u85SbwUZbSnJSXsW7A+lV U8ilg8RorvohEkw5wQR/xQgmoPM77oWTJCzyQdtZWqSf90xLXXUfi4gKqDgGTGOMVnoCd7 +NDMqQEmWEXpVa8IR8R6gHXHIqcCsZ/PGePEBKezK8P0ScmXQxybes6LH/UC1LucfPmDt/ xY9HREQak2L9VxT8DMuofvZCK++zsnq9Jc0BklKJhEE5EeTNt0PxbvAc/W0j6UWWEwUo43 7Gi9d6hk9pESfSXkYrIh+aDERHUaH3+vWnOTrQBv5B+neKL7l5R0+E0mRV+A8w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724129899; a=rsa-sha256; cv=none; b=Ze2vFzQuc4HY6SWILB0f2cTh9jp+HgoOgk6YMHfQpxJy1f/AufdsvPKl62+GP8MA7egr7g x/9P1EcdBRmjRwlCDOq55o8Uqv+z1gfFSCglDv4ktkvJDgz9Ds6lA2A6FuglShPb0+OCyd T/jV7JUTZV7OOuQvTjEb9btounREYd6J3asCTdr0GkyLRmeMc1Oqn+z+ywC8bwHSZ5hLrS cs6c7i5BBl6PHokzZyf8Lbvwaz6wyt/3UPFuBkcOq4+xHHhHLRYpvNdPTJVHmmB/7DmEet 38AwvkOLJPmOodAfq2GOs4bPykzgnXNXj7e8l+Q5dwevqCzs55FLz2Q62Txl2w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129899; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WJC2MQLOBrX0Gel5lYZDc/0BBVVNkRt9I1Dim/+TlJ4=; b=Dt9qq3BHhR2xnsaspL6k5+fC8tYNxc5dNNecPI0raim+oOxa3SSO51dRAz42j0uXpRoSun s7791gUvlEmFE77aghAsMvCwoNJMXnoUSoxGiSsXSThR/tVIyv0c6bCWtzHNu37WnkXd1f L/1w/LLLRUYfh1NkADAmlT6IOp4JBmg9d7Ovz/2xl+MDJlaHhxadC4mRzTaK8EkZ4oZY0I npBEjRQLNtgB8/PQDaSydGMAT1CFbtTyfkh1qd/Q8JABahIRAFFc+NSEbERwDDxbyXbVUs wncBtDaJ9+K701YsVej4mty2r1cNRlk9w93kWCnR7t5UW7CzibyccNtgVHBJAw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny0C5lzczmnl; Tue, 20 Aug 2024 04:58:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K4wJ3Y054306; Tue, 20 Aug 2024 04:58:19 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K4wJWD054303; Tue, 20 Aug 2024 04:58:19 GMT (envelope-from git) Date: Tue, 20 Aug 2024 04:58:19 GMT Message-Id: <202408200458.47K4wJWD054303@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: fca891c011cc - stable/14 - dhclient: Update dhclient man page for n flag List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: fca891c011cc7c817c2622aa59c4e80c52fe674f Auto-Submitted: auto-generated The branch stable/14 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=fca891c011cc7c817c2622aa59c4e80c52fe674f commit fca891c011cc7c817c2622aa59c4e80c52fe674f Author: Isaac Cilia Attard AuthorDate: 2024-07-13 10:18:05 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:57:09 +0000 dhclient: Update dhclient man page for n flag Document new n flag for disabling ARP resolution within dhclient. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit 84fce4b67adc1ed1882d9371eb5d92dbbc79766d) --- sbin/dhclient/dhclient.8 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sbin/dhclient/dhclient.8 b/sbin/dhclient/dhclient.8 index a7328304fa68..7f0b418128ca 100644 --- a/sbin/dhclient/dhclient.8 +++ b/sbin/dhclient/dhclient.8 @@ -36,7 +36,7 @@ .\" see ``http://www.isc.org/isc''. To learn more about Vixie .\" Enterprises, see ``http://www.vix.com''. .\" -.Dd August 4, 2018 +.Dd August 1, 2024 .Dt DHCLIENT 8 .Os .Sh NAME @@ -82,6 +82,10 @@ will revert to running in the background. Specify an alternate location, .Ar file , for the leases file. +.It Fl n +Make +.Nm +not wait for ARP resolution. .It Fl p Ar file Specify an alternate location for the PID file. The default is From nobody Tue Aug 20 04:58:20 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny0F1P4Cz5VG0J; Tue, 20 Aug 2024 04:58:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny0F02Xyz4Nkm; Tue, 20 Aug 2024 04:58:21 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129901; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=A8+j7ZXUGDhCK9Tw09eyx1B49Z0p83l/irGHnjomN2E=; b=bnrDX4HsCB6p+8uxVBTsoRzVpQ5c5jjoc2XwcQfDYwZK4wFPgonNryfa6Y/n0sGdBN4tMc 9SVdxxidabSm03tduE3VmWEF+BW0km9MbM/z/MKF2PhteApk/wSYHchI0ECjx017+TsTeQ 59QQuoFObYqIFCTBrXLdGWHJ0ebfjshCC9otdd9yFNmX8MMCKETU7oRdviYawOQ6iAziJ9 GMmaYWpe22tIyI05712Dl2wixcMFZQQDZcGMNxwg5Sjbb1aceFzU+MjBfsnaQMNf/kHh8f 8aXItGNF8jYx+WXzUFxAquClk5jC+M9AkvhwSxMBk5xlz85gB9YSCShIbTfclw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724129901; a=rsa-sha256; cv=none; b=ur1dTSP21UbOlK1BLTDHFJjS0VgipN5CQl5gktgDy6koQzGOZofAoKpfPuYoOaFROZfxD4 1Ffunvfl3vco8pjxuoc+Z4zg1zMRG4XVs62bzL9vIkSFKWU7sDCvl0gndu2gyxpwzY7M1B OxHKHEVTHQ8Sq0MSDn7Ry2CAhruyZpREKXffa2fhSw7XR1QO2SyDSyzxjYZJ7VOT6Lhw5f dZoMaW/GJCn0QKjSKnCDZZOr81FK9uLhfp7rJeZaFHioi+abm7XvLHgx/30Eyjt7cdidPM pSirEfRqF4MHL3cZyV2gH9Bq9uw/12iCpd51hlCZrIp970PxxoZEB9px/EzfyA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129901; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=A8+j7ZXUGDhCK9Tw09eyx1B49Z0p83l/irGHnjomN2E=; b=P+dFMU/K5Jx28qh1NMshGh1D1I+A6V70GbHUjhX6TptTksamIjVMTxERFRvdLgiL44sQdS 9+J+Or5poHsyKhf+IkuB3r2ljoox/4/JY4EI9HjfjYmlko48pAItJVAONI6An6RQD9TOtZ Cb8+ZOOr84XOo//WEKqi6EMZmy3K/Ag6SSx4T3A9rqCJM0cr/0aS3U//5PHAraKRaJYsPA 3vqMkfbRSC/2v+qxO88tnFC+8El57iKcfpEa6KnBj40dBWM99C14ps054X6CkE3G9Vti7F 7v4ZkHsFZpEkOhB8jHjwkkJmLfCErRk0O5gszMYAtibVCMBjfKdVrjoHb6q3kw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny0D6mkKzlqp; Tue, 20 Aug 2024 04:58:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K4wKCS054354; Tue, 20 Aug 2024 04:58:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K4wKtf054351; Tue, 20 Aug 2024 04:58:20 GMT (envelope-from git) Date: Tue, 20 Aug 2024 04:58:20 GMT Message-Id: <202408200458.47K4wKtf054351@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 54bd53672395 - stable/14 - dhclient: rc.conf option to disable ARP resolution List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 54bd53672395c9902058da58cf7c9d4443785e5a Auto-Submitted: auto-generated The branch stable/14 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=54bd53672395c9902058da58cf7c9d4443785e5a commit 54bd53672395c9902058da58cf7c9d4443785e5a Author: Isaac Cilia Attard AuthorDate: 2024-07-13 10:07:29 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:57:09 +0000 dhclient: rc.conf option to disable ARP resolution Introduce a new rc.conf option to not wait for ARP resolution within dhclient. This is plausible on many modern networks where it is possible to trust the DHCP server to know whether an IP address is available. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit 503adcdf1db35eab0f3d35392947a6da3bd19539) --- libexec/rc/rc.conf | 1 + libexec/rc/rc.d/dhclient | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf index 5073718e91f4..8b56a490b5ec 100644 --- a/libexec/rc/rc.conf +++ b/libexec/rc/rc.conf @@ -144,6 +144,7 @@ dhclient_flags="" # Extra flags to pass to dhcp client. #dhclient_flags_em0="" # Extra dhclient flags for em0 only background_dhclient="NO" # Start dhcp client in the background. #background_dhclient_em0="YES" # Start dhcp client on em0 in the background. +dhclient_arpwait="YES" # Wait for ARP resolution synchronous_dhclient="NO" # Start dhclient directly on configured # interfaces during startup. defaultroute_delay="30" # Time to wait for a default route on a DHCP interface. diff --git a/libexec/rc/rc.d/dhclient b/libexec/rc/rc.d/dhclient index e2f204076eb6..3e6511fb6f26 100755 --- a/libexec/rc/rc.d/dhclient +++ b/libexec/rc/rc.d/dhclient @@ -48,6 +48,10 @@ dhclient_prestart() rc_flags="${rc_flags} -b" fi + dhclient_arpwait=$(get_if_var $ifn dhclient_arpwait_IF $dhclient_arpwait) + if ! checkyesno dhclient_arpwait; then + rc_flags="${rc_flags} -n" + fi # /var/run/dhclient is not guaranteed to exist, # e.g. if /var/run is a tmpfs From nobody Tue Aug 20 04:58:21 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny0G36jFz5VFjd; Tue, 20 Aug 2024 04:58:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny0G0ksnz4Nhj; Tue, 20 Aug 2024 04:58:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129902; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nLry5KJ47Vyo0da35DeaezoWoHVks4Lussxo3ARBQoo=; b=ni6uOYckPX9ZZ4nl0XBPoJRHT6jyliEedkgPFiasgbgopMnzgPswwIXnbBl5hfJIVKtSLy zFA3JfnS+LOt9kZC/ebugawMETVHozrDROo9VUkDZ6fru4oPGroLTdO6PP1Vute1m3zB8J NKqJnfiGdGZbUX7VaynSmcqL4yMgMIoxfMQyuKbeT41bM8+t3FgMdT7iPUpVlOuyZQRUD4 XPnn5LGZCW08GbW86KvSdkGdTUBPnSW92jsHPUfG6DdFBWyZXew4JJwWPJbmTJDEGYofzU WgnjI5+//I4kNJTdh5Pg5cEam8eha94lQw9dsmZkh3U3cXkxs+lOA4Q7/T3ITQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724129902; a=rsa-sha256; cv=none; b=BwCwDCwKZwHADu8IM5Z/EZQDqzsXjAFoC7/M17kUEGjIe5uqQG+MqzteiljaWwG8us96Ha sHpDnk2wW456qRZu64Cu0iSuSJ7a9kbAYioa8fBY3b2kws9o6M9lJlXzR0igsHhlr7lCOv vqMFPnfbWgbFa2T2kmbqqg9PQAa4uwauIKlsDS//So6DbWFeR1QAOldbgaXQlS1SYvMt2V sX9OoWhwa1BosNxkLKKQI8SVQYtEKomihXwBqyTQW5mzG3kKii/r/wPRrVn5Fr+Xn1thzR W2Jx/B298U8U4iepHGcaCDN3rtIB2Zrp/re0vKmcEzqzQBm3lVWO4GUXmDx99g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129902; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nLry5KJ47Vyo0da35DeaezoWoHVks4Lussxo3ARBQoo=; b=KVa4rzylcQWKSO3E+37RSJHw2nKQi2cqN2ZCOSjlKHdsAmB7GPWHGr+bIa4a/qsCuiH+AY u95NuTdXp8AUp2Pq0NiW1nrtjM0BQT4I4TBxa/ftW0PfnUq+60JNkIOCAwSEEkpvxqZlvs 0T59+H5ZBQBqq4thkfH64uZAolZ3J3PSPwKBKORhyGUeteypD9jjFWI+fRXkAvA2yvFMEC 6X4eJ4NN2rZKSwfAOskVLX3XvkcQ4RqOKQYLgNL6bRdzbCfY0EhMCvK8016aR7e4jcQmO4 1b5gWW2Wmsjs3gDmlHOsyB+yUa+aAWwaspci8srT9Ya1HYUjL9aKggt6xNbdUA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny0G0LFwzmnm; Tue, 20 Aug 2024 04:58:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K4wLYD054399; Tue, 20 Aug 2024 04:58:21 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K4wLqC054396; Tue, 20 Aug 2024 04:58:21 GMT (envelope-from git) Date: Tue, 20 Aug 2024 04:58:21 GMT Message-Id: <202408200458.47K4wLqC054396@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 95256f403c47 - stable/14 - dhclient: Update rc.conf.5 with dhclient_arpwait List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 95256f403c47174733cedca6996957bb932fb356 Auto-Submitted: auto-generated The branch stable/14 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=95256f403c47174733cedca6996957bb932fb356 commit 95256f403c47174733cedca6996957bb932fb356 Author: Isaac Cilia Attard AuthorDate: 2024-08-08 06:34:59 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:57:09 +0000 dhclient: Update rc.conf.5 with dhclient_arpwait Add new dhclient_arpwait option to rc.conf.5, with information about what it does, and cases in which it could be disabled. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit e4482bfde9b10a4d0edd0e2d956a87b76db2cb1f) --- share/man/man5/rc.conf.5 | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5 index 5a8e4e2c1c5b..0576d26ce059 100644 --- a/share/man/man5/rc.conf.5 +++ b/share/man/man5/rc.conf.5 @@ -599,6 +599,15 @@ When specified, this variable overrides the variable for interface .Ar iface only. +.It Va dhclient_arpwait +.Pq Vt bool +Set to +.Dq Li NO +to stop +.Xr dhclient 8 +from waiting for ARP resolution, to make the system boot faster. +This may be done on networks where the DHCP server is certain to +know whether an address is available. .It Va synchronous_dhclient .Pq Vt bool Set to From nobody Tue Aug 20 04:58:23 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny0H5zQTz5VFrl; Tue, 20 Aug 2024 04:58:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny0H26GLz4NZf; Tue, 20 Aug 2024 04:58:23 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129903; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=p45zZdR+hlPBJ8u3ABxHTFdHgrL5LORlw12Y+76s9iU=; b=a5JvPbHEIEloQ/Q/nzIuqx+0zHN8092YXtdIwAnwU8ZoV3eglmnZE93aPPor7ca2L+m/xX psFpGwoxsQ1wFkm7EtWRlmZ5gPHZru8pqpmh3PpDn2eu4OLZykCJE8rYyh9naikRjh6AhS cbzxaoApyjmum3kbuj6/ACYCWrYpEjrDW/GaadnPlKZnJvEhlT7wI7hc71FMSJ6J/fBudc GPHNblWBR/xKjPw3uaH56BjHHFeLSatiPFmNVATRct9UHFBrG/jXwi3ijdoirc1t11f3dr 7jO6elo0KWYfyJuQIlLkvhcNseB8G4DoVdt0zxyckhhsicaZgiEC+NtFLl0iFA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724129903; a=rsa-sha256; cv=none; b=cHYUW+Udqrv7fY0zlvTINV8+rYYS6fizsgbWlbBi3YSiHmRcBqJkYwi6YGB1aZSoenK/MP Za6zGzhAdhVnL0ypf6Y7x5BHKyQDxsWLm05QGQo42vYSawDA/IATTlLYihWc9H/+s8c30G Pw4WHALP5/cAinV7VNR8WrG0GTMsANwHSeHEJgKxSd1B/IShyb/WTmJ+/8VdJjL1j9tS8z Qaw9PDQkVnS6uQ5pZSJY0ewAgIeFA8atGp6cWHh2xQCM59hDK47NsKieFHPQZQ60Bje+Pp KBZJwxSplVD7OkOC17UXQ2saXdUznt2RFEkiClVDR4jCSMGjOFe+phT2xYSXyQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724129903; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=p45zZdR+hlPBJ8u3ABxHTFdHgrL5LORlw12Y+76s9iU=; b=SX8wra1NQ45BhyF3A84IWTVei4jGnCM5/yWHPZlCsl2Lvy8r8uYM1MrJkTvQCXa226mgLl dt0C+91/dXQ/XGc1LXmDqvZyy7CmdgdLzVTOS0eaNKZFeu0C6NvHmRwss96qFMgH5RQi+v csMi3RMVC/keFNm02F/F6tKP7tdB8jNiwmQ0H+JU8uO+loPsFEl1r2dhZg0jsMNH1I3fHe sy7oNMxcQ2MSXjDpAbqGthmwDCqHfQiqHmh26+nyrnkqWwik3iTy5aUKOVYMbIQbTVqi8+ YdmjS0bEAbpBTt5SWeMJ5CfE9EgHcBYBZJG5lnwJw0mVf762ZhB/pIgdmVx+AA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny0H1kbtzmKk; Tue, 20 Aug 2024 04:58:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K4wNp3054441; Tue, 20 Aug 2024 04:58:23 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K4wNE7054438; Tue, 20 Aug 2024 04:58:23 GMT (envelope-from git) Date: Tue, 20 Aug 2024 04:58:23 GMT Message-Id: <202408200458.47K4wNE7054438@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 7300dec10a0b - stable/14 - EC2: Set dhclient_arpwait="NO" List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 7300dec10a0bfd25bc1163a577a66666ab1d97ab Auto-Submitted: auto-generated The branch stable/14 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=7300dec10a0bfd25bc1163a577a66666ab1d97ab commit 7300dec10a0bfd25bc1163a577a66666ab1d97ab Author: Colin Percival AuthorDate: 2024-08-09 23:55:30 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:57:09 +0000 EC2: Set dhclient_arpwait="NO" The DHCP server in EC2 knows exactly which system should be using which IP address (and in fact EC2 has source IP filtering on by default) so there's no point ARPing an address before using it. The preceding commits (changing the ARP wait time from 2 s to 250 ms) and this one (eliminating the wait entirely in EC2) reduce the time required for a newly launched FreeBSD/EC2 instance to launch by 2 seconds. Discussed with: icattard MFC after: 10 days Sponsored by: Amazon (cherry picked from commit 54a543d5ea3a58aee2f001498376127efea24bd2) --- release/tools/ec2-base.conf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/release/tools/ec2-base.conf b/release/tools/ec2-base.conf index f4c46fe285cd..d80035e11ed7 100644 --- a/release/tools/ec2-base.conf +++ b/release/tools/ec2-base.conf @@ -26,6 +26,11 @@ vm_extra_pre_umount() { # requires accept_rtadv. echo 'ifconfig_DEFAULT="SYNCDHCP accept_rtadv"' >> ${DESTDIR}/etc/rc.conf + # The EC2 DHCP server can be trusted to know whether an IP address is + # assigned to us; we don't need to ARP to check if anyone else is using + # the address before we start using it. + echo 'dhclient_arpwait="NO"' >> ${DESTDIR}/etc/rc.conf + # Enable IPv6 on all interfaces, and spawn DHCPv6 via rtsold echo 'ipv6_activate_all_interfaces="YES"' >> ${DESTDIR}/etc/rc.conf echo 'rtsold_enable="YES"' >> ${DESTDIR}/etc/rc.conf From nobody Tue Aug 20 05:02:10 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny4f2g61z5VG0q; Tue, 20 Aug 2024 05:02:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny4f1yfMz4QgV; Tue, 20 Aug 2024 05:02:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130130; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=iAVE/cr2fjbTk76HaCNZBRMQ/f/yHTLP4G2jbvJCTPw=; b=Wbb3Tm/aPLsXfd3Y+lyz33kJj4w/e3tZnmJd4MmrVFK10yc0m/IlvOrhwenvg5gfuf8QHc WkGD9CmTWPJKSZVN7g+teMUeoIH/UaVHhnXhxMTjyGN5a1HuttJGlK3ByUF7ECkPkOI3g+ NRkQVaFTWhYQ089dGN5Hnk/6nrbup9URcLGdcZ2lflf7D83VO+GJEzqci5z65FA88SVzmY M5U3lUkD5ezxZ4mz7V6o5pW+pBuHPzQO/yaVam02GuwgB+TG+WIcN1zyHF28znMjvrWhdU gNets6P7jtCEszpU/6ZIdWMKCK+8r29L7c9w95SOAKMgFfxoLC3Ct46DwppNvw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724130130; a=rsa-sha256; cv=none; b=colKg4j8GzfzCACL31mJDic1XkZNrMXHmhcARBfEubkpuU+hbt0UGYJWEv+uhE5xwZ4afI 3u5gLhLkHfUwaX2882xjZ7SoQO9BSs/qFewCiuPsyQw33iqXTdbdcAYW6XLW6l902ev/qf 2qOGozDTaerN7lnrGcajrbA9xOv3QbY2Js+Yl4ja/YNtCQL1KuAlcQK60Lzlz4t33WCFUM OyXeOYcX2lWw6Nbxr4O2gskfe8lyMojdUfZoCzdyDWpFzktbYKLKv6Mv35lisAjQ7xmAvD eYhSAccWhTT7kSjxszQxlwRzTqtyEz+SHm4FHABewo98JemqBW+BTE1ZPwIUgg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130130; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=iAVE/cr2fjbTk76HaCNZBRMQ/f/yHTLP4G2jbvJCTPw=; b=DDIOvkH3Bnpybp/nfXsjvR+qbMyt/G0YxCdOZAcF+KUTNvg0zjeP0TtyKtcmeCca0pvJhw cz8gnRizZF/UNlAciq+SKcRUjAmM4SVGHloCp/jjPvZuOcbBRdJZB9i0pIrgYpguG2jxLI OFzVLezShnIoLEGKImlf4QD2DBeNhThfLHwsUmjrg3KTC/F0KCeYwVjeB5SglLl2TQBiA3 AIu+o5XdttUoAL3FvsfrLUnfraMJ7CVKRHDuLocRl0fowc/QYa56zWd7Rx063GcT6XiR1l PQ31LhdZ5jU9CLrzsEKTY7KmHW7e844jPHdR9h8QUgXnnEBaBvm6ciRf8JlLfw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny4f1Ysmzn6l; Tue, 20 Aug 2024 05:02:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K52AJp072061; Tue, 20 Aug 2024 05:02:10 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K52AMB072058; Tue, 20 Aug 2024 05:02:10 GMT (envelope-from git) Date: Tue, 20 Aug 2024 05:02:10 GMT Message-Id: <202408200502.47K52AMB072058@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: ce9a5b417909 - stable/13 - dhclient: Switch timeouts from time_t to timespec List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: ce9a5b417909d2617b6580df1e25136394b928a0 Auto-Submitted: auto-generated The branch stable/13 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=ce9a5b417909d2617b6580df1e25136394b928a0 commit ce9a5b417909d2617b6580df1e25136394b928a0 Author: Isaac Cilia Attard AuthorDate: 2024-07-08 05:43:09 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:58:35 +0000 dhclient: Switch timeouts from time_t to timespec Introduce a new function, add_timeout_timespec(), to use timespec structs to handle timeouts. Make add_timeout() into a wrapper for the latter function to retain compatibility with the rest of the codebase. No functional change intended. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit 16a235f23c066d27b3a53c66cf6aa329be07cdb9) --- sbin/dhclient/dhcpd.h | 3 ++- sbin/dhclient/dispatch.c | 28 +++++++++++++++++++--------- 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/sbin/dhclient/dhcpd.h b/sbin/dhclient/dhcpd.h index 33c34c9ca9df..8e4c1344843a 100644 --- a/sbin/dhclient/dhcpd.h +++ b/sbin/dhclient/dhcpd.h @@ -218,7 +218,7 @@ struct interface_info { struct timeout { struct timeout *next; - time_t when; + struct timespec when; void (*func)(void *); void *what; }; @@ -320,6 +320,7 @@ void reinitialize_interfaces(void); void dispatch(void); void got_one(struct protocol *); void add_timeout(time_t, void (*)(void *), void *); +void add_timeout_timespec(struct timespec, void (*)(void *), void *); void cancel_timeout(void (*)(void *), void *); void add_protocol(const char *, int, void (*)(struct protocol *), void *); void remove_protocol(struct protocol *); diff --git a/sbin/dhclient/dispatch.c b/sbin/dhclient/dispatch.c index 7347736cc787..c02cb2c52796 100644 --- a/sbin/dhclient/dispatch.c +++ b/sbin/dhclient/dispatch.c @@ -166,7 +166,8 @@ dispatch(void) int count, live_interfaces, i, to_msec, nfds = 0; struct protocol *l; struct pollfd *fds; - time_t howlong; + struct timespec howlong; + struct timespec time_now = { .tv_sec = cur_time, .tv_nsec = 0 }; for (l = protocols; l; l = l->next) nfds++; @@ -184,7 +185,7 @@ another: if (timeouts) { struct timeout *t; - if (timeouts->when <= cur_time) { + if (timespeccmp(&timeouts->when, &time_now, <=)) { t = timeouts; timeouts = timeouts->next; (*(t->func))(t->what); @@ -199,10 +200,10 @@ another: * int for poll, while not polling with a * negative timeout and blocking indefinitely. */ - howlong = timeouts->when - cur_time; - if (howlong > INT_MAX / 1000) - howlong = INT_MAX / 1000; - to_msec = howlong * 1000; + timespecsub(&timeouts->when, &time_now, &howlong); + if (howlong.tv_sec > INT_MAX / 1000) + howlong.tv_sec = INT_MAX / 1000; + to_msec = howlong.tv_sec * 1000; } else to_msec = -1; @@ -230,6 +231,7 @@ another: if (count == -1) { if (errno == EAGAIN || errno == EINTR) { time(&cur_time); + time_now.tv_sec = cur_time; continue; } else error("poll: %m"); @@ -237,6 +239,7 @@ another: /* Get the current time... */ time(&cur_time); + time_now.tv_sec = cur_time; i = 0; for (l = protocols; l; l = l->next) { @@ -367,7 +370,14 @@ active: } void -add_timeout(time_t when, void (*where)(void *), void *what) +add_timeout(time_t when_s, void (*where)(void *), void *what) +{ + struct timespec when = { .tv_sec = when_s, .tv_nsec = 0 }; + add_timeout_timespec(when, where, what); +} + +void +add_timeout_timespec(struct timespec when, void (*where)(void *), void *what) { struct timeout *t, *q; @@ -406,7 +416,7 @@ add_timeout(time_t when, void (*where)(void *), void *what) /* Now sort this timeout into the timeout list. */ /* Beginning of list? */ - if (!timeouts || timeouts->when > q->when) { + if (!timeouts || timespeccmp(&timeouts->when, &q->when, >)) { q->next = timeouts; timeouts = q; return; @@ -414,7 +424,7 @@ add_timeout(time_t when, void (*where)(void *), void *what) /* Middle of list? */ for (t = timeouts; t->next; t = t->next) { - if (t->next->when > q->when) { + if (timespeccmp(&t->next->when, &q->when, >)) { q->next = t->next; t->next = q; return; From nobody Tue Aug 20 05:02:11 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny4g5xmcz5VFpY; Tue, 20 Aug 2024 05:02:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny4g43tzz4QjR; Tue, 20 Aug 2024 05:02:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130131; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=77PHJQK8Sgy6k/Qs9BOD3iF8y/gj68oIlGnX/cpSeC8=; b=XBvDMyhoxStF43OilkGRCdAEftcLs84/hK+RXSiVr5nyYV/RrABBOoE+kT3mMzF1CKcIo0 nxvcYmldhkjmTmUPK6+zgFXdAJUxT1Y3PeJsgS4DMrRAWBAo2w9pO1Fszp0z7mHovYS8Jh cTFNj4JldPA2bwpwIBF5bEgq+xrovltixR/+NgDgmLy0tWyI1xkQYisW3c1/4fYQGIwInY Jo4uKM7rRNnAA8xUIfnxx5Tc7fGjX1UhgEWKyV12GStgOpoE/CE1J60u1MYASQAFxEu9Vs YxDjpoU27NXnwUmlKcKosF4yNbvWEtR/0YqXurR2mcgo5WAWhHbrIFjwM17eQA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724130131; a=rsa-sha256; cv=none; b=WbqJ2tBPEm8RlhYrJVn9jCVIgOfkTOSqWmqe7rBen02IgmfozNz4qvbNBvIp0b1C39BGm8 Grclk59pz70wgtDmeIPiMpmwKRxrxsUJ1fV7JOvN+KOuJOUdL9xg4CMgBe9x7mCkwNi7qu kcxZPqVH85jUrsw8mqohzMA9XL+CXtu38ViNy0xnQxgxPXKv5eao9oc/mqx/qzRGvh/x+l kHxxztk9moIWFS57a/KiXO865CxALTP0M9SmL/WZ812sHAPs8vhOx6L8LkBWmPZCFmnbfZ ccKiB2hRC7l27MlKDD+69+IHkr/1tiLlehVt2Hn9GDUhBBOb3hSQO0pmdrLLvw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130131; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=77PHJQK8Sgy6k/Qs9BOD3iF8y/gj68oIlGnX/cpSeC8=; b=ivFF3mJR8vhROpsK8tAe+cGwPN6D+70iNFMIaCDT21sCjPH/np5/chOub1QHg0PsB2xhSe qRctytY1EDPxbwmMHvjjnALf1+6Ngk2Go7cox85jyXgRGvPV02CvgS8bkvnWrGG2V7v3Ao MguqpyDH7pevKOE2IJCr5U7CpOGi4l1R9+1zrjx93sxCl97d6VwczbgrXRHtqXygQ5OG2V Y/XvOyZnKuwroVG9M5quTyOyV49NZf596Mh/MBE6qavqMcvkC/HoxPxufEYsmL4r+Jk4Nj NN0a5Opv9g6HzOTQBSCDbWtD+5kNBpLpfDH1tQ7hJSKx9E1jJVIcxFn2irHuzg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny4g2YWszn7g; Tue, 20 Aug 2024 05:02:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K52BPq072105; Tue, 20 Aug 2024 05:02:11 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K52B4M072102; Tue, 20 Aug 2024 05:02:11 GMT (envelope-from git) Date: Tue, 20 Aug 2024 05:02:11 GMT Message-Id: <202408200502.47K52B4M072102@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 850e82126771 - stable/13 - dhclient: Timeouts for entering state_selecting List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 850e8212677157fe7a086e1b7f7b2f33fba668ae Auto-Submitted: auto-generated The branch stable/13 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=850e8212677157fe7a086e1b7f7b2f33fba668ae commit 850e8212677157fe7a086e1b7f7b2f33fba668ae Author: Isaac Cilia Attard AuthorDate: 2024-07-08 06:11:08 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:58:35 +0000 dhclient: Timeouts for entering state_selecting Use the new add_timeout_timespec() API to handle timeouts for state_selecting within dhclient.c. No functional change intended. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit 76e0ffd9f8fd09f8790a4d96581782225d9019ea) --- sbin/dhclient/dhclient.c | 38 ++++++++++++++++++++++++++++---------- sbin/dhclient/dhcpd.h | 1 + sbin/dhclient/dispatch.c | 3 ++- 3 files changed, 31 insertions(+), 11 deletions(-) diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c index 1bdd0eb68f8f..1a39ab1517c2 100644 --- a/sbin/dhclient/dhclient.c +++ b/sbin/dhclient/dhclient.c @@ -91,6 +91,7 @@ cap_channel_t *capsyslog; time_t cur_time; +struct timespec time_now; static time_t default_lease_time = 43200; /* 12 hours... */ const char *path_dhclient_conf = _PATH_DHCLIENT_CONF; @@ -120,6 +121,8 @@ struct pidfh *pidfile; */ #define TIME_MAX ((((time_t) 1 << (sizeof(time_t) * CHAR_BIT - 2)) - 1) * 2 + 1) +static struct timespec arp_timeout = { .tv_sec = 2, .tv_nsec = 0 }; +static const struct timespec zero_timespec = { .tv_sec = 0, .tv_nsec = 0 }; int log_priority; static int no_daemon; static int unknown_ok = 1; @@ -1022,7 +1025,11 @@ dhcpoffer(struct packet *packet) struct interface_info *ip = packet->interface; struct client_lease *lease, *lp; int i; - int arp_timeout_needed, stop_selecting; + struct timespec arp_timeout_needed; + struct timespec stop_selecting = { .tv_sec = 0, .tv_nsec = 0 }; + time_now.tv_sec = cur_time; + time_now.tv_nsec = 0; + const char *name = packet->options[DHO_DHCP_MESSAGE_TYPE].len ? "DHCPOFFER" : "BOOTREPLY"; @@ -1079,12 +1086,13 @@ dhcpoffer(struct packet *packet) /* If the script can't send an ARP request without waiting, we'll be waiting when we do the ARPCHECK, so don't wait now. */ if (script_go()) - arp_timeout_needed = 0; + arp_timeout_needed = zero_timespec; + else - arp_timeout_needed = 2; + arp_timeout_needed = arp_timeout; /* Figure out when we're supposed to stop selecting. */ - stop_selecting = + stop_selecting.tv_sec = ip->client->first_sending + ip->client->config->select_interval; /* If this is the lease we asked for, put it at the head of the @@ -1100,9 +1108,13 @@ dhcpoffer(struct packet *packet) offer would take us past the selection timeout, then don't extend the timeout - just hope for the best. */ + + struct timespec interm_struct; + timespecadd(&time_now, &arp_timeout_needed, &interm_struct); + if (ip->client->offered_leases && - (cur_time + arp_timeout_needed) > stop_selecting) - arp_timeout_needed = 0; + timespeccmp(&interm_struct, &stop_selecting, >)) + arp_timeout_needed = zero_timespec; /* Put the lease at the end of the list. */ lease->next = NULL; @@ -1119,16 +1131,22 @@ dhcpoffer(struct packet *packet) /* If we're supposed to stop selecting before we've had time to wait for the ARPREPLY, add some delay to wait for the ARPREPLY. */ - if (stop_selecting - cur_time < arp_timeout_needed) - stop_selecting = cur_time + arp_timeout_needed; + struct timespec time_left; + timespecsub(&stop_selecting, &time_now, &time_left); + + if (timespeccmp(&time_left, &arp_timeout_needed, <)) { + timespecadd(&time_now, &arp_timeout_needed, &stop_selecting); + } /* If the selecting interval has expired, go immediately to state_selecting(). Otherwise, time out into state_selecting at the select interval. */ - if (stop_selecting <= 0) + + + if (timespeccmp(&stop_selecting, &zero_timespec, <=)) state_selecting(ip); else { - add_timeout(stop_selecting, state_selecting, ip); + add_timeout_timespec(stop_selecting, state_selecting, ip); cancel_timeout(send_discover, ip); } } diff --git a/sbin/dhclient/dhcpd.h b/sbin/dhclient/dhcpd.h index 8e4c1344843a..abe652c06fec 100644 --- a/sbin/dhclient/dhcpd.h +++ b/sbin/dhclient/dhcpd.h @@ -361,6 +361,7 @@ char *piaddr(struct iaddr); extern cap_channel_t *capsyslog; extern const char *path_dhclient_conf; extern char *path_dhclient_db; +extern struct timespec time_now; extern time_t cur_time; extern int log_priority; extern int log_perror; diff --git a/sbin/dhclient/dispatch.c b/sbin/dhclient/dispatch.c index c02cb2c52796..e6b06d8616c8 100644 --- a/sbin/dhclient/dispatch.c +++ b/sbin/dhclient/dispatch.c @@ -167,7 +167,8 @@ dispatch(void) struct protocol *l; struct pollfd *fds; struct timespec howlong; - struct timespec time_now = { .tv_sec = cur_time, .tv_nsec = 0 }; + time_now.tv_sec = cur_time; + time_now.tv_nsec = 0; for (l = protocols; l; l = l->next) nfds++; From nobody Tue Aug 20 05:02:12 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny4h58Wcz5VFsG; Tue, 20 Aug 2024 05:02:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny4h4QX7z4QbL; Tue, 20 Aug 2024 05:02:12 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130132; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=S9nX1tfwhy6+LPTp1BPWFpH2JWfwWb8W/+IEfBIeXWg=; b=U+qsPiw4bic3k2UdttdPFIcBg8c+1cKBk3tC1I8k4UenpIrkku4werDQ+Iedw6g5vbjqkX kxAkvC135yOsCRMyPsg3JosthkQVjsfaswq2qkCpzWxpQjBzVFs2G9DJ4krSYv6Slv4+KT AO8fJzK6WCjhZx6ppzcHDLye7WA6WzeCF4pKI1gRgkA6OkLsDhnEeHqbBUTw3hAJj5/2KZ sdK8/RaowIiyMr3zeseEvXMfd3mfF7JHyy8EbuOQ6SgQrBxx7jClpmU69rTELSLj+yW0n2 pk6hN0DL2Q3CFeSzjy/Hn1ssH05XuwHRBLMOHiQ2twnF5BkXIBTLu83Fb2B+JQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724130132; a=rsa-sha256; cv=none; b=Hxz/Xfke7DlcX+G2x3PyMWUrHsT26tJDMpHrgAYCEABckvrszoM7igP5fPqjH/m4c3OGH8 B8bu/D1u354ZugKRBlR0iQfAstI7JOu4fonwjA+pzp40VFf7170S+BISnqWFagITeWZ/Uv n2xhC1emYiGcaf+Z63O2tCxXHDbD/RF1SUhfmq/rWAckJmS6ZAQ/EgQ9IeswKzD6MAFsor WJ6rHWLGjsU2ljJ31qJQOksobbLc6MQ6g7+Dzvza70wdI8pKnSwMTvG2ssQIIzRwIzH70B Buw+mH/gy4NF83j/oLrCv7sES7+eNqXUksbLPpl82OR7VXj68DkqVsemXpTXdQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130132; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=S9nX1tfwhy6+LPTp1BPWFpH2JWfwWb8W/+IEfBIeXWg=; b=xX1Y2iX3eKamu5GHkcn4d56CvhCeFIthBPaLvw13/aF7eUtmBtqHxVxtuTzHLf7GgOVDLl QpbZneNlGjjkB9zTTlfJcyrfBx70m481j/VHG1kWj2B478lvVzWJX21meOKghwLkqPXrnI c9DDVtoEJ8CWuxlAY5A/6TlSsUlNiPLaPWs5DeoIY4xT1YxghYr0SnL3c8GGU+k575xxT6 ybXU009BNavXQ+z9hQ1DKIi7qRlANkE53+Q25RWKXbWIEjEr+z23Jv5C8pYl8Wr9w6eodw 0/lPLvvVcVITnzdWidwovSB0vdfmjqFnboSvuPdQ4RpHjLwLx7ha/c3xX6nKjQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny4h3ZTLzn6m; Tue, 20 Aug 2024 05:02:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K52CmR072155; Tue, 20 Aug 2024 05:02:12 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K52CL7072152; Tue, 20 Aug 2024 05:02:12 GMT (envelope-from git) Date: Tue, 20 Aug 2024 05:02:12 GMT Message-Id: <202408200502.47K52CL7072152@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: d854b4b2aa2b - stable/13 - dhclient: Use clock_gettime() instead of time() List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: d854b4b2aa2b8b60e7fbca07e9637d035318aad5 Auto-Submitted: auto-generated The branch stable/13 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=d854b4b2aa2b8b60e7fbca07e9637d035318aad5 commit d854b4b2aa2b8b60e7fbca07e9637d035318aad5 Author: Isaac Cilia Attard AuthorDate: 2024-07-08 06:23:00 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:58:35 +0000 dhclient: Use clock_gettime() instead of time() Change the use of time() to clock_gettime() to have millisecond-accurate rather than second-accurate timeouts. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit f0a38976b01e15956fdba48f8b58db22d0af1f7e) --- sbin/dhclient/dhclient.c | 3 ++- sbin/dhclient/dispatch.c | 18 +++++++++++------- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c index 1a39ab1517c2..27e027646ef6 100644 --- a/sbin/dhclient/dhclient.c +++ b/sbin/dhclient/dhclient.c @@ -446,7 +446,8 @@ main(int argc, char *argv[]) log_perror = 0; tzset(); - time(&cur_time); + clock_gettime(CLOCK_MONOTONIC, &time_now); + cur_time = time_now.tv_sec; inaddr_broadcast.s_addr = INADDR_BROADCAST; inaddr_any.s_addr = INADDR_ANY; diff --git a/sbin/dhclient/dispatch.c b/sbin/dhclient/dispatch.c index e6b06d8616c8..78d94804468b 100644 --- a/sbin/dhclient/dispatch.c +++ b/sbin/dhclient/dispatch.c @@ -56,6 +56,10 @@ #define assert_aligned(p, align) assert((((uintptr_t)p) & ((align) - 1)) == 0) static struct protocol *protocols; +static const struct timespec timespec_intmax_ms = { + .tv_sec = INT_MAX / 1000, + .tv_nsec = (INT_MAX % 1000) * 1000000 +}; static struct timeout *timeouts; static struct timeout *free_timeouts; static int interfaces_invalidated; @@ -202,9 +206,9 @@ another: * negative timeout and blocking indefinitely. */ timespecsub(&timeouts->when, &time_now, &howlong); - if (howlong.tv_sec > INT_MAX / 1000) - howlong.tv_sec = INT_MAX / 1000; - to_msec = howlong.tv_sec * 1000; + if (timespeccmp(&howlong, ×pec_intmax_ms, >)) + howlong = timespec_intmax_ms; + to_msec = howlong.tv_sec * 1000 + howlong.tv_nsec / 1000000; } else to_msec = -1; @@ -231,16 +235,16 @@ another: /* Not likely to be transitory... */ if (count == -1) { if (errno == EAGAIN || errno == EINTR) { - time(&cur_time); - time_now.tv_sec = cur_time; + clock_gettime(CLOCK_MONOTONIC, &time_now); + cur_time = time_now.tv_sec; continue; } else error("poll: %m"); } /* Get the current time... */ - time(&cur_time); - time_now.tv_sec = cur_time; + clock_gettime(CLOCK_MONOTONIC, &time_now); + cur_time = time_now.tv_sec; i = 0; for (l = protocols; l; l = l->next) { From nobody Tue Aug 20 05:02:13 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny4j6yj5z5VFxW; Tue, 20 Aug 2024 05:02:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny4j53Jqz4Qjm; Tue, 20 Aug 2024 05:02:13 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130133; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=BxyZ1Zmugg5CARhmjEgnOXD6HpvAzEfaP5FRY46Axk8=; b=O1h5BffrvbcyeUnJqOPtJ0wxxUtoCE1D8BIL091qVgYKcM9+jceSQqGOH6iD0tn56q+WAH ZLI6jcfTFz8zDqkjatKu+DEUI4/HJ5xdGwQjTX4Q1bx7kPZHDXOZ9VgeKl+gQvr5nLN6WO 8kmkyJee/wQUYas+JvAQc9WKNjSwihdbNZgz1BA+yez8NlGqN3ZFF7seT8QuedmlVCk9Id mhpkljC1gLBq7Rtc4Yh+fF89UO1Go7LuUjLM32rBYaq7Aif8W28LK++ftpd1uaind2602p PRBK2Xu1P2sR7qhmqWtVIJ7C+hHMy+lZbWDHIFupnn8ISsfMQ1VPKJkILLq9Fw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724130133; a=rsa-sha256; cv=none; b=Pny2YKoiNCJKL73jZ2ph+l+0w108pd3+6bWeMObC3gjIKosW8MX8ORcIj1V7I0ELSoATi/ x+oYq/JlokExNgLwPTnHDAYO9tj4edoXDDP0o/VC3ILIo/nnL59jiwkA0OogFXGqzha8dI 9AakYRk0IfpKJV53VT5SpUQSWDPO/3lmVeew+oqLtg+X18pMO85uV6hNhzJn+CRl7BDoOd g/8Q9DwPSzE5ts4o0IHZsroPdTHHSb9oN9DJHXFyrOjA2qQKnITsQiqS0JWD66BpKoHdB6 C12tenTyOqvPPzBELHd2Iy0vOBS/aLbWv/DOWt+rIPJ4jEbVUl/Iz5p0pRRFKA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130133; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=BxyZ1Zmugg5CARhmjEgnOXD6HpvAzEfaP5FRY46Axk8=; b=A0ksGhknKoHk9fY2gaW9ckJininC7DtJoU6LGXkjFHFG1UaPCnTnumw1p0nFGZIHPkUKic AWqslHSvmTSnCXcO0G+Gz/H+9ovhQN+DNEMn3BftYcFuGlFlaxW3oyPPWNUNXs4gYY4H2E jP9nhiDQ4vpuR1IoYZIi0h3TU3Ssm8tF1nX5XBtUksyAAqVlL9XTQ9LfVCPPvPEl/hBog5 Zf+cDbGIyOQlXbXi7Ur9HsEfxkX7qo6zHJmv7bJEjTD6QjumE1/8lr3RODULXKAefn4/5n +xLBO0H+aEZzDv8tKNg+aS8aVemAQHNBgAwXxgr1HxfeFCUXGIi2ZMLkVAAbuQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny4j4TBVznGt; Tue, 20 Aug 2024 05:02:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K52Dpx072194; Tue, 20 Aug 2024 05:02:13 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K52Dcr072191; Tue, 20 Aug 2024 05:02:13 GMT (envelope-from git) Date: Tue, 20 Aug 2024 05:02:13 GMT Message-Id: <202408200502.47K52Dcr072191@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 5f4e11e111a2 - stable/13 - dhclient: Make arp_timeout configurable List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 5f4e11e111a26abe817e0f790cdbbd376374c45f Auto-Submitted: auto-generated The branch stable/13 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=5f4e11e111a26abe817e0f790cdbbd376374c45f commit 5f4e11e111a26abe817e0f790cdbbd376374c45f Author: Isaac Cilia Attard AuthorDate: 2024-07-08 06:33:13 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:58:36 +0000 dhclient: Make arp_timeout configurable Make arp_timeout available to dhclient.c, set the default timeout to 250 ms, and provide a new command-line argument, 'n' for setting the timeout to 0. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit b51569ad3c806688befc00dad51d15a7e61659fb) --- sbin/dhclient/dhclient.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c index 27e027646ef6..576d7260086c 100644 --- a/sbin/dhclient/dhclient.c +++ b/sbin/dhclient/dhclient.c @@ -121,7 +121,7 @@ struct pidfh *pidfile; */ #define TIME_MAX ((((time_t) 1 << (sizeof(time_t) * CHAR_BIT - 2)) - 1) * 2 + 1) -static struct timespec arp_timeout = { .tv_sec = 2, .tv_nsec = 0 }; +static struct timespec arp_timeout = { .tv_sec = 0, .tv_nsec = 250 * 1000 * 1000 }; static const struct timespec zero_timespec = { .tv_sec = 0, .tv_nsec = 0 }; int log_priority; static int no_daemon; @@ -386,7 +386,7 @@ main(int argc, char *argv[]) cap_openlog(capsyslog, getprogname(), LOG_PID | LOG_NDELAY, DHCPD_LOG_FACILITY); cap_setlogmask(capsyslog, LOG_UPTO(LOG_DEBUG)); - while ((ch = getopt(argc, argv, "bc:dl:p:qu")) != -1) + while ((ch = getopt(argc, argv, "bc:dl:np:qu")) != -1) switch (ch) { case 'b': immediate_daemon = 1; @@ -400,6 +400,9 @@ main(int argc, char *argv[]) case 'l': path_dhclient_db = optarg; break; + case 'n': + arp_timeout = zero_timespec; + break; case 'p': path_dhclient_pidfile = optarg; break; @@ -576,7 +579,7 @@ void usage(void) { - fprintf(stderr, "usage: %s [-bdqu] ", getprogname()); + fprintf(stderr, "usage: %s [-bdnqu] ", getprogname()); fprintf(stderr, "[-c conffile] [-l leasefile] interface\n"); exit(1); } From nobody Tue Aug 20 05:02:14 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny4l3VQXz5VFvH; Tue, 20 Aug 2024 05:02:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny4k6xcRz4QlB; Tue, 20 Aug 2024 05:02:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130135; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=G7LZTKUyOemJdPZj+7hvZM00fXJe+QJ+vBMBQfIiC3I=; b=fsY2twL5jo5BfsQdSNIxXfMXaqJU27J1DOtZReH4WchP7l39RYXJhsxwXvn5sd97A8mXcr qaUlo2s33DQBuNX27IfHrh3BYBQC9z8sxMlEmynTGW6UabxRimRj8ePNYQDIfLEpYmmT7E iAPUuf0SQ7owINhidWCyWsEFPNXp5XAI4wMc0pkLI9qBhcFytDmPgBAErdW3pw46/0tjjQ YaiOZTJbB6GKsk6FPs/4NAuoTYlDTSoeqdIcOBmvG/7BwIPmWz7zHObFU6Wxtsekebff1e HA62IMMw0TcpH1egTw0lJuoJy9s0+1N5N3MRQJayATOGwhB9c2erizJ4Eot4LQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724130135; a=rsa-sha256; cv=none; b=ZqKNVeqkufqOwGDaUZEtpkXR1cK5/u8HCddNVTrUZT4f6ANUZuiSy7j9N+b8NqztFcBdAI Mt59wxvI7dEDCIgXbZqM+1cVfS3hPcMVoRAD8UhmnyDv9KE1ZC0fCpOT3vVBLuKCb1QIGq JrkrE4OzYxGarKiM32/pslLgmBTI2fXshU2m5mx+I0PKAWw3O4iMn9Ku00G8PnC+62T/By woJevdJm+s9bVGWuJhl0Hg3w8nK4qyah+yCenLuRCqzdaQNmec78G/4bxjylRIRWA0xMT6 pWfmG7H53RlJVS1zT2KjIEmvWlFWiWgBZT81NtPggab26hFD7yOIPuaiiqm2GQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130135; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=G7LZTKUyOemJdPZj+7hvZM00fXJe+QJ+vBMBQfIiC3I=; b=dE4gFGR9PyKPA8vYijWPjBX6VAQigTyQYYuOdQEj0rcnslWjP4xpX9Uh3r2TtUYBh1+SFj kI9T3WpdEJcd4u4TkPIrF/Rhw9vQTo2U+0z09QZLzGF8JJZRD5ao+jiO9aODaElJkqDKKc n1At3F187bNqeVsdDQVwYBfvRn3v8zjZ4wA9w3S2bNMJGjgHtQBQvl/PUh0RqxhTLtrx2h neblpxusQ1LikGTf5087ZFQLb3Q2xjQ5swfvy3I6Y2ot0wmd1iFQ13T8qw/IrYaF12WqcC d8Ek3jiohey7WwVt3w2zBEKPY3NgT519BkWqIqXk0H8BgRU6CJ9wOu7qTWFyLA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny4k5VLgzmr0; Tue, 20 Aug 2024 05:02:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K52EUM072246; Tue, 20 Aug 2024 05:02:14 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K52EoU072243; Tue, 20 Aug 2024 05:02:14 GMT (envelope-from git) Date: Tue, 20 Aug 2024 05:02:14 GMT Message-Id: <202408200502.47K52EoU072243@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 8adfd402047e - stable/13 - dhclient: Update dhclient man page for n flag List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 8adfd402047ef5b4056d0d11e1752e0a2c28172d Auto-Submitted: auto-generated The branch stable/13 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=8adfd402047ef5b4056d0d11e1752e0a2c28172d commit 8adfd402047ef5b4056d0d11e1752e0a2c28172d Author: Isaac Cilia Attard AuthorDate: 2024-07-13 10:18:05 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:58:36 +0000 dhclient: Update dhclient man page for n flag Document new n flag for disabling ARP resolution within dhclient. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit 84fce4b67adc1ed1882d9371eb5d92dbbc79766d) --- sbin/dhclient/dhclient.8 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sbin/dhclient/dhclient.8 b/sbin/dhclient/dhclient.8 index a7328304fa68..7f0b418128ca 100644 --- a/sbin/dhclient/dhclient.8 +++ b/sbin/dhclient/dhclient.8 @@ -36,7 +36,7 @@ .\" see ``http://www.isc.org/isc''. To learn more about Vixie .\" Enterprises, see ``http://www.vix.com''. .\" -.Dd August 4, 2018 +.Dd August 1, 2024 .Dt DHCLIENT 8 .Os .Sh NAME @@ -82,6 +82,10 @@ will revert to running in the background. Specify an alternate location, .Ar file , for the leases file. +.It Fl n +Make +.Nm +not wait for ARP resolution. .It Fl p Ar file Specify an alternate location for the PID file. The default is From nobody Tue Aug 20 05:02:15 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny4m2Wdqz5VFmn; Tue, 20 Aug 2024 05:02:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny4l6w56z4QS4; Tue, 20 Aug 2024 05:02:15 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130136; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nPTcx8DpqdCe43BUCE5zgsdjA8/8n5iz9bn/tmBEvSE=; b=aciGwZhFcU6ucIwSZ9bq5elnn82zq4ytP0FT5qqJnH8i95UJqO9CVPn7bFeQjQUjL7k8wF FNiRpZBmovJOlP/NN73Ret6fSN6UOkTanrdFxkj/vjweBTG2hxJanmKa9B5DkfaZpGDQa2 6Wn4+X6xr9pR/wn2IL+9b/e/zf3TJMOXrNnE7Qtpawl+zmZX9Alq5MAM33VFQYdAQQRh7I 8W3lRhQuhVYIrExDeT4O0qyO2mvzYR4aDOEUXcEJ8Y8ruwmDRY4H96IsdMKzG/i6YCG6Vm GFBaf4jvKRVMmQ0C9RXuvBm9mEBOJYKxAzWe1aoy6AeCVnHpfy6OUZR63m9flw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724130136; a=rsa-sha256; cv=none; b=Nzr1xJg5dyfdMO9hjeRqnX2ETzEloxjrKhn8AVsCTHxhl8YFOx3Gkqx0jC2jh6QWp/Gg7l g493L2MOcajGfRJsTxx0iOrz6hpIXahMYj7O3oQhQYke1paMeirXeHOzI6B4kleBYW+ieA XUJsZQOaXqDpPZSly/SNb1jRPZCEAei9WWKtbzcnS0BtNLHNaAJbg0FoMX2omP8BIx6UjT ZTeIi8FKb7l7Q3jrRwKj2tD/h8Je+BG3L+gEOJf1v8obSYyA5qI7iQFkNbJEuVc/rg9LD5 dUTlGmBxZECxAYYJoBG3CDLzIUe2T0Z2oXFpdPxlARKM+28L22zIigbDCPU18w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130136; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nPTcx8DpqdCe43BUCE5zgsdjA8/8n5iz9bn/tmBEvSE=; b=pLpuO0N+59cQBbrk84yYR3Bp/celbGXStu7gsq58JyUtx1X6W2ZNRO67QKoVdTNzndiUNE wOHsqEsucXXy2QVNMdy5tkzLZsKcqxqJTkVgxIlD2oUo/ReUKOL5tgcRURPXqmkr2zplVI M+4QtixciZE+2K/uK0HAuL/iIBolP+LtIpJSZlNSm3ZGm9kj9Vk7oUo7y72dZeh+tRYyue s9f79jY9iNoVbsUnbY9W3as26nBIZf9d0JvO+XCuSQ3Qp7OgsvY6W+LU2jMXvVMpvRd0NR r6wZ5CKLCbCEwYZWkL3hMGcNrYLtIruGLS1yVs2aegYR6Jx1Iesa2Y0alvv5lQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny4l6WwPznGw; Tue, 20 Aug 2024 05:02:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K52F4j072295; Tue, 20 Aug 2024 05:02:15 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K52Fan072292; Tue, 20 Aug 2024 05:02:15 GMT (envelope-from git) Date: Tue, 20 Aug 2024 05:02:15 GMT Message-Id: <202408200502.47K52Fan072292@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 1f0f31f082d5 - stable/13 - dhclient: rc.conf option to disable ARP resolution List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 1f0f31f082d50c2adb3caa32420b1a16179dea3b Auto-Submitted: auto-generated The branch stable/13 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=1f0f31f082d50c2adb3caa32420b1a16179dea3b commit 1f0f31f082d50c2adb3caa32420b1a16179dea3b Author: Isaac Cilia Attard AuthorDate: 2024-07-13 10:07:29 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:58:36 +0000 dhclient: rc.conf option to disable ARP resolution Introduce a new rc.conf option to not wait for ARP resolution within dhclient. This is plausible on many modern networks where it is possible to trust the DHCP server to know whether an IP address is available. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit 503adcdf1db35eab0f3d35392947a6da3bd19539) --- libexec/rc/rc.conf | 1 + libexec/rc/rc.d/dhclient | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf index fab8ffb4fff9..6c9a58ff72c1 100644 --- a/libexec/rc/rc.conf +++ b/libexec/rc/rc.conf @@ -141,6 +141,7 @@ dhclient_flags="" # Extra flags to pass to dhcp client. #dhclient_flags_em0="" # Extra dhclient flags for em0 only background_dhclient="NO" # Start dhcp client in the background. #background_dhclient_em0="YES" # Start dhcp client on em0 in the background. +dhclient_arpwait="YES" # Wait for ARP resolution synchronous_dhclient="NO" # Start dhclient directly on configured # interfaces during startup. defaultroute_delay="30" # Time to wait for a default route on a DHCP interface. diff --git a/libexec/rc/rc.d/dhclient b/libexec/rc/rc.d/dhclient index e2f204076eb6..3e6511fb6f26 100755 --- a/libexec/rc/rc.d/dhclient +++ b/libexec/rc/rc.d/dhclient @@ -48,6 +48,10 @@ dhclient_prestart() rc_flags="${rc_flags} -b" fi + dhclient_arpwait=$(get_if_var $ifn dhclient_arpwait_IF $dhclient_arpwait) + if ! checkyesno dhclient_arpwait; then + rc_flags="${rc_flags} -n" + fi # /var/run/dhclient is not guaranteed to exist, # e.g. if /var/run is a tmpfs From nobody Tue Aug 20 05:02:16 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny4n2j9fz5VFsV; Tue, 20 Aug 2024 05:02:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny4n0b64z4QrJ; Tue, 20 Aug 2024 05:02:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130137; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=XKENZnnsbnjPhowZYum4rmvQjU1Pp9dyr+yXeNE++CI=; b=qQ6Tx7XSXNgmIU/DpElAGVBGZnYp9eoRtX1wqMi410ddNCNI3983hrMb02WLv1lKUNY6WS zLFfflwvvrsWalcvK3qdh4MBpVntHkosVe3x6QcvMbPbYNi9jjViSNRnQvz4DhD3B2erf8 sohFR1j4TK+dvsIPv9Tt927NiAuAKS38SAVNzrWM93Wi9wQFjbptuTxuc/E6rjNbXtITss fhbbcN5wpDJQ8yFBjspFpSC9/48Q9yc9QXzMcPHYErQTMm25rp3QEcM+7ITnduDVId/vgS FAwWa1DDMQeXlF9dOcl77JKEltZFG7i5Cel6wuxorbK/oy6VSTOUPxSrbgSLgw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724130137; a=rsa-sha256; cv=none; b=lSpaxEsthNBooORx/eIbzMPyRTM25IqIh+yvXY85jzGoIHvYCM643XqqpRAr/7aJzIZb6N g7Rv+ZmXqGmFPIbZwK/KLwKryBctlPJBN5DaTrEyqw6d6Se/VU5elkYEaS7x8w0Dx9xNIp R1zhXMO5MDx5317od+aMdzcnGnh271pmt3qK0qSvLFaFvUU0WhVNt5zC0+njEIrelEuR33 w3xL/wlecKOQUZw6CmnxU7Nr0bqbS0d6i6vBYMdaYZ+ForDOBkat0pAWDlLXLks5I4Jj1Z /HDz+92pINdO7+srOB5Tdvd2bKd/diMzAizXhuZA1cGu7GLd2tMDOtZ9i1mpeA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130137; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=XKENZnnsbnjPhowZYum4rmvQjU1Pp9dyr+yXeNE++CI=; b=mS4nzWv9awXzZ79PYGGXOFuoMhzQsbMCerxQ+s6i3XwgB5hHNpTD9+h42/hbzzWXAMAwJ5 GkTNKLRrRK2Ul89f57T106x2/4kWiCg1Z+++adEj8763YUw9Dd8eANFshVC/kY31hZKZDx BqtYmuTzFLxHmCAtIvutDq2Jgl//MU4FaT+ERJwffVRlRVPtqW9/Xxk1DGcwh5U5+OvErA VKNNwd43R8W/krCrea0jeCFboerfTEGLhNTeViQ1k2ozRwhWUOfbl+Vpgl424H2uHCI+17 VvStYJXLT85LZpTBnFx7CAKBC2e1Rf4hhhZRQAy42qAaCqz7vJ+IcONi3pVWZw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny4n08znznGx; Tue, 20 Aug 2024 05:02:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K52GnA072337; Tue, 20 Aug 2024 05:02:16 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K52Gog072334; Tue, 20 Aug 2024 05:02:16 GMT (envelope-from git) Date: Tue, 20 Aug 2024 05:02:16 GMT Message-Id: <202408200502.47K52Gog072334@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 47f6b848e079 - stable/13 - dhclient: Update rc.conf.5 with dhclient_arpwait List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 47f6b848e079ae127294e5c207622f5a4235b7ad Auto-Submitted: auto-generated The branch stable/13 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=47f6b848e079ae127294e5c207622f5a4235b7ad commit 47f6b848e079ae127294e5c207622f5a4235b7ad Author: Isaac Cilia Attard AuthorDate: 2024-08-08 06:34:59 +0000 Commit: Colin Percival CommitDate: 2024-08-20 04:58:36 +0000 dhclient: Update rc.conf.5 with dhclient_arpwait Add new dhclient_arpwait option to rc.conf.5, with information about what it does, and cases in which it could be disabled. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1368 (cherry picked from commit e4482bfde9b10a4d0edd0e2d956a87b76db2cb1f) --- share/man/man5/rc.conf.5 | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5 index 8f105e679b55..4e7140540420 100644 --- a/share/man/man5/rc.conf.5 +++ b/share/man/man5/rc.conf.5 @@ -556,6 +556,15 @@ When specified, this variable overrides the variable for interface .Ar iface only. +.It Va dhclient_arpwait +.Pq Vt bool +Set to +.Dq Li NO +to stop +.Xr dhclient 8 +from waiting for ARP resolution, to make the system boot faster. +This may be done on networks where the DHCP server is certain to +know whether an address is available. .It Va synchronous_dhclient .Pq Vt bool Set to From nobody Tue Aug 20 05:02:18 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wny4p6Pdkz5VFxc; Tue, 20 Aug 2024 05:02:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wny4p2jkDz4QrW; Tue, 20 Aug 2024 05:02:18 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130138; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=opiTWNfkJRDsSZiy02n+T9WkyEKo+HDnZw4LG1M6hSY=; b=HPB4/lUXAvjgLq4aiq2CZggkLDyxoskixh/HXX+97I/yNlT0kR8fuH+ErPv6oomGvdCX+g PioGKfOo2jwneAKAShRJf06CGPUkzq0aoNd6I4me0aCA30igOjDISU7nbdbQ/qdwywiSCC iV+WFyIKn90sgPlbok0peSVctJEk16+uAgeJU55YPNcBHaUPPsKwvwa66SqGsP3cI6pXOQ pZN5Oj/BwsoH+juC/SoCq4/SFZhK94BrF/4wTOMmOCEzfFBSxsSapZMZVA7j4YMThAtl5E qIqsiWbHCmkW2oPm+l6mkIXNX4XhRoDVzUGCNQiz8lsXxLNOpjL0SDgjwR3vUQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724130138; a=rsa-sha256; cv=none; b=a0yE3N6w7U8ndRXy2q0O5u5P+bbZoTLJugI8IIZayBLAWgaB7SPJLLq1BrfqSRDKMlouM2 QWE9cQdTdWO4OCLWTOu0mvV4nlKlSdu08y4UBEk605AOVwPSAF3RUKjd0cUxUnm4vcKRgZ LO+PypE1lN3N3Ylg5EYPhRBigxFFcVUgKndEq2o77z+MmzYItQy4aGfLf+Cu/8w7LQAJ+x P5rErT13ObBYMkuiVeKrKwUVF5ApSIEQDlwHRycoOTAPCiJUc6nleAT3QZ8NQQRyAfddOk 8Sj9LQulWkfRv5eYNQv4lSk8FMRHaWztvtUqmT1ICZTDqKJ+Od57LdsFY7htuQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724130138; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=opiTWNfkJRDsSZiy02n+T9WkyEKo+HDnZw4LG1M6hSY=; b=ohPVwxeWNBEWlfH0zDfky8tFizxcSalIv1Xr7DMPDEqkiAtE80jkMn9Xlb4cBIqjsqyWkm 6tcCvZ7xIazP7RKQa7MNCGYpp9e7GDiPqYmT+61Q2asPr81ZPddjg4Acgr+CdoLMF6tawY j6FIlKCQXhQpZMC2AFnLATm4ixhgy9u3Tbs/V9q2HUDDzUR86C8Ch8Qc66uUOdytf+yw5x 5MHmzkRhZkH0ndOEJXDqecua1u1ZHb0T+JCEnZFH89nZliDReLTJfZ/uhWFZ44HN4pe7dq nWQQRy/wGGGxzqqYcI+/kKRO7ENxysMSIJtI7J5/z3C4P27FSinMb559G9SKfA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wny4p0wXXznH1; Tue, 20 Aug 2024 05:02:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47K52IuD072379; Tue, 20 Aug 2024 05:02:18 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47K52IWY072376; Tue, 20 Aug 2024 05:02:18 GMT (envelope-from git) Date: Tue, 20 Aug 2024 05:02:18 GMT Message-Id: <202408200502.47K52IWY072376@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: bc29564feef6 - stable/13 - EC2: Set dhclient_arpwait="NO" List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: bc29564feef6667593a60503cae014096341145e Auto-Submitted: auto-generated The branch stable/13 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=bc29564feef6667593a60503cae014096341145e commit bc29564feef6667593a60503cae014096341145e Author: Colin Percival AuthorDate: 2024-08-09 23:55:30 +0000 Commit: Colin Percival CommitDate: 2024-08-20 05:01:34 +0000 EC2: Set dhclient_arpwait="NO" The DHCP server in EC2 knows exactly which system should be using which IP address (and in fact EC2 has source IP filtering on by default) so there's no point ARPing an address before using it. The preceding commits (changing the ARP wait time from 2 s to 250 ms) and this one (eliminating the wait entirely in EC2) reduce the time required for a newly launched FreeBSD/EC2 instance to launch by 2 seconds. Discussed with: icattard MFC after: 10 days Sponsored by: Amazon (cherry picked from commit 54a543d5ea3a58aee2f001498376127efea24bd2) --- release/tools/ec2.conf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/release/tools/ec2.conf b/release/tools/ec2.conf index 96e628f2c497..86706e21513c 100644 --- a/release/tools/ec2.conf +++ b/release/tools/ec2.conf @@ -64,6 +64,11 @@ vm_extra_pre_umount() { # via EC2 user-data. echo 'firstboot_pkgs_list="devel/py-awscli"' >> ${DESTDIR}/etc/rc.conf + # The EC2 DHCP server can be trusted to know whether an IP address is + # assigned to us; we don't need to ARP to check if anyone else is using + # the address before we start using it. + echo 'dhclient_arpwait="NO"' >> ${DESTDIR}/etc/rc.conf + # Enable IPv6 on all interfaces, and spawn DHCPv6 via rtsold echo 'ipv6_activate_all_interfaces="YES"' >> ${DESTDIR}/etc/rc.conf echo 'rtsold_enable="YES"' >> ${DESTDIR}/etc/rc.conf From nobody Tue Aug 20 14:05:30 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpB7b0851z5TBSN; Tue, 20 Aug 2024 14:05:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpB7Z6lDyz4gHr; Tue, 20 Aug 2024 14:05:30 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724162730; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/IXQLn/7IaTK1SuK5Z3IzkqiL/hBFYEF9Njypf7iXHA=; b=XTh9ynp5yVRfdNSvtJN9HAw6nskUIAM2aHIzhurb6SPRFR1tYvJ9Ni2r6RtDiBzMrx2my+ WmxJBnuuub+b7RcacAf9Rw3Ijo+fX1U4AHQbIcDoQZ9I6/+5tQmhR/byQ8zfZMH1KKafGE GzOkgtuGyMFOgnwsMRLO1bucnjhlcvolqpBbNJpEO4is4XJJkQlBo+Js1BmeEcrOyCDqPc kWL/T+vQhkU6EOg8M+bn6HPRw1tJs8Zi72qP8zX7zEZVm1Q7M4dmFyZkrV3Xd5+D6p5YqP w37JzgugpS4GAceLDxHrcf1udxlcFF4HHdP8GVPXQa1lOAuR8RHMOHWv9NuwnA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724162730; a=rsa-sha256; cv=none; b=lgDNKV8HQEmOlV41iW6Lk04+cKaC1+B7oA4SSkt10bLFoWku5TwegHlTge+dnphW/ZvZoi V9GT71qldaXWMYRQvf+b01EdYxCVcgp/vBOk40uiJdZKZ9ynK7pXb4MlhI5zosKZMT4Dhq PQs+am03Q8ZqYheKyjzDT5+7l/kMAVODG+kPbNc8sAqM1F0XBI1wrhf5nd+bj9w9cp4xuJ aG11hcCY61qFWv/CdrnVBr0zRZ65CvClu1P9Kh/8uOkH2R4eAhujoA7qXoa6601l/y0k0v 9suvixIAmDKeXmwH20v5ezCR4n4jrg7jFxB6I3Gpg+VsFDP8v0fxjMyFIOMT3g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724162730; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/IXQLn/7IaTK1SuK5Z3IzkqiL/hBFYEF9Njypf7iXHA=; b=mLXSQnH4bGU9PKi5YEyRalgQk46P6RhF2IVeRzsQKFOVdCjT0pkSawJw5KzPcyoydstt1z 0WJ/LI58Jhn7pIUxvGhO3dx7fu+fkrS2Ycch8Ei/4Tv+zv78x+Izt/K+gWcvi1u9WaKUji sAA9/vgMxKwDpus5zjxoxxThtahAWKJSN2NcxCsQ5aP5Zf+Gl3fhx9ju7uZXV82+OvOUad mDkH1WwsQgUVnr1K8zI6LyeuTw3sXbgxnx+U7+z5dqGHnIOQ59NslXyOLtYQMscc9bqn90 oiF3N1rOvaS/qkBxOwrgI+lB8MYpIjnM7rOzMPEEwjkr3PZq/9YtkxeFPfm8Zw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpB7Z6Lfxz13Mr; Tue, 20 Aug 2024 14:05:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47KE5UG2091089; Tue, 20 Aug 2024 14:05:30 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47KE5U6T091086; Tue, 20 Aug 2024 14:05:30 GMT (envelope-from git) Date: Tue, 20 Aug 2024 14:05:30 GMT Message-Id: <202408201405.47KE5U6T091086@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: b2cc25c8fb0c - stable/14 - socket: Fix handling of listening sockets in sotoxsocket() List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: b2cc25c8fb0c0ff71682c28665d11f65bca2cc91 Auto-Submitted: auto-generated The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=b2cc25c8fb0c0ff71682c28665d11f65bca2cc91 commit b2cc25c8fb0c0ff71682c28665d11f65bca2cc91 Author: Mark Johnston AuthorDate: 2024-07-09 20:28:12 +0000 Commit: Mark Johnston CommitDate: 2024-08-20 13:22:56 +0000 socket: Fix handling of listening sockets in sotoxsocket() A lock needs to be held to ensure that the socket does not become a listening socket while sotoxsocket() is loading fields from the socket buffers, as the memory backing the socket buffers is repurposed when transitioning to a listening socket. MFC after: 1 week Sponsored by: Klara, Inc. Sponsored by: Stormshield (cherry picked from commit fc4365853f1c4b572d9fd643ea336508d9a6a0f7) --- sys/kern/uipc_socket.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 479184a87a5e..7801054315ef 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -4264,6 +4264,7 @@ sotoxsocket(struct socket *so, struct xsocket *xso) xso->so_error = so->so_error; xso->so_uid = so->so_cred->cr_uid; xso->so_pgid = so->so_sigio ? so->so_sigio->sio_pgid : 0; + SOCK_LOCK(so); if (SOLISTENING(so)) { xso->so_qlen = so->sol_qlen; xso->so_incqlen = so->sol_incqlen; @@ -4276,6 +4277,7 @@ sotoxsocket(struct socket *so, struct xsocket *xso) sbtoxsockbuf(&so->so_snd, &xso->so_snd); sbtoxsockbuf(&so->so_rcv, &xso->so_rcv); } + SOCK_UNLOCK(so); } struct sockbuf * From nobody Tue Aug 20 14:05:31 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpB7c1J8tz5TBrq; Tue, 20 Aug 2024 14:05:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpB7c0fpLz4gRy; Tue, 20 Aug 2024 14:05:32 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724162732; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=IbvOAHjAae/r/ST9wC3l1E1PoAF7SExiZBLKt1dKliw=; b=k5kEme7YJM7CKL4Z9db14gDVizg1d56emmcJt/VsZrkSl4GjVMOClkZTagwxQ0UXZ5jZO9 B95NGcuerr3eUJ99HSHEth+Ri8TjCtui4nBtLdbGAB3rhpbM4x6WFBLp6qIbkKi3+y5g2r oPrDXIxGrP5KGMYct4pYs7Qo2MFe6vBdcvQonogxvKmRcfGIfmWQUaeaBVLLxldrma2c+Q RAhDYli++kGtC4hOaNy+eoq0xf1XrZ9lWIxnB0qEMD+aDXDMT/NdjCJA3zQ5zmEPq464iQ YOsaRWRssGFSO48RyHf6wI3YuZZ397EuDycwtYDNi916uO0OtobrGzarFg4ysg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724162732; a=rsa-sha256; cv=none; b=rN5RQqV85luBjI/3SM4DZjpItJ9ELoxkMkaOUu/teQPSr24+GB+QG0RzmwpH5yvxHOe5nw zyuSpn9rdvr+Ky0iWC8JAC4Sc5H5Wasj/Bqe0Cdy+ck/w5NJ9T6NFkl+IN0wrTaB1E4YVX UEtdlROD7lxk8ZW9U+QcOQCiQtETm3UPNCCQlnhYuoQKOO+/5cCNyvb1BKVpitXo3VHcf1 fuE65hX5vB1XpzSJQc/H1puwy25pE3Rxy1Sj5hsG0aKh1SugnUcMdiuTh9MEqMmO4NMrnk 53AzmNHYh24+MZsjrupWwLqvELg2IEfc2vNte6G8ET5RNXfV4lPlpwUDpWoASQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724162732; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=IbvOAHjAae/r/ST9wC3l1E1PoAF7SExiZBLKt1dKliw=; b=DY+8gg7S86EYH03Ou+AGQXkXge+CDWtcF+HFz9XtpadOXaV8b2cWRoDfb0mCcaoE/6gBM8 Atz+eMXuR0T90/rMkep1omjhU8ZDbPq/ElCnF4VqwS4Udjcqnyj2qGxU48C/FRx+gQ8XmI C+s+6XSddkoedPLK7ryEuTQM2vKs8iWCl7q+WV646ztvOQMq9mCb4sqdf4Fuipw6nKdzJf O3OkJ6UkxrUwFBIYDXLgL2+NQaqbXfS8qejTQ6/JtdswcqsxN2k8FWHJ0BrENCw5wXg2zA DnyxXoU6i/KzotqLH+/rmblNAiqtaMtixJlHd+3bQvRj0tUEHwU43mKY4UPyHg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpB7c0Fvlz13Ms; Tue, 20 Aug 2024 14:05:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47KE5V53091146; Tue, 20 Aug 2024 14:05:31 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47KE5VK2091141; Tue, 20 Aug 2024 14:05:31 GMT (envelope-from git) Date: Tue, 20 Aug 2024 14:05:31 GMT Message-Id: <202408201405.47KE5VK2091141@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 63398f340041 - stable/14 - socket: Make the sopt_rights field a pointer to const List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 63398f340041fe630e56f9daccd62920adc85796 Auto-Submitted: auto-generated The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=63398f340041fe630e56f9daccd62920adc85796 commit 63398f340041fe630e56f9daccd62920adc85796 Author: Mark Johnston AuthorDate: 2024-07-11 17:24:35 +0000 Commit: Mark Johnston CommitDate: 2024-08-20 13:22:56 +0000 socket: Make the sopt_rights field a pointer to const No functional change intended. MFC after: 1 week Sponsored by: Klara, Inc. Sponsored by: Stormshield (cherry picked from commit 07f2ed5ce88293b5008a27d1868f47eb8cbd25e2) --- sys/sys/sockopt.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/sys/sockopt.h b/sys/sys/sockopt.h index b139062cf492..02312eed5439 100644 --- a/sys/sys/sockopt.h +++ b/sys/sys/sockopt.h @@ -53,7 +53,7 @@ struct sockopt { int sopt_name; /* third arg of [gs]etsockopt */ void *sopt_val; /* fourth arg of [gs]etsockopt */ size_t sopt_valsize; /* (almost) fifth arg of [gs]etsockopt */ - struct cap_rights *sopt_rights; /* Capsicum rights attached to the fd */ + const struct cap_rights *sopt_rights; /* Capsicum rights for the fd */ struct thread *sopt_td; /* calling thread or null if kernel */ }; From nobody Tue Aug 20 14:05:33 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpB7d43w0z5TBrt; Tue, 20 Aug 2024 14:05:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpB7d1Rt1z4gNQ; Tue, 20 Aug 2024 14:05:33 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724162733; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=648lJqsOkKgvQXEWxEyCpW5lPKzjzuz3EkyykZLVAsc=; b=t0A1PivEMqlfDOapETz2vMaYPp0026+XNmRswSIernJsbr3UHrKd1vevPgtdNtIN+Lk1rW wvxac7DzsP6bQoVA1AJtZ9qWCPi+hWyE8mw6cXkkhRY8+PuAukSZC6GyrkKcZ3KrbANfVD oVQ7abW6tdXxU1rHVW5szgphw4FFCQBbSd3IqqzlgGkfgDhW/KiYNeChYahlDowZtNN/zL TvO4boi+VAthes9kPas5e9EsbQiomY3jhyJ5DXo/R2wd1bWiQJOJw8GRU3/RE94ZgLFHCF dRFQ6KvavzZStOXHcaiZjwFIzIpuHLiWxUuaLNQl2hiMnVNaTU3SrVgU3edKDQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724162733; a=rsa-sha256; cv=none; b=XU7WDVWFaRJe8ARpg9MLCy80KX05TqLAaQhIMQk+bOEoI7CHKYNlOQG8xMoPgWnC3TaZgi EVicaVTGlzOD18Hl1ifcBQ8R5G1JmgGOJOzQSFd/Wpbosrjno6LT6nYGYrEJlmK4MsvQDJ I9XtaKge9Dgj22kO0PUzWbYtRsA5QyE16DHdwDrWjpppVgUwa34E9LytcuTbKUIcyudA13 pHqTW4ANxI+34JHTs87zMfK2G7kxGwrrI3zJqpKKHuempwsjTZMwJrH7jUWWuDcS7ME34q h24GoliI10CNQDhkvNxGOeKOI2Z6S8xWpfcIyhJ1p7cb2ayOUcwMtZXO174ZFQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724162733; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=648lJqsOkKgvQXEWxEyCpW5lPKzjzuz3EkyykZLVAsc=; b=sl9lk8kc25cdT0ouvhrBtCUmUm6oXTq7cuLJYmKzSeukgYntYgaIP4d9ot1vTJdckth+CY Zzvv0osW438Xw4Wi/z9u+GSHeyTYvdm6lMDF6bSzsUw/AoBVNhikc/QYXe3KIlMtePUdHW 9Tz0Np5f5MyZpy8Zt/3vKfCIDbsu5XZqV04DJa/TjUN93jgsRln9jlcrITCkIlv56yRA4w L1BYSzTlzQr4D7RINOBdQPgA9av10Sc/4Vt3YVJR1IMzHiro2k65p/n32yOFhUtytLMc+Z buT+z/a2QkGrtmxffZzXnVkIvzX5qLvrVmQLzITWeOCvZXQI+qRD+aNWC5si2A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpB7d11zTz13Mt; Tue, 20 Aug 2024 14:05:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47KE5Xx1091197; Tue, 20 Aug 2024 14:05:33 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47KE5Xnn091194; Tue, 20 Aug 2024 14:05:33 GMT (envelope-from git) Date: Tue, 20 Aug 2024 14:05:33 GMT Message-Id: <202408201405.47KE5Xnn091194@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 717800323493 - stable/14 - xen/netfront: Decouple XENNET tags from mbuf lifetimes List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 7178003234932e62dd552da9b39d2e6c35ed97f8 Auto-Submitted: auto-generated The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=7178003234932e62dd552da9b39d2e6c35ed97f8 commit 7178003234932e62dd552da9b39d2e6c35ed97f8 Author: Mark Johnston AuthorDate: 2024-08-02 13:09:41 +0000 Commit: Mark Johnston CommitDate: 2024-08-20 13:27:05 +0000 xen/netfront: Decouple XENNET tags from mbuf lifetimes netmap's generic mode tries to improve performance by minimizing mbuf allocations. In service of this goal, it maintains an extra reference to the mbuf and polls the counter to see if the driver has released its reference by calling m_freem(). As a result, the extref destructor is not called when expected by the netfront driver, and mbufs tags are not freed. Modify the tx path to release its mbuf tags promptly when reclaiming tx descriptors. They are drawn from a fixed-size pool, so otherwise are quickly exhausted when a netfront interface is in netmap generic mode. Co-authored by: royger MFC after: 2 weeks Fixes: dabb3db7a817 ("xen/netfront: deal with mbuf data crossing a page boundary") Sponsored by: Cloud Software Group Sponsored by: Klara, Inc. Sponsored by: Zenarmor (cherry picked from commit 2e4781cb12af2d13262ed5decf6fd95c8d58d9f5) --- sys/dev/xen/netfront/netfront.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/sys/dev/xen/netfront/netfront.c b/sys/dev/xen/netfront/netfront.c index dafb838cf328..da0f1680a87e 100644 --- a/sys/dev/xen/netfront/netfront.c +++ b/sys/dev/xen/netfront/netfront.c @@ -335,8 +335,16 @@ static void mbuf_release(struct mbuf *m) KASSERT(ref != NULL, ("Cannot find refcount")); KASSERT(ref->count > 0, ("Invalid reference count")); - if (--ref->count == 0) + if (--ref->count == 0) { + /* + * Explicitly free the tag while we hold the tx queue lock. + * This ensures that the tag is deleted promptly in case + * something else is holding extra references to the mbuf chain, + * such as netmap. + */ + m_tag_delete(m, &ref->tag); m_freem(m); + } } static void tag_free(struct m_tag *t) From nobody Tue Aug 20 14:05:34 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpB7f4FRRz5TBxX; Tue, 20 Aug 2024 14:05:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpB7f2Jsyz4gVY; Tue, 20 Aug 2024 14:05:34 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724162734; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=V9G5g8+HH7U+4AroY6b9LJ7v0jPqom5Cbe37JJIEFE8=; b=c8DWGTZze00XCb8I+VQvGMV21WG3bfE0cnPrKY2Vue9q3STPeBv8WkIxsiHAzIp/rqRnbE qf3OMIVn6sO2nKSsJGlTMMffxPQIQQAeplzzvzbxTePnYaHa7hYM4S8H8xTKDYCPqL28yr TJqlJld7WJD43l057wVpX10pNnsJZnEE+qLgw8N5L5ZDlO5/G3Vd127jWIc6kgXK8pBzGa i/Edmr4cGPTjIZVCE0gCqcNUQEYj3Ahk6Y+eY47NWSz92xfyGo00DbO4c/l66F0dtG88k/ 3g/QX1eUzX8f9tcoDx0Su/okC1Q+5PCehwNz5iq7/vHKj0Iu9hFY8ZyS4rgrRg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724162734; a=rsa-sha256; cv=none; b=r/005KHJqUAD+HIirVy7RsnXcMlvC+sc5WWtBiXL4BCNRZlY19VwuAIgP3YqlMnJae5pzK WNUYCkBSDZGG1c1dqq+pD3JmHjUkJ/gDvnjbzUyudAGxmo8+eModB3OiFv8FWjXYH/rlFR uTWiVK6hHZbt/zXKzabjsMnBlonUQ1FxkoRrRPokYe76COIO8707Fjzwbhu90EHfQzVy3j BQuYrMRB/34c3FUMO3blnnnk1iscotJdZ7OkWyXG7MtjevN/GnapFWQ7fgnJzjSmbL4Aqm EviRMsazMaiQqzJzbCxW9xlZJK3zklX6YyvYRVL0cIkKINdY1wOWsy7LDGzaWg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724162734; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=V9G5g8+HH7U+4AroY6b9LJ7v0jPqom5Cbe37JJIEFE8=; b=ff1TJ7TsoKFrN4fgJzDSB3AXTGjfPtoNbrlMbC+4rOmgeuZi/UvppwozO+UZoPqiCs7x+o e0CnFm7Cd0/tJ9kXW00rIDxM1APXBbFaV2w112gO7kahSdW5esXDO2fhvwbK45jdqGiHc+ e8sswBj87TDaabaLVyIPCU4Jtqc+t/ABSuJKEiQ4FYbCCBTvrTF+ZUpiFzsBo5oxKrMiVH +dj40V9BZhsvLlFz5J2b/vo+8fV5x52eBQaHDWaS2Q2NpIN6cWGJPTaTKsbu/t7UMhIqR9 4THLHPEn9gE1r9dIQItwkO7r6QXxXVYACZvGe0gRZDQyZwOC1fS3eZkUCNJXsQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpB7f1wxhz13Mv; Tue, 20 Aug 2024 14:05:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47KE5Y0o091243; Tue, 20 Aug 2024 14:05:34 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47KE5Y3F091240; Tue, 20 Aug 2024 14:05:34 GMT (envelope-from git) Date: Tue, 20 Aug 2024 14:05:34 GMT Message-Id: <202408201405.47KE5Y3F091240@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 04716d51ba5b - stable/14 - ithread: Improve synchronization in ithread_destroy() List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 04716d51ba5bb3b78f244d4acc6b67d933d2a0f1 Auto-Submitted: auto-generated The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=04716d51ba5bb3b78f244d4acc6b67d933d2a0f1 commit 04716d51ba5bb3b78f244d4acc6b67d933d2a0f1 Author: Mark Johnston AuthorDate: 2024-07-30 14:36:54 +0000 Commit: Mark Johnston CommitDate: 2024-08-20 13:27:05 +0000 ithread: Improve synchronization in ithread_destroy() Previously, to destroy an ithread we would set IT_DEAD in its flags, and then wake it up if it wasn't already running. After doing this, intr_event_destroy() would free the intr_event structure. However, it did not wait for the ithread to exit, so it was possible for the ithread to access the intr_event after it was freed. This use-after-free happens readily when running the pf tests in parallel, since they frequently create and destroy VNET jails, and pf registers several VNET-local swi handlers. Fix the race by modifying ithread_destroy() to wait until the ithread has signaled that it is about to exit by setting ie->ie_thread = NULL. Existing callers of intr_event_destroy() are allowed to sleep. Reported by: KASAN Reviewed by: kib, jhb MFC after: 3 weeks Differential Revision: https://reviews.freebsd.org/D45492 (cherry picked from commit 8381e9f49ec733437754a822ef2e8344115289ac) --- sys/kern/kern_intr.c | 41 ++++++++++++++++++++++------------------- 1 file changed, 22 insertions(+), 19 deletions(-) diff --git a/sys/kern/kern_intr.c b/sys/kern/kern_intr.c index 2e8ed6c5ece9..739b4ea4b2b5 100644 --- a/sys/kern/kern_intr.c +++ b/sys/kern/kern_intr.c @@ -541,14 +541,10 @@ intr_event_destroy(struct intr_event *ie) return (EBUSY); } TAILQ_REMOVE(&event_list, ie, ie_list); -#ifndef notyet - if (ie->ie_thread != NULL) { + mtx_unlock(&event_lock); + if (ie->ie_thread != NULL) ithread_destroy(ie->ie_thread); - ie->ie_thread = NULL; - } -#endif mtx_unlock(&ie->ie_lock); - mtx_unlock(&event_lock); mtx_destroy(&ie->ie_lock); free(ie, M_ITHREAD); return (0); @@ -581,10 +577,16 @@ ithread_create(const char *name) static void ithread_destroy(struct intr_thread *ithread) { + struct intr_event *ie; struct thread *td; - CTR2(KTR_INTR, "%s: killing %s", __func__, ithread->it_event->ie_name); td = ithread->it_thread; + ie = ithread->it_event; + + mtx_assert(&ie->ie_lock, MA_OWNED); + + CTR2(KTR_INTR, "%s: killing %s", __func__, ie->ie_name); + thread_lock(td); ithread->it_flags |= IT_DEAD; if (TD_AWAITING_INTR(td)) { @@ -592,6 +594,8 @@ ithread_destroy(struct intr_thread *ithread) sched_wakeup(td, SRQ_INTR); } else thread_unlock(td); + while (ie->ie_thread != NULL) + msleep(ithread, &ie->ie_lock, 0, "ithd_dth", 0); } int @@ -1235,7 +1239,7 @@ ithread_loop(void *arg) struct intr_event *ie; struct thread *td; struct proc *p; - int wake, epoch_count; + int epoch_count; bool needs_epoch; td = curthread; @@ -1245,7 +1249,6 @@ ithread_loop(void *arg) ("%s: ithread and proc linkage out of sync", __func__)); ie = ithd->it_event; ie->ie_count = 0; - wake = 0; /* * As long as we have interrupts outstanding, go through the @@ -1255,9 +1258,14 @@ ithread_loop(void *arg) /* * If we are an orphaned thread, then just die. */ - if (ithd->it_flags & IT_DEAD) { + if (__predict_false((ithd->it_flags & IT_DEAD) != 0)) { CTR3(KTR_INTR, "%s: pid %d (%s) exiting", __func__, p->p_pid, td->td_name); + mtx_lock(&ie->ie_lock); + ie->ie_thread = NULL; + wakeup(ithd); + mtx_unlock(&ie->ie_lock); + free(ithd, M_ITHREAD); kthread_exit(); } @@ -1302,17 +1310,12 @@ ithread_loop(void *arg) TD_SET_IWAIT(td); ie->ie_count = 0; mi_switch(SW_VOL | SWT_IWAIT); - } else { - if (ithd->it_flags & IT_WAIT) { - wake = 1; - ithd->it_flags &= ~IT_WAIT; - } + } else if ((ithd->it_flags & IT_WAIT) != 0) { + ithd->it_flags &= ~IT_WAIT; thread_unlock(td); - } - if (wake) { wakeup(ithd); - wake = 0; - } + } else + thread_unlock(td); } } From nobody Tue Aug 20 15:15:39 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpChX15t2z5TJHk; Tue, 20 Aug 2024 15:15:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpChX0NXFz4tNW; Tue, 20 Aug 2024 15:15:40 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166940; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1Fu7UBoLLEqk34xTy2ISVde+0NXkte9lj/d+Js46Sk4=; b=A54esU0EGPkMfy3vPMEoSgHbdGBy7bREa4FQGcyH7UQZ+c+CgvNdrySMT/AXsi+bl4Ufuh td8xeyYZbMpV9xTGI4l6Ci/aOeUYEd3ZGShEyj0kA/j5Xda/BfQLKGuHDCsDM7KZ7Tx+oA MSlj1e3NoH+P2VecuXim79alaKbiPFQqDnmykogV3VqfOO0QQvp8nOKo1rwA7oNcSj+h/v 1OcUrEYoI6zydjKGc3BVlg+c/hqtmNPMMijYyDu9SwjruQ5bKsDSr3sY8sj/bpfuP57UzW 49Qh9HtAzACtHFOjN11RlB129Zj0sJAJ/OwaNX8k6QODkP+xUpXO/NnAy2YFsw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724166940; a=rsa-sha256; cv=none; b=Hk+vf6eVK9+JGoV+KXpJHwJMrRk25e9Z7xfS2UlLVPX3UTXvO/wLZnHzg5sqYcoFF/LT7w blyyFN+QMqXJAlC9P3+VSWLvC/gMej7Rh/e/gRBs8qMWauGh+Rb9NteAqFb6iPQ+eUb/4f /v6+XdaWZCIfYbV5IS6ji4RjPps/7zZDeVz8D8wnul8e+PWZN0569dEkipM2guYX0yB6rU QlZmFuhljpjZHv0ZwYMgtQkpXPCyiFz7JIG4G44r2S1mlLwuMETIjsMX8BNM9/zGsVOHR7 ARYmuEvflmpor+dOGx968JOHUx5fe58ZGFNatXF3XjWQIbRQQnSY9EglTj76FA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166940; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1Fu7UBoLLEqk34xTy2ISVde+0NXkte9lj/d+Js46Sk4=; b=fMdRrHqFnrS2J5E2X6C6fqKuJTZwMUfqM4ginMWTjT53Tduo4oLZMXsYMgZAPWK19vbCqr fZuRTUFHntAhnFF3KWPyYARD/TJPAKXL3X5xxbqc75g8vuWbvP0xdH0UgHqHDltV4pdki0 5ZVOsSj7xRR5K+seXjkqsa9MSSDJZRfJ8MMnXVSpPF2HZfjElwvr0groQzWUM9yEtbtV3O beHsY74I2otGZ4KLjZxjRtHQ/aYFg3JgPI3NTirRH8DZnDo5LBTL5jUx3bng8KusX47BMU Et2kL2TxyeGRrQFXWtbQ9np4AnuNEQiynkvOwgjVb+je1sFdfBuUzMdMub2aKA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpChW75bLz145Y; Tue, 20 Aug 2024 15:15:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47KFFdFn010255; Tue, 20 Aug 2024 15:15:39 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47KFFdX4010252; Tue, 20 Aug 2024 15:15:39 GMT (envelope-from git) Date: Tue, 20 Aug 2024 15:15:39 GMT Message-Id: <202408201515.47KFFdX4010252@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 27a1a56b0d2e - stable/14 - pf: fix icmp-in-icmp state lookup List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 27a1a56b0d2e6ffa6ab1de69ef84fe66b7fd41e0 Auto-Submitted: auto-generated The branch stable/14 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=27a1a56b0d2e6ffa6ab1de69ef84fe66b7fd41e0 commit 27a1a56b0d2e6ffa6ab1de69ef84fe66b7fd41e0 Author: Kristof Provost AuthorDate: 2024-08-12 14:07:35 +0000 Commit: Kristof Provost CommitDate: 2024-08-20 15:15:09 +0000 pf: fix icmp-in-icmp state lookup In 534ee17e6 pf state checking for ICMP(v6) was made stricter. This change failed to correctly set the pf_pdesc for ICMP-in-ICMP lookups, resulting in ICMP error packets potentially being dropped incorrectly. Specially, it copied the ICMP header into a separate variable, not into the pf_pdesc. Populate the required pf_pdesc fields for the embedded ICMP packet's state lookup. PR: 280701 MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 2da98eef1f352c496ffd458b4c68ddee972bb903) --- sys/netpfil/pf/pf.c | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 1fa60ce9d051..4e6aa90206b1 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -7091,9 +7091,9 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, } #ifdef INET case IPPROTO_ICMP: { - struct icmp iih; + struct icmp *iih = &pd2.hdr.icmp; - if (!pf_pull_hdr(m, off2, &iih, ICMP_MINLEN, + if (!pf_pull_hdr(m, off2, iih, ICMP_MINLEN, NULL, reason, pd2.af)) { DPFPRINTF(PF_DEBUG_MISC, ("pf: ICMP error message too short i" @@ -7101,12 +7101,13 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, return (PF_DROP); } - icmpid = iih.icmp_id; - pf_icmp_mapping(&pd2, iih.icmp_type, + icmpid = iih->icmp_id; + pf_icmp_mapping(&pd2, iih->icmp_type, &icmp_dir, &multi, &virtual_id, &virtual_type); + pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, - pd->dir, kif, virtual_id, virtual_type, + pd2.dir, kif, virtual_id, virtual_type, icmp_dir, &iidx, PF_ICMP_MULTI_NONE); if (ret >= 0) return (ret); @@ -7120,10 +7121,10 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, if (PF_ANEQ(pd2.src, &nk->addr[pd2.sidx], pd2.af) || (virtual_type == htons(ICMP_ECHO) && - nk->port[iidx] != iih.icmp_id)) + nk->port[iidx] != iih->icmp_id)) pf_change_icmp(pd2.src, (virtual_type == htons(ICMP_ECHO)) ? - &iih.icmp_id : NULL, + &iih->icmp_id : NULL, daddr, &nk->addr[pd2.sidx], (virtual_type == htons(ICMP_ECHO)) ? nk->port[iidx] : 0, NULL, @@ -7139,7 +7140,7 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, m_copyback(m, off, ICMP_MINLEN, (caddr_t)&pd->hdr.icmp); m_copyback(m, ipoff2, sizeof(h2), (caddr_t)&h2); - m_copyback(m, off2, ICMP_MINLEN, (caddr_t)&iih); + m_copyback(m, off2, ICMP_MINLEN, (caddr_t)iih); } return (PF_PASS); break; @@ -7147,9 +7148,9 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, #endif /* INET */ #ifdef INET6 case IPPROTO_ICMPV6: { - struct icmp6_hdr iih; + struct icmp6_hdr *iih = &pd2.hdr.icmp6; - if (!pf_pull_hdr(m, off2, &iih, + if (!pf_pull_hdr(m, off2, iih, sizeof(struct icmp6_hdr), NULL, reason, pd2.af)) { DPFPRINTF(PF_DEBUG_MISC, ("pf: ICMP error message too short " @@ -7157,8 +7158,10 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, return (PF_DROP); } - pf_icmp_mapping(&pd2, iih.icmp6_type, + pf_icmp_mapping(&pd2, iih->icmp6_type, &icmp_dir, &multi, &virtual_id, &virtual_type); + + pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, pd->dir, kif, virtual_id, virtual_type, icmp_dir, &iidx, PF_ICMP_MULTI_NONE); @@ -7186,10 +7189,10 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, if (PF_ANEQ(pd2.src, &nk->addr[pd2.sidx], pd2.af) || ((virtual_type == htons(ICMP6_ECHO_REQUEST)) && - nk->port[pd2.sidx] != iih.icmp6_id)) + nk->port[pd2.sidx] != iih->icmp6_id)) pf_change_icmp(pd2.src, (virtual_type == htons(ICMP6_ECHO_REQUEST)) - ? &iih.icmp6_id : NULL, + ? &iih->icmp6_id : NULL, daddr, &nk->addr[pd2.sidx], (virtual_type == htons(ICMP6_ECHO_REQUEST)) ? nk->port[iidx] : 0, NULL, @@ -7207,7 +7210,7 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, (caddr_t)&pd->hdr.icmp6); m_copyback(m, ipoff2, sizeof(h2_6), (caddr_t)&h2_6); m_copyback(m, off2, sizeof(struct icmp6_hdr), - (caddr_t)&iih); + (caddr_t)iih); } return (PF_PASS); break; From nobody Tue Aug 20 15:15:41 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpChY3ngyz5TJBr; Tue, 20 Aug 2024 15:15:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpChY33p6z4tQP; Tue, 20 Aug 2024 15:15:41 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166941; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=iX8bkUKWZtdt4kyjOFpR4OM9SDcuc7im8TQnBZDffDg=; b=WEEc76pUcHuygcFgnegquGRkWATV8TD3ynh1mLuzrJ48pOzqi0CWLgoSAFHdjxFwQwqBbr AE+EKzi4xTBZwM8dz7ll/jAoytTDOGiYj730Y2ARfFGNh0QMczX6wYcyF42FQEIW/rBzVy 8JNWpDC3rovAp0X0oJj2xwxt6lcocuRa9CN0mi0/hF9sUBsO9W59P9VsmqmQjLpspxYLYB y8I89iGZ5grp0RTjGgPyvOA0wE+AqphZE94fvXlfLNx9NxY7j70YE0mKDC+aTKO2ggRrBK XJ6KB3fe9qkfrLuOvla5RKZRfqfiBwJR0NU6m0hoAu4mH5UyNoK4G26g3sUD+A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724166941; a=rsa-sha256; cv=none; b=wShW/M1IsEMW0ZCLOUH5aBFEJKpxtbjPad+azkl+zwStF3V+opqN9L/IVYps97WXTBfEpo Jykzhg5+koKeIhFjQBqigT5pg4jUa1npTX3XygY+z/IIvNhAP7H77MaXAaWgSxVIP9dxZx yOp2SJL0MiPSj8OjBpLwV8k7oOCslwZM1lV93ShWfse4Yc5+0lCAdAw5BAv6LtDIQc3auk r5Fz9mlwp7zMnXSRqeEtFwXtrGZP9PuXbJAiGJLvP9sK3SeeIEvoG3M1yuYFZB3IMo7GIZ +xqhSinI4ZHMIc4WmNn/O8pE3XUr1HunXPQrUC0fHIoH744XraFbaVIwe0cXug== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166941; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=iX8bkUKWZtdt4kyjOFpR4OM9SDcuc7im8TQnBZDffDg=; b=qkk0IMTgofmQJ9cRDgqQBtKyzaw7KT5fYEltxeMEbK98VXGe0Ss0M7r+6iRlmHKYMvWetr /EdKxwnAvDt9GTnL1z1sADpI7IFhWXnBUiJXQGlnvZVSWg3YM4+OtpfMAOp3jphXG47ZP7 IKAqDQFYnxtZU8xyj7A20CwA/u2cGxw8Ni7tByV3YmGuZpAulbzUB4MeIGeJ8vF9CcXSxi 7ILpnrAs2U1Fsj4VwEqoOMDreFO+fd6MU8DmWoOreseyoJM62RyOgcPk1ec5TMPJT8tb7O Egy69JU8wwRn7lBFyrKc4Y9NISKhNcpV6Iz2pjCWDgXl0oPWA3btJS6P0QzeQQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpChY2fDGz15Bf; Tue, 20 Aug 2024 15:15:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47KFFfg8010419; Tue, 20 Aug 2024 15:15:41 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47KFFf3P010416; Tue, 20 Aug 2024 15:15:41 GMT (envelope-from git) Date: Tue, 20 Aug 2024 15:15:41 GMT Message-Id: <202408201515.47KFFf3P010416@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 0d8d4cc3ea47 - stable/13 - pf: fix icmp-in-icmp state lookup List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 0d8d4cc3ea47f1ee61d749b22b135eb73c7d33cd Auto-Submitted: auto-generated The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=0d8d4cc3ea47f1ee61d749b22b135eb73c7d33cd commit 0d8d4cc3ea47f1ee61d749b22b135eb73c7d33cd Author: Kristof Provost AuthorDate: 2024-08-12 14:07:35 +0000 Commit: Kristof Provost CommitDate: 2024-08-20 07:21:51 +0000 pf: fix icmp-in-icmp state lookup In 534ee17e6 pf state checking for ICMP(v6) was made stricter. This change failed to correctly set the pf_pdesc for ICMP-in-ICMP lookups, resulting in ICMP error packets potentially being dropped incorrectly. Specially, it copied the ICMP header into a separate variable, not into the pf_pdesc. Populate the required pf_pdesc fields for the embedded ICMP packet's state lookup. PR: 280701 MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 2da98eef1f352c496ffd458b4c68ddee972bb903) --- sys/netpfil/pf/pf.c | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 07d0604e924c..7d04bf07f760 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -6499,9 +6499,9 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif } #ifdef INET case IPPROTO_ICMP: { - struct icmp iih; + struct icmp *iih = &pd2.hdr.icmp; - if (!pf_pull_hdr(m, off2, &iih, ICMP_MINLEN, + if (!pf_pull_hdr(m, off2, iih, ICMP_MINLEN, NULL, reason, pd2.af)) { DPFPRINTF(PF_DEBUG_MISC, ("pf: ICMP error message too short i" @@ -6509,12 +6509,13 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif return (PF_DROP); } - icmpid = iih.icmp_id; - pf_icmp_mapping(&pd2, iih.icmp_type, + icmpid = iih->icmp_id; + pf_icmp_mapping(&pd2, iih->icmp_type, &icmp_dir, &multi, &virtual_id, &virtual_type); + pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, - pd->dir, kif, virtual_id, virtual_type, + pd2.dir, kif, virtual_id, virtual_type, icmp_dir, &iidx, PF_ICMP_MULTI_NONE); if (ret >= 0) return (ret); @@ -6528,10 +6529,10 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif if (PF_ANEQ(pd2.src, &nk->addr[pd2.sidx], pd2.af) || (virtual_type == htons(ICMP_ECHO) && - nk->port[iidx] != iih.icmp_id)) + nk->port[iidx] != iih->icmp_id)) pf_change_icmp(pd2.src, (virtual_type == htons(ICMP_ECHO)) ? - &iih.icmp_id : NULL, + &iih->icmp_id : NULL, daddr, &nk->addr[pd2.sidx], (virtual_type == htons(ICMP_ECHO)) ? nk->port[iidx] : 0, NULL, @@ -6547,7 +6548,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif m_copyback(m, off, ICMP_MINLEN, (caddr_t)&pd->hdr.icmp); m_copyback(m, ipoff2, sizeof(h2), (caddr_t)&h2); - m_copyback(m, off2, ICMP_MINLEN, (caddr_t)&iih); + m_copyback(m, off2, ICMP_MINLEN, (caddr_t)iih); } return (PF_PASS); break; @@ -6555,9 +6556,9 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif #endif /* INET */ #ifdef INET6 case IPPROTO_ICMPV6: { - struct icmp6_hdr iih; + struct icmp6_hdr *iih = &pd2.hdr.icmp6; - if (!pf_pull_hdr(m, off2, &iih, + if (!pf_pull_hdr(m, off2, iih, sizeof(struct icmp6_hdr), NULL, reason, pd2.af)) { DPFPRINTF(PF_DEBUG_MISC, ("pf: ICMP error message too short " @@ -6565,8 +6566,10 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif return (PF_DROP); } - pf_icmp_mapping(&pd2, iih.icmp6_type, + pf_icmp_mapping(&pd2, iih->icmp6_type, &icmp_dir, &multi, &virtual_id, &virtual_type); + + pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, pd->dir, kif, virtual_id, virtual_type, icmp_dir, &iidx, PF_ICMP_MULTI_NONE); @@ -6594,10 +6597,10 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif if (PF_ANEQ(pd2.src, &nk->addr[pd2.sidx], pd2.af) || ((virtual_type == htons(ICMP6_ECHO_REQUEST)) && - nk->port[pd2.sidx] != iih.icmp6_id)) + nk->port[pd2.sidx] != iih->icmp6_id)) pf_change_icmp(pd2.src, (virtual_type == htons(ICMP6_ECHO_REQUEST)) - ? &iih.icmp6_id : NULL, + ? &iih->icmp6_id : NULL, daddr, &nk->addr[pd2.sidx], (virtual_type == htons(ICMP6_ECHO_REQUEST)) ? nk->port[iidx] : 0, NULL, @@ -6615,7 +6618,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif (caddr_t)&pd->hdr.icmp6); m_copyback(m, ipoff2, sizeof(h2_6), (caddr_t)&h2_6); m_copyback(m, off2, sizeof(struct icmp6_hdr), - (caddr_t)&iih); + (caddr_t)iih); } return (PF_PASS); break; From nobody Tue Aug 20 15:15:41 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpChY3jTbz5TJL8; Tue, 20 Aug 2024 15:15:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpChY1fCjz4tG6; Tue, 20 Aug 2024 15:15:41 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166941; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=IrSaawg/WIce1JiOhceabvEd+G3x1rrYThUpOOCu/5k=; b=e8O1kKYgjLxHxSJppYy6C6eb4YeKqdqbQ37N2/5VQCNV3BHA6ki/kOnQZrSCqBsWCDuBbk ZHtCVrUu0qiVyBWXlEwIWfHzYM8lVdNwusdDGM+xlGXlOiyoOm5S0yoDcl9nFs12VbGh2I sj8C8kD1pBBMUx4MImg6Dm+YLD9j8ytngHWnDYwGcsAXPANCewB1ce1TOq7hRJ2wo4N75b dvb6IE59x48L+S925V7I/zt1Uoxd0OMUiK2iiPLjamS+wq1EibTWFdT1e+ZAMGesF18o1F jQJaxJtHaPpzzEfa5XyhYpqt1/RhzVUgzR8ShSttCPhCrn6AWEKIVM7Z6MZvUQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724166941; a=rsa-sha256; cv=none; b=aGfHRh7RRZnihIcqnenZWWhARtdDAPepIg/oaT/eP1fJustbMlkwCQGZLqiUPuZcT+zLKg 1HhV6PAlAkevVyzs5FJyxsAPThk86/XeH1QPe/WVwtaWea+qteINugFtTKSmjNUsfpu1be WfVJ+7t/XWRvW7Nn4n6VGyfuQRaEFQ8bW3J+had+b+lCYA2jcW1GtFYkr8ir1SestBVCKq 0gUF6xhfDmIRTIvV5L8ThhRW8lKyTifv8adbtVJUaAUsYipPVthqWguby0opBzkbxLaEnV 4ZdFhskdYcPKxSnsq+i+4nc6RigUSYRSEHq0dhltO4WWEwuVNde143D2eZKlTQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166941; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=IrSaawg/WIce1JiOhceabvEd+G3x1rrYThUpOOCu/5k=; b=cVUlvjYdg8OVnqQ/Sn7KabHNxWpaaQBdbHd9BAAcv21tuxdkTpRpDGVCLlNXDlAgUmQXRI ulUC34BAbPPF4nYbSX/vs3wScf6SOnqO2v34hY0FO/eHXQpZqPRd3CBW8IXMtGfEHWFkLU ZKet1z3/LsQ+6gDzxfocvs5lSHKOCYASn9vRS7qdC+p4JTDn1RwAB8UZpA97mCBoBOcBWp lLmliEORcBERmwBcbVgmELQ1/jIC0x9CRoYRXP/k6kyNZwEKR2J8z9qGK9vg61avPatBlJ jkW9Qh2w+BtA5pakyknFWNjeHnJH1T+Bv2u54REZgk1AKL4qSdu7eOVMG3jqvg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpChY1GQXz14mP; Tue, 20 Aug 2024 15:15:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47KFFfib010334; Tue, 20 Aug 2024 15:15:41 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47KFFf0a010327; Tue, 20 Aug 2024 15:15:41 GMT (envelope-from git) Date: Tue, 20 Aug 2024 15:15:41 GMT Message-Id: <202408201515.47KFFf0a010327@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 3455a02b5aed - stable/14 - pf tests: ensure that traceroutes using ICMP work List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 3455a02b5aed6f24f425b6a4fad4256fe74b13ed Auto-Submitted: auto-generated The branch stable/14 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=3455a02b5aed6f24f425b6a4fad4256fe74b13ed commit 3455a02b5aed6f24f425b6a4fad4256fe74b13ed Author: Kristof Provost AuthorDate: 2024-08-12 10:14:43 +0000 Commit: Kristof Provost CommitDate: 2024-08-20 15:15:10 +0000 pf tests: ensure that traceroutes using ICMP work PR: 280701 MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 34063cb714602972b6d985ad747fc8f66a8daae1) --- tests/sys/netpfil/pf/icmp.sh | 65 +++++++++++++++++++++++++++++++++++++++++++ tests/sys/netpfil/pf/icmp6.sh | 65 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 130 insertions(+) diff --git a/tests/sys/netpfil/pf/icmp.sh b/tests/sys/netpfil/pf/icmp.sh index 72b531b08c51..16c4123b8dfe 100644 --- a/tests/sys/netpfil/pf/icmp.sh +++ b/tests/sys/netpfil/pf/icmp.sh @@ -71,7 +71,72 @@ cve_2019_5598_cleanup() pft_cleanup } +atf_test_case "ttl_exceeded" "cleanup" +ttl_exceeded_head() +{ + atf_set descr 'Test that we correctly translate TTL exceeded back' + atf_set require.user root +} + +ttl_exceeded_body() +{ + pft_init + + epair_srv=$(vnet_mkepair) + epair_int=$(vnet_mkepair) + epair_cl=$(vnet_mkepair) + + vnet_mkjail srv ${epair_srv}a + jexec srv ifconfig ${epair_srv}a 192.0.2.1/24 up + jexec srv route add default 192.0.2.2 + + vnet_mkjail int ${epair_srv}b ${epair_int}a + jexec int sysctl net.inet.ip.forwarding=1 + jexec int ifconfig ${epair_srv}b 192.0.2.2/24 up + jexec int ifconfig ${epair_int}a 203.0.113.2/24 up + + vnet_mkjail nat ${epair_int}b ${epair_cl}b + jexec nat ifconfig ${epair_int}b 203.0.113.1/24 up + jexec nat ifconfig ${epair_cl}b 198.51.100.2/24 up + jexec nat sysctl net.inet.ip.forwarding=1 + jexec nat route add default 203.0.113.2 + + vnet_mkjail cl ${epair_cl}a + jexec cl ifconfig ${epair_cl}a 198.51.100.1/24 up + jexec cl route add default 198.51.100.2 + + jexec nat pfctl -e + pft_set_rules nat \ + "nat on ${epair_int}b from 198.51.100.0/24 -> (${epair_int}b)" \ + "pass" + + # Sanity checks + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 198.51.100.2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 203.0.113.1 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 203.0.113.2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 192.0.2.1 + + echo "UDP" + atf_check -s exit:0 -e ignore -o match:".*203.0.113.2.*" \ + jexec cl traceroute 192.0.2.1 + jexec nat pfctl -Fs + + echo "ICMP" + atf_check -s exit:0 -e ignore -o match:".*203.0.113.2.*" \ + jexec cl traceroute -I 192.0.2.1 +} + +ttl_exceeded_cleanup() +{ + pft_cleanup +} + atf_init_test_cases() { atf_add_test_case "cve_2019_5598" + atf_add_test_case "ttl_exceeded" } diff --git a/tests/sys/netpfil/pf/icmp6.sh b/tests/sys/netpfil/pf/icmp6.sh index 35d20c83cc4f..c54b54c20a87 100644 --- a/tests/sys/netpfil/pf/icmp6.sh +++ b/tests/sys/netpfil/pf/icmp6.sh @@ -83,7 +83,72 @@ zero_id_cleanup() pft_cleanup } +atf_test_case "ttl_exceeded" "cleanup" +ttl_exceeded_head() +{ + atf_set descr 'Test that we correctly translate TTL exceeded back' + atf_set require.user root +} + +ttl_exceeded_body() +{ + pft_init + + epair_srv=$(vnet_mkepair) + epair_int=$(vnet_mkepair) + epair_cl=$(vnet_mkepair) + + vnet_mkjail srv ${epair_srv}a + jexec srv ifconfig ${epair_srv}a inet6 2001:db8:1::1/64 no_dad up + jexec srv route add -6 default 2001:db8:1::2 + + vnet_mkjail int ${epair_srv}b ${epair_int}a + jexec int sysctl net.inet6.ip6.forwarding=1 + jexec int ifconfig ${epair_srv}b inet6 2001:db8:1::2/64 no_dad up + jexec int ifconfig ${epair_int}a inet6 2001:db8:2::2/64 no_dad up + + vnet_mkjail nat ${epair_int}b ${epair_cl}b + jexec nat ifconfig ${epair_int}b inet6 2001:db8:2::1 no_dad up + jexec nat ifconfig ${epair_cl}b inet6 2001:db8:3::2/64 no_dad up + jexec nat sysctl net.inet6.ip6.forwarding=1 + jexec nat route add -6 default 2001:db8:2::2 + + vnet_mkjail cl ${epair_cl}a + jexec cl ifconfig ${epair_cl}a inet6 2001:db8:3::1/64 no_dad up + jexec cl route add -6 default 2001:db8:3::2 + + jexec nat pfctl -e + pft_set_rules nat \ + "nat on ${epair_int}b from 2001:db8:3::/64 -> (${epair_int}b:0)" \ + "pass" + + # Sanity checks + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:3::2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:2::1 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:2::2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:1::1 + + echo "UDP" + atf_check -s exit:0 -e ignore -o match:".*2001:db8:2::2.*" \ + jexec cl traceroute6 2001:db8:1::1 + jexec nat pfctl -Fs + + echo "ICMP" + atf_check -s exit:0 -e ignore -o match:".*2001:db8:2::2.*" \ + jexec cl traceroute6 -I 2001:db8:1::1 +} + +ttl_exceeded_cleanup() +{ + pft_cleanup +} + atf_init_test_cases() { atf_add_test_case "zero_id" + atf_add_test_case "ttl_exceeded" } From nobody Tue Aug 20 15:15:42 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpChZ5tlyz5TJBw; Tue, 20 Aug 2024 15:15:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpChZ2lltz4t7F; Tue, 20 Aug 2024 15:15:42 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166942; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=R+h8FPLaZSZxkm7KB/m3FTO+KX+gHqaSPJ0LkcN9gFk=; b=EYmaBs44nCatWLXOHcvEz99q1C4zNGU9wsS5B6FPjec9AAFLF20+Cx76l6w4pfxpPeXjmp WWx1LhMzH9yZCflTqeqJYIW0/PdCp1vbDdHzjv+XaG9sjBt+W5HTUKDlrfKtProEIVYNMU 9NbSu2FcsyTCjyTNPTvnF0c6tnQ7ruvhJXp5F8PMgapktZY/NDUtIFzxfqcE+Xq0lbMIIH O8hcS6mcqYwbY9XsgEfI8RgbrDZ9ccTaV5g9Pg6rRIdKyjglAA7jJs1EJCoQcXaIORdjB3 sKR/1EnnG+X7Tf53vAn+J8f50nmQDHrUYOWHzuCG/07wHSuaOrzDAdYcrcGx7A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724166942; a=rsa-sha256; cv=none; b=GVy0yw2ulnJ3va0y4ZYAJ+HdHkQsYgMG8lfWW7KLvEcQBnfZklPItvYyxkErU5vvLVXxyu AYuG638CsgmqG//ENJGHke3ekbUs+T1R6qZQjo9uJxQ/7kAJwfLLQuOUIBnNlay7eWpE9H JxnwmWRlbb7pYxuOGpkWhjKh51mi4C67/fg+9vLDeGBkeyfTp8XZv/Kip3XPwpL8Hf7TWv TKYv2iiDqSfmb4u2nQxxXuSEU9eIMiCanv+3OiVFqgJ9NDi8cR3CFJ8EixdtuSRtSfX8nv CokwXNc1whVSgmECRyA3b6H/wmkKvSp+UtjG2HlvENmQSXj+j6pgvYx1v2jEcw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166942; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=R+h8FPLaZSZxkm7KB/m3FTO+KX+gHqaSPJ0LkcN9gFk=; b=l0c6HbCMe8TQ28kVzRKihPkZzgkfDaw7Tzv3xGUgUf+CAfgTPWjTxCyk7UpHUKBhTVq5y0 4OHe+cmy2RdbjHy+V95vGWXkQ0vuMCCADbXiHXJUYvngK2gLBhgTFEDQ8/yMK9i62KpXjX HAbW/qtGvZN8VzWcWbXPbhZo+LxSU7WKcfFyMC41LueRdOULKvTehHdgRTynzQlh+vSC02 vs3xlfvXICvDW7M4ZqQoOEY/YpB+C9Lit/9GjaY0CWBBxEE65ajger+gGBCrrx3k9gnlKC p/FHgZ7Kp5C8YTwCFYX0cqY+2MnQ1hHSXMwPyW+t+kOUhX2o2dTDC4byfKOifg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpChZ22QZz15Bg; Tue, 20 Aug 2024 15:15:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47KFFgrE010470; Tue, 20 Aug 2024 15:15:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47KFFg6U010467; Tue, 20 Aug 2024 15:15:42 GMT (envelope-from git) Date: Tue, 20 Aug 2024 15:15:42 GMT Message-Id: <202408201515.47KFFg6U010467@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 46c4fc50d301 - stable/14 - pf: invert direction for inner icmp state lookups List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 46c4fc50d3012ca3c8756df243589add36b70830 Auto-Submitted: auto-generated The branch stable/14 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=46c4fc50d3012ca3c8756df243589add36b70830 commit 46c4fc50d3012ca3c8756df243589add36b70830 Author: Kristof Provost AuthorDate: 2024-08-14 09:29:30 +0000 Commit: Kristof Provost CommitDate: 2024-08-20 15:15:10 +0000 pf: invert direction for inner icmp state lookups (e.g. traceroute with icmp) ok henning, jsing Also extend the test case to cover this scenario. PR: 280701 Obtained from: OpenBSD MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 89f6723288b0d27d3f14f93e6e83f672fa2b8aca) --- sys/netpfil/pf/pf.c | 21 +++++++++++---------- tests/sys/netpfil/pf/icmp.sh | 4 +++- tests/sys/netpfil/pf/icmp6.sh | 4 +++- 3 files changed, 17 insertions(+), 12 deletions(-) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 4e6aa90206b1..381d0f8b193e 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -346,7 +346,7 @@ static int pf_test_state_udp(struct pf_kstate **, int pf_icmp_state_lookup(struct pf_state_key_cmp *, struct pf_pdesc *, struct pf_kstate **, struct mbuf *, int, struct pfi_kkif *, u_int16_t, u_int16_t, - int, int *, int); + int, int *, int, int); static int pf_test_state_icmp(struct pf_kstate **, struct pfi_kkif *, struct mbuf *, int, void *, struct pf_pdesc *, u_short *); @@ -6597,7 +6597,8 @@ pf_multihome_scan_asconf(struct mbuf *m, int start, int len, int pf_icmp_state_lookup(struct pf_state_key_cmp *key, struct pf_pdesc *pd, struct pf_kstate **state, struct mbuf *m, int direction, struct pfi_kkif *kif, - u_int16_t icmpid, u_int16_t type, int icmp_dir, int *iidx, int multi) + u_int16_t icmpid, u_int16_t type, int icmp_dir, int *iidx, int multi, + int inner) { key->af = pd->af; key->proto = pd->proto; @@ -6634,7 +6635,8 @@ pf_icmp_state_lookup(struct pf_state_key_cmp *key, struct pf_pdesc *pd, /* Is this ICMP message flowing in right direction? */ if ((*state)->rule.ptr->type && - (((*state)->direction == direction) ? + (((!inner && (*state)->direction == direction) || + (inner && (*state)->direction != direction)) ? PF_IN : PF_OUT) != icmp_dir) { if (V_pf_status.debug >= PF_DEBUG_MISC) { printf("pf: icmp type %d in wrong direction (%d): ", @@ -6692,7 +6694,7 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, */ ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir, kif, virtual_id, virtual_type, icmp_dir, &iidx, - PF_ICMP_MULTI_NONE); + PF_ICMP_MULTI_NONE, 0); if (ret >= 0) { if (ret == PF_DROP && pd->af == AF_INET6 && icmp_dir == PF_OUT) { @@ -6700,7 +6702,7 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, PF_STATE_UNLOCK((*state)); ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, multi); + icmp_dir, &iidx, multi, 0); if (ret >= 0) return (ret); } else @@ -6784,6 +6786,7 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, int off2 = 0; pd2.af = pd->af; + pd2.dir = pd->dir; /* Payload packet is from the opposite direction. */ pd2.sidx = (pd->dir == PF_IN) ? 1 : 0; pd2.didx = (pd->dir == PF_IN) ? 0 : 1; @@ -7105,10 +7108,9 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, pf_icmp_mapping(&pd2, iih->icmp_type, &icmp_dir, &multi, &virtual_id, &virtual_type); - pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, pd2.dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, PF_ICMP_MULTI_NONE); + icmp_dir, &iidx, PF_ICMP_MULTI_NONE, 1); if (ret >= 0) return (ret); @@ -7161,10 +7163,9 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, pf_icmp_mapping(&pd2, iih->icmp6_type, &icmp_dir, &multi, &virtual_id, &virtual_type); - pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, pd->dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, PF_ICMP_MULTI_NONE); + icmp_dir, &iidx, PF_ICMP_MULTI_NONE, 1); if (ret >= 0) { if (ret == PF_DROP && pd->af == AF_INET6 && icmp_dir == PF_OUT) { @@ -7173,7 +7174,7 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif, ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, multi); + icmp_dir, &iidx, multi, 1); if (ret >= 0) return (ret); } else diff --git a/tests/sys/netpfil/pf/icmp.sh b/tests/sys/netpfil/pf/icmp.sh index 16c4123b8dfe..f4c8ec5e5836 100644 --- a/tests/sys/netpfil/pf/icmp.sh +++ b/tests/sys/netpfil/pf/icmp.sh @@ -108,7 +108,9 @@ ttl_exceeded_body() jexec nat pfctl -e pft_set_rules nat \ "nat on ${epair_int}b from 198.51.100.0/24 -> (${epair_int}b)" \ - "pass" + "block" \ + "pass inet proto udp" \ + "pass inet proto icmp icmp-type { echoreq }" # Sanity checks atf_check -s exit:0 -o ignore \ diff --git a/tests/sys/netpfil/pf/icmp6.sh b/tests/sys/netpfil/pf/icmp6.sh index c54b54c20a87..b9b60a484afc 100644 --- a/tests/sys/netpfil/pf/icmp6.sh +++ b/tests/sys/netpfil/pf/icmp6.sh @@ -120,7 +120,9 @@ ttl_exceeded_body() jexec nat pfctl -e pft_set_rules nat \ "nat on ${epair_int}b from 2001:db8:3::/64 -> (${epair_int}b:0)" \ - "pass" + "block" \ + "pass inet6 proto udp" \ + "pass inet6 proto icmp6 icmp6-type { neighbrsol, neighbradv, echoreq }" # Sanity checks atf_check -s exit:0 -o ignore \ From nobody Tue Aug 20 15:15:42 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpChb0gZJz5TJR4; Tue, 20 Aug 2024 15:15:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpChZ3xgNz4tGG; Tue, 20 Aug 2024 15:15:42 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166942; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Zup3DVAGhp+loiOVvcjhoEXJDl61wFrOwMTBTC67d4g=; b=NHJhyK6vvWLCfyZtQgUfkA8EM5SV1wtpqlFQfYsSaUgqx22BFk0vEUOE0JGdUuYzNNn6lg UPcQVpNDjdcX4ru5kIfVntwReee4f7d+UaoZZJ2HvbIExoUbZJUnZ20PR/zJhZ2iP/Owim iLolCvNAJJsJmxcSRxkSWYiG4t/UjLj1MWB1mlfpywrNEGlEHrGUwQIoalgySrMw69DGjT ryXBMAa+gLBi1COF+DfpzCoM3J39LXC51UxFeKaxCv3LHWdxbQldk4J+PRTlcpEjZddevR 1wxjkdkMDPlZKa4MmSYgapMDkTXYbl0aH4cIvfZD9JWcCpa9hgdY1p52qZCitA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724166942; a=rsa-sha256; cv=none; b=St6NyLdlQSLPaikNc3B6wcn0+0vJPcsg1uMy3QLyuY/M36S3u2Npc1a27qQsfKWeINsmpf oeJb2lmOvE9+TcqOJk46AQWW2H7PoSpgYU6AZMIuoIXPzCIemDEPbhB6fv8D40vkUgmg0C PivDunVExcCn+JcPuQqKpUF6gbIKB+ZJhdlWN1J32SjAK1BqTbwBpja6cnB0Cd+Y2Cu3vW 8VJE28sRxuVtKNdHh/gm2ZfbnVTPj+zqYigzqwu4HuCsrnmnoGAulChGnQIDfaYVyEQb2N ijn5he0F/c90Ou3eaKsp1xyNsuAxRclGae3vIz9W+nTOKRPuz6CkslYuzs1EpQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166942; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Zup3DVAGhp+loiOVvcjhoEXJDl61wFrOwMTBTC67d4g=; b=v9VhBZwRkVQG4bQzs4Y9MuL/uYWgx/bBt7TGwGNDDlmiXc7Z3oE9ZUKgbaSZA2Fn1gucF2 aloyIs9L6aMLDyMjzrylkkfUC8q+ORdi1l+4KH8yoM0JR8mcswdIT8rpR7lUbPLZ7fzb9l ndWQH59fCEJZqvUlTPTnS7HRSK40hlSHa2o6Qy2kqCqmQ60iVQi/Xxyk1FDtz+jG/an02l BbJTc8YK+v9EDgmco2l3T7Jvw1bk8n6w+QIhrSQC9d4iMIclGVKtKbXWG9pBtD4iHHIpbD CI6/rHGxUsxTzXijtUaP9OMEZtEhxsjfGbUY0KAAHUIb6kpG1h1LJckpOvwfIg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpChZ3S6Mz153G; Tue, 20 Aug 2024 15:15:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47KFFgo0010521; Tue, 20 Aug 2024 15:15:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47KFFgnT010518; Tue, 20 Aug 2024 15:15:42 GMT (envelope-from git) Date: Tue, 20 Aug 2024 15:15:42 GMT Message-Id: <202408201515.47KFFgnT010518@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 7024e1066d5a - stable/13 - pf tests: ensure that traceroutes using ICMP work List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 7024e1066d5aba76dbbc85eb191357da7d32c619 Auto-Submitted: auto-generated The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=7024e1066d5aba76dbbc85eb191357da7d32c619 commit 7024e1066d5aba76dbbc85eb191357da7d32c619 Author: Kristof Provost AuthorDate: 2024-08-12 10:14:43 +0000 Commit: Kristof Provost CommitDate: 2024-08-20 07:21:57 +0000 pf tests: ensure that traceroutes using ICMP work PR: 280701 MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 34063cb714602972b6d985ad747fc8f66a8daae1) --- tests/sys/netpfil/pf/icmp.sh | 65 +++++++++++++++++++++++++++++++++++++++++++ tests/sys/netpfil/pf/icmp6.sh | 65 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 130 insertions(+) diff --git a/tests/sys/netpfil/pf/icmp.sh b/tests/sys/netpfil/pf/icmp.sh index 72b531b08c51..16c4123b8dfe 100644 --- a/tests/sys/netpfil/pf/icmp.sh +++ b/tests/sys/netpfil/pf/icmp.sh @@ -71,7 +71,72 @@ cve_2019_5598_cleanup() pft_cleanup } +atf_test_case "ttl_exceeded" "cleanup" +ttl_exceeded_head() +{ + atf_set descr 'Test that we correctly translate TTL exceeded back' + atf_set require.user root +} + +ttl_exceeded_body() +{ + pft_init + + epair_srv=$(vnet_mkepair) + epair_int=$(vnet_mkepair) + epair_cl=$(vnet_mkepair) + + vnet_mkjail srv ${epair_srv}a + jexec srv ifconfig ${epair_srv}a 192.0.2.1/24 up + jexec srv route add default 192.0.2.2 + + vnet_mkjail int ${epair_srv}b ${epair_int}a + jexec int sysctl net.inet.ip.forwarding=1 + jexec int ifconfig ${epair_srv}b 192.0.2.2/24 up + jexec int ifconfig ${epair_int}a 203.0.113.2/24 up + + vnet_mkjail nat ${epair_int}b ${epair_cl}b + jexec nat ifconfig ${epair_int}b 203.0.113.1/24 up + jexec nat ifconfig ${epair_cl}b 198.51.100.2/24 up + jexec nat sysctl net.inet.ip.forwarding=1 + jexec nat route add default 203.0.113.2 + + vnet_mkjail cl ${epair_cl}a + jexec cl ifconfig ${epair_cl}a 198.51.100.1/24 up + jexec cl route add default 198.51.100.2 + + jexec nat pfctl -e + pft_set_rules nat \ + "nat on ${epair_int}b from 198.51.100.0/24 -> (${epair_int}b)" \ + "pass" + + # Sanity checks + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 198.51.100.2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 203.0.113.1 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 203.0.113.2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 192.0.2.1 + + echo "UDP" + atf_check -s exit:0 -e ignore -o match:".*203.0.113.2.*" \ + jexec cl traceroute 192.0.2.1 + jexec nat pfctl -Fs + + echo "ICMP" + atf_check -s exit:0 -e ignore -o match:".*203.0.113.2.*" \ + jexec cl traceroute -I 192.0.2.1 +} + +ttl_exceeded_cleanup() +{ + pft_cleanup +} + atf_init_test_cases() { atf_add_test_case "cve_2019_5598" + atf_add_test_case "ttl_exceeded" } diff --git a/tests/sys/netpfil/pf/icmp6.sh b/tests/sys/netpfil/pf/icmp6.sh index 35d20c83cc4f..c54b54c20a87 100644 --- a/tests/sys/netpfil/pf/icmp6.sh +++ b/tests/sys/netpfil/pf/icmp6.sh @@ -83,7 +83,72 @@ zero_id_cleanup() pft_cleanup } +atf_test_case "ttl_exceeded" "cleanup" +ttl_exceeded_head() +{ + atf_set descr 'Test that we correctly translate TTL exceeded back' + atf_set require.user root +} + +ttl_exceeded_body() +{ + pft_init + + epair_srv=$(vnet_mkepair) + epair_int=$(vnet_mkepair) + epair_cl=$(vnet_mkepair) + + vnet_mkjail srv ${epair_srv}a + jexec srv ifconfig ${epair_srv}a inet6 2001:db8:1::1/64 no_dad up + jexec srv route add -6 default 2001:db8:1::2 + + vnet_mkjail int ${epair_srv}b ${epair_int}a + jexec int sysctl net.inet6.ip6.forwarding=1 + jexec int ifconfig ${epair_srv}b inet6 2001:db8:1::2/64 no_dad up + jexec int ifconfig ${epair_int}a inet6 2001:db8:2::2/64 no_dad up + + vnet_mkjail nat ${epair_int}b ${epair_cl}b + jexec nat ifconfig ${epair_int}b inet6 2001:db8:2::1 no_dad up + jexec nat ifconfig ${epair_cl}b inet6 2001:db8:3::2/64 no_dad up + jexec nat sysctl net.inet6.ip6.forwarding=1 + jexec nat route add -6 default 2001:db8:2::2 + + vnet_mkjail cl ${epair_cl}a + jexec cl ifconfig ${epair_cl}a inet6 2001:db8:3::1/64 no_dad up + jexec cl route add -6 default 2001:db8:3::2 + + jexec nat pfctl -e + pft_set_rules nat \ + "nat on ${epair_int}b from 2001:db8:3::/64 -> (${epair_int}b:0)" \ + "pass" + + # Sanity checks + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:3::2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:2::1 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:2::2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:1::1 + + echo "UDP" + atf_check -s exit:0 -e ignore -o match:".*2001:db8:2::2.*" \ + jexec cl traceroute6 2001:db8:1::1 + jexec nat pfctl -Fs + + echo "ICMP" + atf_check -s exit:0 -e ignore -o match:".*2001:db8:2::2.*" \ + jexec cl traceroute6 -I 2001:db8:1::1 +} + +ttl_exceeded_cleanup() +{ + pft_cleanup +} + atf_init_test_cases() { atf_add_test_case "zero_id" + atf_add_test_case "ttl_exceeded" } From nobody Tue Aug 20 15:15:43 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpChb5TLcz5TJFS; Tue, 20 Aug 2024 15:15:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpChb4R6Fz4tT2; Tue, 20 Aug 2024 15:15:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166943; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=iUWUmc0UkJYLcfPM63UoEAitYC8AT6IT5Zyust5XpRY=; b=LWwHoWRi0ri7LulWb1sqpcJGoHH/4Y8BC4VFcdHKhw3sQUm6mzl1AHn4hr4HovfYnezLrh Is60U+oVgq15iQ99WFfhXid4L47AfgZ3HiOBcaa1bbOA3QoLi1KxMgcdUxLkq1F5iAeMl9 +9B2YZcLPrrVmF9upM6zWT7eWHm4dO3TojagT6mKXO/yyndfyFGvagRAARY4paNGiYXD0k 5KRnltqytdwRchnt87C8l/Ur9BOXPY9HaPd1GfHL1nVqrOD0VuxHaqeh+rpy8zIIIoWsR1 Cbx5Vb7xpDc0Sw53J/8LUSpuxRtpEaIjxrNeCZ5p1+EOfq0tSAwiQB+k1IkzSw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724166943; a=rsa-sha256; cv=none; b=QdqVSkDZ9cj7bpN9ZxM0XhdqLXtO2kPgcqu52ydnLAQUG/vp/3z5VZw5NWAXQklCES64kZ TGo0kJyJHNK1CXTjDO7ZQWwlAysGqluSfZWs55VcIonAsyk/xHuD7TNZwojFPAC+sSo7JB dehZMo+yl8HmCi7weEl8qonqhidGxa9y4fkXwcohnkv46J2FDzPT2iL5+hSV3NDxQzncoA glQbgprBDKTFCPbNJYjCfbhuLNrwEN1vbzO9TF3vj8ITsWMen4m0wCjlodVW8VLPJi09Ao kEaBUXc82NcPJ+vUCzSHs4rNCtuHLVsZhsSZmvbeQvhYqKHtIiLAdYPv2qQeCA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724166943; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=iUWUmc0UkJYLcfPM63UoEAitYC8AT6IT5Zyust5XpRY=; b=s/R7uI9Am6dmn8lTkU63xjbXaJKEvU6kBZICxTd0b0BfMvN1kLZJWY6dtVq0D6huihyIWo GOqpfigbh7oN/A8DHC7Te3NsUoBrnmoY+8G1wr2SAxNhUG5SuKj2PhDEbXYctkL/N4pAKD j4vF20cSqMSIb6BfviBv0vjhxjmR1BAiQmHvZOFnTDUgvEx6waqLPU4arY6jTo6zF14NgZ 79odGLSEwrOmfodgXS23i65ChGPAOfALI1EfX6vHHKcXhmcE+d18PHU++Bvur/C7J0Yool dCxL+evI7afhafDLBAfKzAU1XBio74vgvLw8Vkn7qeJirQWhLcDDKAeua1C7IQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpChb43bCz15Bh; Tue, 20 Aug 2024 15:15:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47KFFhUG010623; Tue, 20 Aug 2024 15:15:43 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47KFFhQY010620; Tue, 20 Aug 2024 15:15:43 GMT (envelope-from git) Date: Tue, 20 Aug 2024 15:15:43 GMT Message-Id: <202408201515.47KFFhQY010620@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 5f3f07397a79 - stable/13 - pf: invert direction for inner icmp state lookups List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 5f3f07397a7909e8f9449d1aa0b465159cbf0d60 Auto-Submitted: auto-generated The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=5f3f07397a7909e8f9449d1aa0b465159cbf0d60 commit 5f3f07397a7909e8f9449d1aa0b465159cbf0d60 Author: Kristof Provost AuthorDate: 2024-08-14 09:29:30 +0000 Commit: Kristof Provost CommitDate: 2024-08-20 07:25:21 +0000 pf: invert direction for inner icmp state lookups (e.g. traceroute with icmp) ok henning, jsing Also extend the test case to cover this scenario. PR: 280701 Obtained from: OpenBSD MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 89f6723288b0d27d3f14f93e6e83f672fa2b8aca) --- sys/netpfil/pf/pf.c | 21 +++++++++++---------- tests/sys/netpfil/pf/icmp.sh | 4 +++- tests/sys/netpfil/pf/icmp6.sh | 4 +++- 3 files changed, 17 insertions(+), 12 deletions(-) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 7d04bf07f760..dfef2d132e85 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -325,7 +325,7 @@ static int pf_test_state_udp(struct pf_kstate **, int, int pf_icmp_state_lookup(struct pf_state_key_cmp *, struct pf_pdesc *, struct pf_kstate **, struct mbuf *, int, struct pfi_kkif *, u_int16_t, u_int16_t, - int, int *, int); + int, int *, int, int); static int pf_test_state_icmp(struct pf_kstate **, int, struct pfi_kkif *, struct mbuf *, int, void *, struct pf_pdesc *, u_short *); @@ -6005,7 +6005,8 @@ pf_multihome_scan_asconf(struct mbuf *m, int start, int len, int pf_icmp_state_lookup(struct pf_state_key_cmp *key, struct pf_pdesc *pd, struct pf_kstate **state, struct mbuf *m, int direction, struct pfi_kkif *kif, - u_int16_t icmpid, u_int16_t type, int icmp_dir, int *iidx, int multi) + u_int16_t icmpid, u_int16_t type, int icmp_dir, int *iidx, int multi, + int inner) { key->af = pd->af; key->proto = pd->proto; @@ -6042,7 +6043,8 @@ pf_icmp_state_lookup(struct pf_state_key_cmp *key, struct pf_pdesc *pd, /* Is this ICMP message flowing in right direction? */ if ((*state)->rule.ptr->type && - (((*state)->direction == direction) ? + (((!inner && (*state)->direction == direction) || + (inner && (*state)->direction != direction)) ? PF_IN : PF_OUT) != icmp_dir) { if (V_pf_status.debug >= PF_DEBUG_MISC) { printf("pf: icmp type %d in wrong direction (%d): ", @@ -6100,7 +6102,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif */ ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir, kif, virtual_id, virtual_type, icmp_dir, &iidx, - PF_ICMP_MULTI_NONE); + PF_ICMP_MULTI_NONE, 0); if (ret >= 0) { if (ret == PF_DROP && pd->af == AF_INET6 && icmp_dir == PF_OUT) { @@ -6108,7 +6110,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif PF_STATE_UNLOCK((*state)); ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, multi); + icmp_dir, &iidx, multi, 0); if (ret >= 0) return (ret); } else @@ -6192,6 +6194,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif int off2 = 0; pd2.af = pd->af; + pd2.dir = pd->dir; /* Payload packet is from the opposite direction. */ pd2.sidx = (direction == PF_IN) ? 1 : 0; pd2.didx = (direction == PF_IN) ? 0 : 1; @@ -6513,10 +6516,9 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif pf_icmp_mapping(&pd2, iih->icmp_type, &icmp_dir, &multi, &virtual_id, &virtual_type); - pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, pd2.dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, PF_ICMP_MULTI_NONE); + icmp_dir, &iidx, PF_ICMP_MULTI_NONE, 1); if (ret >= 0) return (ret); @@ -6569,10 +6571,9 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif pf_icmp_mapping(&pd2, iih->icmp6_type, &icmp_dir, &multi, &virtual_id, &virtual_type); - pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, pd->dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, PF_ICMP_MULTI_NONE); + icmp_dir, &iidx, PF_ICMP_MULTI_NONE, 1); if (ret >= 0) { if (ret == PF_DROP && pd->af == AF_INET6 && icmp_dir == PF_OUT) { @@ -6581,7 +6582,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, multi); + icmp_dir, &iidx, multi, 1); if (ret >= 0) return (ret); } else diff --git a/tests/sys/netpfil/pf/icmp.sh b/tests/sys/netpfil/pf/icmp.sh index 16c4123b8dfe..f4c8ec5e5836 100644 --- a/tests/sys/netpfil/pf/icmp.sh +++ b/tests/sys/netpfil/pf/icmp.sh @@ -108,7 +108,9 @@ ttl_exceeded_body() jexec nat pfctl -e pft_set_rules nat \ "nat on ${epair_int}b from 198.51.100.0/24 -> (${epair_int}b)" \ - "pass" + "block" \ + "pass inet proto udp" \ + "pass inet proto icmp icmp-type { echoreq }" # Sanity checks atf_check -s exit:0 -o ignore \ diff --git a/tests/sys/netpfil/pf/icmp6.sh b/tests/sys/netpfil/pf/icmp6.sh index c54b54c20a87..b9b60a484afc 100644 --- a/tests/sys/netpfil/pf/icmp6.sh +++ b/tests/sys/netpfil/pf/icmp6.sh @@ -120,7 +120,9 @@ ttl_exceeded_body() jexec nat pfctl -e pft_set_rules nat \ "nat on ${epair_int}b from 2001:db8:3::/64 -> (${epair_int}b:0)" \ - "pass" + "block" \ + "pass inet6 proto udp" \ + "pass inet6 proto icmp6 icmp6-type { neighbrsol, neighbradv, echoreq }" # Sanity checks atf_check -s exit:0 -o ignore \ From nobody Wed Aug 21 01:30:42 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpTLC2MhDz5T3rb; Wed, 21 Aug 2024 01:30:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpTLC1Qb2z57gd; Wed, 21 Aug 2024 01:30:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724203843; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MGulduRb6XFP5KO+d79TKCKuRx4xbuBa4YZRtOe96LU=; b=ZaUAZfm7R2L8CdR/ovOkVWhXuEif6rf+SKuyUKDgFtMxs5z+Y1rkz0Jx/3XpPUVeUtqJuU 31ghFob+OKwp35zFt6X5F95CWaWoy5+kuCaC4C30GqoUE6ZI19/LH1mchmX6Bdfy6CSvh8 iww2VW5pliZXxojVrm/RZCUWqFqvDLotPWdNTMygMXN6GxkCK3p0BVgoOI1CnauYrfrMbh qEQrA2B6tDUC3Ojm3+FX23PZFaus6hRUypAUm58rvi5TXf9prf692QUm+J4NbyEoRzuTmC /+fnMTE7AIg5D39vpJf2QFxFB6S2HkeKGiINBfzyBIDbvCJ30gZHJIcVHls3KA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724203843; a=rsa-sha256; cv=none; b=AYg/HgA1WHw+udOO+93Bxh2dW1QTBJbek2gbvhGPoHKilGeNASxgbirUSQ+1R3EsMWeIJw ZGHT3IseEjVRTUcbqYCO3PPQYiLKRoHoW4X1n/YXZo1tN/Y2tT3NV06kt6ehruFhQuOsce 2ynBrEqLW3Zddkaw/GN2dg3r66QJOZqt74Z3FdmPOvLIZ2Nm/zcbgETezMjQnz9lPEL1ba Qom/Iq7xvg4NyYrqqcOQMl7rvGe9bB98abc9naQP0s0C55L7eoc0OwiFmmPXjFfrKWekbS ebdcOoDSu8Rp3+bpvTfkJKMkcF/xFFWLXZbJjWXvyISPitqRvjvIsdetKxISKw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724203843; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MGulduRb6XFP5KO+d79TKCKuRx4xbuBa4YZRtOe96LU=; b=VB8qfdkBJoIZf35+AwqtbfJIKMVcYTYMcQLQbj1UNrVUKJDd17JAk4NchI0lbRZWhuPlCw rdDWGgE1MooAkRD3EyYTZrFODLh8x6isFtscZEhvV3Lst6liJBrHFrHpdBXlq0bjWUXxKb b9cgllY9qT1SwpXn5dQnRCEgb9Jjvfns7Ut2siq4n57sbgdK5W+6eovKAGt4sVRDz2YG4q 5hBK4yAe9oRPTVhSKzs/ykQd57zWiAdQhU8qVgWRxEiaSD3XDZsuKeAnCnjd2VJq17H2ev auj0xuq5zWdZ6ngb54M7Ld6gU6VO2YdeVzt0ZRwO7o1GJNHbHSxAjRsEoSFwsA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpTLC04nDzNNf; Wed, 21 Aug 2024 01:30:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47L1UgZw053887; Wed, 21 Aug 2024 01:30:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47L1Ug0E053884; Wed, 21 Aug 2024 01:30:42 GMT (envelope-from git) Date: Wed, 21 Aug 2024 01:30:42 GMT Message-Id: <202408210130.47L1Ug0E053884@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 94f92b6e3070 - stable/14 - EC2: Bump AMI size to 8 GB List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 94f92b6e3070c82672fd13601c208eeaa6d515b0 Auto-Submitted: auto-generated The branch stable/14 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=94f92b6e3070c82672fd13601c208eeaa6d515b0 commit 94f92b6e3070c82672fd13601c208eeaa6d515b0 Author: Colin Percival AuthorDate: 2024-08-18 02:00:31 +0000 Commit: Colin Percival CommitDate: 2024-08-21 01:30:35 +0000 EC2: Bump AMI size to 8 GB 8 GB root disk images make FreeBSD/EC2 boot much faster than 6 GB root disk images. MFC after: 2 days Sponsored by: Amazon (cherry picked from commit 2dac89aee3304dd6eda9b267a0ad1cc6621a7094) --- release/tools/ec2.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/release/tools/ec2.conf b/release/tools/ec2.conf index 989e8a05a318..602216d3c2d4 100644 --- a/release/tools/ec2.conf +++ b/release/tools/ec2.conf @@ -10,12 +10,12 @@ export VM_EXTRA_PACKAGES="${VM_EXTRA_PACKAGES} ebsnvme-id amazon-ssm-agent" # Services which should be enabled by default in rc.conf(5). export VM_RC_LIST="dev_aws_disk ntpd" -# Build with a 5.9 GB partition; the growfs rc.d script will expand +# Build with a 7.9 GB partition; the growfs rc.d script will expand # the partition to fill the root disk after the EC2 instance is launched. # Note that if this is set to G, we will end up with an GB disk # image since VMSIZE is the size of the filesystem partition, not the disk # which it resides within. -export VMSIZE=6000m +export VMSIZE=8000m # No swap space; it doesn't make sense to provision any as part of the disk # image when we could be launching onto a system with anywhere between 0.5 From nobody Wed Aug 21 07:44:53 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wpddx55djz5TP3c; Wed, 21 Aug 2024 07:44:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wpddx4Qsqz4T5L; Wed, 21 Aug 2024 07:44:53 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724226293; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=i0huQh2lg+R2wSOI0g/BozCNu5C6uBXKicz0SQgB4UM=; b=DNq2vv21Jt6Wx1RlNLXlMPIbbjaTbTdHI0Nr7bCb/7Weq9q0+h5tfq8XSmRVRqh6ki7jL/ VMWnZOuTOdQUWBYwN0SCfZuJeqotMPCzYG7D8SWnv0dnTsxaAdL+8lI68FFl/ouIZ9N4tp kkVM6qaBAjyaHKj/rfj0dq5FIBqq0DxSMd6HWzRhxEhiRt5HyeVPGvCpUEFfrkpM2aBSRF IwG1qAxqhD8+o+QFQM9JPDeVM8vNbSNLHAhgKMn+ogcXXvr3xrATB/CoUmjyuI8K4jb12U XZc2Hn/u468UZJQW/lQRwXxot/zUk7Z6gTeE4Dj7k9IyXwo7KzUYSAbgmibSiw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724226293; a=rsa-sha256; cv=none; b=FVyG5YCJaegv2BkcgkOh3G50i3yR186jcgTdG3PatXwSG9Xx5EtD8ahmt7HRbX353iHf7f uEJcG4Q8UXBtL1Vfr5H9YMLW17vF3C11gQKGJ0tFFBmPXQR2DLefNvBrE0JJcD2qCpZx0y cp/S3P6EKuMv9HS94maYr1w9R+CEn7GL7xMHKGJHUA/gQce8bBzAeCMQ5mhyZe1y92Wu+d RL91W+Vt7rDuhG1+QC6CMIBHKVp4OU1mOqdjmsRmI634Jw4sqZYN6vv1ypxJyJuqtvKY9M 3l1YCa7iQHOPB4FliCZ6ti1HpOXJsmKoL9QWv9UKDa5IB7/4uRXGyJOZNp/3LQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724226293; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=i0huQh2lg+R2wSOI0g/BozCNu5C6uBXKicz0SQgB4UM=; b=dVmONjduahZUER087Q1AobDd/XMVP1ImcHd5MKqEbfR3ICRs4Jcn1dQCOVeSLC4l0TLAP7 mc1FOFrjZLMifqy9RwE/q7gdXUhd1GM669V07lX2q8jYvyT9QjSsxcW6ZHYNkhlFVNBPhD TiE0QCVOzbAJC0/PWXeVujuCg2AOtBd9l0Ny7i0m5rlIILhwIqT3ycXJmRneB35DhV6RYy N+cGLtCTWEe3mKqvVjDLSAPaev7HfwJw0+zeH0VIAMd7BtGT5aTtoyJnIiYrKziHK4P+5E m3RxpAF190nceUFVodD7Lpx/nJo7CbTd7jSMh+Vvzw/vILJpAA1InpOUV5njbg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wpddx41m9zbD2; Wed, 21 Aug 2024 07:44:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47L7ir1T088595; Wed, 21 Aug 2024 07:44:53 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47L7irXf088592; Wed, 21 Aug 2024 07:44:53 GMT (envelope-from git) Date: Wed, 21 Aug 2024 07:44:53 GMT Message-Id: <202408210744.47L7irXf088592@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 7d3a0370c8a3 - releng/13.4 - pf: fix icmp-in-icmp state lookup List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: 7d3a0370c8a3dadad0739ed88fc26536649119c5 Auto-Submitted: auto-generated The branch releng/13.4 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=7d3a0370c8a3dadad0739ed88fc26536649119c5 commit 7d3a0370c8a3dadad0739ed88fc26536649119c5 Author: Kristof Provost AuthorDate: 2024-08-12 14:07:35 +0000 Commit: Kristof Provost CommitDate: 2024-08-21 07:44:01 +0000 pf: fix icmp-in-icmp state lookup In 534ee17e6 pf state checking for ICMP(v6) was made stricter. This change failed to correctly set the pf_pdesc for ICMP-in-ICMP lookups, resulting in ICMP error packets potentially being dropped incorrectly. Specially, it copied the ICMP header into a separate variable, not into the pf_pdesc. Populate the required pf_pdesc fields for the embedded ICMP packet's state lookup. PR: 280701 Approved by: re (cperciva) MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 2da98eef1f352c496ffd458b4c68ddee972bb903) (cherry picked from commit 0d8d4cc3ea47f1ee61d749b22b135eb73c7d33cd) --- sys/netpfil/pf/pf.c | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 07d0604e924c..7d04bf07f760 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -6499,9 +6499,9 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif } #ifdef INET case IPPROTO_ICMP: { - struct icmp iih; + struct icmp *iih = &pd2.hdr.icmp; - if (!pf_pull_hdr(m, off2, &iih, ICMP_MINLEN, + if (!pf_pull_hdr(m, off2, iih, ICMP_MINLEN, NULL, reason, pd2.af)) { DPFPRINTF(PF_DEBUG_MISC, ("pf: ICMP error message too short i" @@ -6509,12 +6509,13 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif return (PF_DROP); } - icmpid = iih.icmp_id; - pf_icmp_mapping(&pd2, iih.icmp_type, + icmpid = iih->icmp_id; + pf_icmp_mapping(&pd2, iih->icmp_type, &icmp_dir, &multi, &virtual_id, &virtual_type); + pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, - pd->dir, kif, virtual_id, virtual_type, + pd2.dir, kif, virtual_id, virtual_type, icmp_dir, &iidx, PF_ICMP_MULTI_NONE); if (ret >= 0) return (ret); @@ -6528,10 +6529,10 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif if (PF_ANEQ(pd2.src, &nk->addr[pd2.sidx], pd2.af) || (virtual_type == htons(ICMP_ECHO) && - nk->port[iidx] != iih.icmp_id)) + nk->port[iidx] != iih->icmp_id)) pf_change_icmp(pd2.src, (virtual_type == htons(ICMP_ECHO)) ? - &iih.icmp_id : NULL, + &iih->icmp_id : NULL, daddr, &nk->addr[pd2.sidx], (virtual_type == htons(ICMP_ECHO)) ? nk->port[iidx] : 0, NULL, @@ -6547,7 +6548,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif m_copyback(m, off, ICMP_MINLEN, (caddr_t)&pd->hdr.icmp); m_copyback(m, ipoff2, sizeof(h2), (caddr_t)&h2); - m_copyback(m, off2, ICMP_MINLEN, (caddr_t)&iih); + m_copyback(m, off2, ICMP_MINLEN, (caddr_t)iih); } return (PF_PASS); break; @@ -6555,9 +6556,9 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif #endif /* INET */ #ifdef INET6 case IPPROTO_ICMPV6: { - struct icmp6_hdr iih; + struct icmp6_hdr *iih = &pd2.hdr.icmp6; - if (!pf_pull_hdr(m, off2, &iih, + if (!pf_pull_hdr(m, off2, iih, sizeof(struct icmp6_hdr), NULL, reason, pd2.af)) { DPFPRINTF(PF_DEBUG_MISC, ("pf: ICMP error message too short " @@ -6565,8 +6566,10 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif return (PF_DROP); } - pf_icmp_mapping(&pd2, iih.icmp6_type, + pf_icmp_mapping(&pd2, iih->icmp6_type, &icmp_dir, &multi, &virtual_id, &virtual_type); + + pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, pd->dir, kif, virtual_id, virtual_type, icmp_dir, &iidx, PF_ICMP_MULTI_NONE); @@ -6594,10 +6597,10 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif if (PF_ANEQ(pd2.src, &nk->addr[pd2.sidx], pd2.af) || ((virtual_type == htons(ICMP6_ECHO_REQUEST)) && - nk->port[pd2.sidx] != iih.icmp6_id)) + nk->port[pd2.sidx] != iih->icmp6_id)) pf_change_icmp(pd2.src, (virtual_type == htons(ICMP6_ECHO_REQUEST)) - ? &iih.icmp6_id : NULL, + ? &iih->icmp6_id : NULL, daddr, &nk->addr[pd2.sidx], (virtual_type == htons(ICMP6_ECHO_REQUEST)) ? nk->port[iidx] : 0, NULL, @@ -6615,7 +6618,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif (caddr_t)&pd->hdr.icmp6); m_copyback(m, ipoff2, sizeof(h2_6), (caddr_t)&h2_6); m_copyback(m, off2, sizeof(struct icmp6_hdr), - (caddr_t)&iih); + (caddr_t)iih); } return (PF_PASS); break; From nobody Wed Aug 21 07:44:54 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wpddz0nGBz5TNp9; Wed, 21 Aug 2024 07:44:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wpddy5Qrgz4Snt; Wed, 21 Aug 2024 07:44:54 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724226294; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=5Vl5AQoMmhUZ3/7KBSpFkxuqpDIMbsA+PKUezAzXaSo=; b=fo2Lcw7q2Oz5x9K/QqfJ+1jkwUmKjgPLgRuGoCcI1gVvHMacbYnE3wAJlKIWTIwQtO3SSO tKaK3hqalJQ+WX2zf/P2wCF0DyeoZJte/dzSGAHz8C/3SQwH6G3c4ydEvTz5DyfVdQafb3 XO96a591Ne6RsWUzreP0+zmQoE4MuADfyZTcvGzNILK35+dlc11jAbrK7GwpUQ+62ntmyj Nwi7yljSvWDEhGY6MXnsYo64omMq1nLRB2Uv+0olMjJIpwQBxxF8vVRFAf0/KdLJRPAdXw nf9gHoz+va+booQf9/PYaw6fnLSM3+YbLQWmjdiixptlO5E3ZMMcqTN7sR19Pg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724226294; a=rsa-sha256; cv=none; b=v7I3ViBDF1VFurxB0BbulcaApgE8O0AD/1wLP3NM6HGBfWIHCTREtfO9ANzKZCmZ5GvBtH rAgYZJV9TBjUrgTMn207QNERM6gS/3galpDpTGZxvBbZNj7S9sYqdZNrrna6T0I4i3rhpS c6zbsQaNHZOid10oX5uImp4HqitcohKhD54Y/PNm29MgrKSUNz9Wfm8ji82E15fBXc6o3A SJBbMhkiBqmRypVQOm4tHpv3wpnrpk3XELl3oDfRuJE4JhbHwfAfo6hUzOlQ3feB2J22Dh ubpOTpfuVdreWQGoiG1qeHX3R6Kd8tqexT6v7DlcNzrcOxuaplEWtSZ9pxg1+g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724226294; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=5Vl5AQoMmhUZ3/7KBSpFkxuqpDIMbsA+PKUezAzXaSo=; b=jKbhHihOWs5ySuqcsnVDbiKv8/W+tKZywcRzOmeEW0vv/MuvZK99+aPeY2/td5G1l7bqWC OcAN0ayFHpsHp+J0ymRDUOZEU7e3oOsViosV6u9t7iqPR3O1g6Cy7MDfTM+xo6BddB8dlv F5LBjej8R1hbzh1kkb/V3cNAMHDMQGRxckwX6zzBo+DTNC5i8Zr/3uYkv0IZxxtXu3fjHM b0XNCX53PvmFj7C2faXwb6bz/sHOn5gdfDlgtJpXiIpQO2AnBDL5IqtvgBNlxzhXk01X8X EciZ4uVB40KeEw7ilshJMp4UWVhf9jcHTrEezInHndtU2V4ddQMK6aec8EHE7A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wpddy530pzZqB; Wed, 21 Aug 2024 07:44:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47L7isYD088646; Wed, 21 Aug 2024 07:44:54 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47L7iskx088643; Wed, 21 Aug 2024 07:44:54 GMT (envelope-from git) Date: Wed, 21 Aug 2024 07:44:54 GMT Message-Id: <202408210744.47L7iskx088643@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 6a7bac2ae796 - releng/13.4 - pf tests: ensure that traceroutes using ICMP work List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: 6a7bac2ae79667c2b31169a8d0e91410986336fa Auto-Submitted: auto-generated The branch releng/13.4 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=6a7bac2ae79667c2b31169a8d0e91410986336fa commit 6a7bac2ae79667c2b31169a8d0e91410986336fa Author: Kristof Provost AuthorDate: 2024-08-12 10:14:43 +0000 Commit: Kristof Provost CommitDate: 2024-08-21 07:44:16 +0000 pf tests: ensure that traceroutes using ICMP work PR: 280701 Approved by: re (cperciva) MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 34063cb714602972b6d985ad747fc8f66a8daae1) (cherry picked from commit 7024e1066d5aba76dbbc85eb191357da7d32c619) --- tests/sys/netpfil/pf/icmp.sh | 65 +++++++++++++++++++++++++++++++++++++++++++ tests/sys/netpfil/pf/icmp6.sh | 65 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 130 insertions(+) diff --git a/tests/sys/netpfil/pf/icmp.sh b/tests/sys/netpfil/pf/icmp.sh index 72b531b08c51..16c4123b8dfe 100644 --- a/tests/sys/netpfil/pf/icmp.sh +++ b/tests/sys/netpfil/pf/icmp.sh @@ -71,7 +71,72 @@ cve_2019_5598_cleanup() pft_cleanup } +atf_test_case "ttl_exceeded" "cleanup" +ttl_exceeded_head() +{ + atf_set descr 'Test that we correctly translate TTL exceeded back' + atf_set require.user root +} + +ttl_exceeded_body() +{ + pft_init + + epair_srv=$(vnet_mkepair) + epair_int=$(vnet_mkepair) + epair_cl=$(vnet_mkepair) + + vnet_mkjail srv ${epair_srv}a + jexec srv ifconfig ${epair_srv}a 192.0.2.1/24 up + jexec srv route add default 192.0.2.2 + + vnet_mkjail int ${epair_srv}b ${epair_int}a + jexec int sysctl net.inet.ip.forwarding=1 + jexec int ifconfig ${epair_srv}b 192.0.2.2/24 up + jexec int ifconfig ${epair_int}a 203.0.113.2/24 up + + vnet_mkjail nat ${epair_int}b ${epair_cl}b + jexec nat ifconfig ${epair_int}b 203.0.113.1/24 up + jexec nat ifconfig ${epair_cl}b 198.51.100.2/24 up + jexec nat sysctl net.inet.ip.forwarding=1 + jexec nat route add default 203.0.113.2 + + vnet_mkjail cl ${epair_cl}a + jexec cl ifconfig ${epair_cl}a 198.51.100.1/24 up + jexec cl route add default 198.51.100.2 + + jexec nat pfctl -e + pft_set_rules nat \ + "nat on ${epair_int}b from 198.51.100.0/24 -> (${epair_int}b)" \ + "pass" + + # Sanity checks + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 198.51.100.2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 203.0.113.1 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 203.0.113.2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 192.0.2.1 + + echo "UDP" + atf_check -s exit:0 -e ignore -o match:".*203.0.113.2.*" \ + jexec cl traceroute 192.0.2.1 + jexec nat pfctl -Fs + + echo "ICMP" + atf_check -s exit:0 -e ignore -o match:".*203.0.113.2.*" \ + jexec cl traceroute -I 192.0.2.1 +} + +ttl_exceeded_cleanup() +{ + pft_cleanup +} + atf_init_test_cases() { atf_add_test_case "cve_2019_5598" + atf_add_test_case "ttl_exceeded" } diff --git a/tests/sys/netpfil/pf/icmp6.sh b/tests/sys/netpfil/pf/icmp6.sh index 35d20c83cc4f..c54b54c20a87 100644 --- a/tests/sys/netpfil/pf/icmp6.sh +++ b/tests/sys/netpfil/pf/icmp6.sh @@ -83,7 +83,72 @@ zero_id_cleanup() pft_cleanup } +atf_test_case "ttl_exceeded" "cleanup" +ttl_exceeded_head() +{ + atf_set descr 'Test that we correctly translate TTL exceeded back' + atf_set require.user root +} + +ttl_exceeded_body() +{ + pft_init + + epair_srv=$(vnet_mkepair) + epair_int=$(vnet_mkepair) + epair_cl=$(vnet_mkepair) + + vnet_mkjail srv ${epair_srv}a + jexec srv ifconfig ${epair_srv}a inet6 2001:db8:1::1/64 no_dad up + jexec srv route add -6 default 2001:db8:1::2 + + vnet_mkjail int ${epair_srv}b ${epair_int}a + jexec int sysctl net.inet6.ip6.forwarding=1 + jexec int ifconfig ${epair_srv}b inet6 2001:db8:1::2/64 no_dad up + jexec int ifconfig ${epair_int}a inet6 2001:db8:2::2/64 no_dad up + + vnet_mkjail nat ${epair_int}b ${epair_cl}b + jexec nat ifconfig ${epair_int}b inet6 2001:db8:2::1 no_dad up + jexec nat ifconfig ${epair_cl}b inet6 2001:db8:3::2/64 no_dad up + jexec nat sysctl net.inet6.ip6.forwarding=1 + jexec nat route add -6 default 2001:db8:2::2 + + vnet_mkjail cl ${epair_cl}a + jexec cl ifconfig ${epair_cl}a inet6 2001:db8:3::1/64 no_dad up + jexec cl route add -6 default 2001:db8:3::2 + + jexec nat pfctl -e + pft_set_rules nat \ + "nat on ${epair_int}b from 2001:db8:3::/64 -> (${epair_int}b:0)" \ + "pass" + + # Sanity checks + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:3::2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:2::1 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:2::2 + atf_check -s exit:0 -o ignore \ + jexec cl ping -c 1 2001:db8:1::1 + + echo "UDP" + atf_check -s exit:0 -e ignore -o match:".*2001:db8:2::2.*" \ + jexec cl traceroute6 2001:db8:1::1 + jexec nat pfctl -Fs + + echo "ICMP" + atf_check -s exit:0 -e ignore -o match:".*2001:db8:2::2.*" \ + jexec cl traceroute6 -I 2001:db8:1::1 +} + +ttl_exceeded_cleanup() +{ + pft_cleanup +} + atf_init_test_cases() { atf_add_test_case "zero_id" + atf_add_test_case "ttl_exceeded" } From nobody Wed Aug 21 07:44:55 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wpdf00y4Yz5TNZb; Wed, 21 Aug 2024 07:44:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wpddz6FWBz4Sqd; Wed, 21 Aug 2024 07:44:55 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724226295; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=70P+oEyxmkA3ehlnpPaM10KYzKQSF6khW/prbdfoYhI=; b=wFopjW5ajNwOw978wuoaxSB/dqWjZXWvEG70XjkFIfZ3g99CQLyHXIBnpbUdB2ya01Wh/F t8cdUUmwP+4lP1DnwchSph5Ry9rJNysriOGB9fjIW9euo2ZBChSSBwnyybouKjaBw3drau xNZWc7X5JQeSiFEt5oY5BhHcdfGCB7XqlmZxxDPxP2eyMAIeO773bUYJ/wKBtTCTYwqQ0J 3CwUt9JF9NneJq0B3wXGHfajrf21VNS4PktmQkATxkWBftDlW7bM6ktulelPcXEGNoT3aB D1Pwh3/Nt8xJ3W6bpbSPGHkx8o9/JD/Nq83eVNyHxrFbdrlBbHmw2GUoF+kZ4Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724226295; a=rsa-sha256; cv=none; b=yqgz1yKS9K0iGh37bmu6ZL4g8an8BHAo9SLIN4+8tYgHf9CxU9t+ZdXIN6Ylj0hV583gji nmSrrEsvO6P2T3vdk0hmBJtAl2tm7XD/xlOjpfnKgM6V2CJ0UNR7N/+OPGZwxKAY2cDnYA Ry231BFS2/bVIZF1/+Lo4JxRKKF0GlSXxohr6PiVflKlF0V83wG50HUgRpv3MbpVPsGcyY C3zr1X70PhfKoj0ve5coXgfMW8YIK1WKrwQ+BMlo2ABiK0t+TVuG3acAAN/oNAWUj8N/Ef 2OrDNtSD5uNwLZLyVbdXrCxk8TvChQZPjH3qjOmfWEf0I/WQQHcM60quKH9XaA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724226295; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=70P+oEyxmkA3ehlnpPaM10KYzKQSF6khW/prbdfoYhI=; b=xC2+CFLz31GdEeUARvnlL9oEx7GunPxOMxHoIcUnIfQKzbFe/78xNzOdiR+FIOYo1iZQf3 cq9w8hb5G/YwQ1T2/YAnArmwRU13C/IRQ0HYdQ90HEXFEgx0l8Rh4YUZCRI2ARailxs18H +83M+AMEvVFwVgHeW5fIMATcdbTd+2LalFC7oRfIUNn9pTd/HKgpu0kwUDuUzhV6dgyAKb j2jOv/hmWxdd6bFp3JdPO3WKOqWvqDMe0XWWR7Goan3m/C0RGz5ill7jviNqQvxviGWJjX izjnswz0sE9O7W29mUTicZI50M5dvc71AFNKkL+mlwsOl3Cvf2p3Ivf36TtCvw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wpddz5pN9zbn1; Wed, 21 Aug 2024 07:44:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47L7itIG088703; Wed, 21 Aug 2024 07:44:55 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47L7itbP088700; Wed, 21 Aug 2024 07:44:55 GMT (envelope-from git) Date: Wed, 21 Aug 2024 07:44:55 GMT Message-Id: <202408210744.47L7itbP088700@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 9c67287ccfb7 - releng/13.4 - pf: invert direction for inner icmp state lookups List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: 9c67287ccfb7257d140b46c8d8aed7276c94d5f1 Auto-Submitted: auto-generated The branch releng/13.4 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=9c67287ccfb7257d140b46c8d8aed7276c94d5f1 commit 9c67287ccfb7257d140b46c8d8aed7276c94d5f1 Author: Kristof Provost AuthorDate: 2024-08-14 09:29:30 +0000 Commit: Kristof Provost CommitDate: 2024-08-21 07:44:25 +0000 pf: invert direction for inner icmp state lookups (e.g. traceroute with icmp) ok henning, jsing Also extend the test case to cover this scenario. PR: 280701 Approved by: re (cperciva) Obtained from: OpenBSD MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 89f6723288b0d27d3f14f93e6e83f672fa2b8aca) (cherry picked from commit 5f3f07397a7909e8f9449d1aa0b465159cbf0d60) --- sys/netpfil/pf/pf.c | 21 +++++++++++---------- tests/sys/netpfil/pf/icmp.sh | 4 +++- tests/sys/netpfil/pf/icmp6.sh | 4 +++- 3 files changed, 17 insertions(+), 12 deletions(-) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 7d04bf07f760..dfef2d132e85 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -325,7 +325,7 @@ static int pf_test_state_udp(struct pf_kstate **, int, int pf_icmp_state_lookup(struct pf_state_key_cmp *, struct pf_pdesc *, struct pf_kstate **, struct mbuf *, int, struct pfi_kkif *, u_int16_t, u_int16_t, - int, int *, int); + int, int *, int, int); static int pf_test_state_icmp(struct pf_kstate **, int, struct pfi_kkif *, struct mbuf *, int, void *, struct pf_pdesc *, u_short *); @@ -6005,7 +6005,8 @@ pf_multihome_scan_asconf(struct mbuf *m, int start, int len, int pf_icmp_state_lookup(struct pf_state_key_cmp *key, struct pf_pdesc *pd, struct pf_kstate **state, struct mbuf *m, int direction, struct pfi_kkif *kif, - u_int16_t icmpid, u_int16_t type, int icmp_dir, int *iidx, int multi) + u_int16_t icmpid, u_int16_t type, int icmp_dir, int *iidx, int multi, + int inner) { key->af = pd->af; key->proto = pd->proto; @@ -6042,7 +6043,8 @@ pf_icmp_state_lookup(struct pf_state_key_cmp *key, struct pf_pdesc *pd, /* Is this ICMP message flowing in right direction? */ if ((*state)->rule.ptr->type && - (((*state)->direction == direction) ? + (((!inner && (*state)->direction == direction) || + (inner && (*state)->direction != direction)) ? PF_IN : PF_OUT) != icmp_dir) { if (V_pf_status.debug >= PF_DEBUG_MISC) { printf("pf: icmp type %d in wrong direction (%d): ", @@ -6100,7 +6102,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif */ ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir, kif, virtual_id, virtual_type, icmp_dir, &iidx, - PF_ICMP_MULTI_NONE); + PF_ICMP_MULTI_NONE, 0); if (ret >= 0) { if (ret == PF_DROP && pd->af == AF_INET6 && icmp_dir == PF_OUT) { @@ -6108,7 +6110,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif PF_STATE_UNLOCK((*state)); ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, multi); + icmp_dir, &iidx, multi, 0); if (ret >= 0) return (ret); } else @@ -6192,6 +6194,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif int off2 = 0; pd2.af = pd->af; + pd2.dir = pd->dir; /* Payload packet is from the opposite direction. */ pd2.sidx = (direction == PF_IN) ? 1 : 0; pd2.didx = (direction == PF_IN) ? 0 : 1; @@ -6513,10 +6516,9 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif pf_icmp_mapping(&pd2, iih->icmp_type, &icmp_dir, &multi, &virtual_id, &virtual_type); - pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, pd2.dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, PF_ICMP_MULTI_NONE); + icmp_dir, &iidx, PF_ICMP_MULTI_NONE, 1); if (ret >= 0) return (ret); @@ -6569,10 +6571,9 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif pf_icmp_mapping(&pd2, iih->icmp6_type, &icmp_dir, &multi, &virtual_id, &virtual_type); - pd2.dir = icmp_dir; ret = pf_icmp_state_lookup(&key, &pd2, state, m, pd->dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, PF_ICMP_MULTI_NONE); + icmp_dir, &iidx, PF_ICMP_MULTI_NONE, 1); if (ret >= 0) { if (ret == PF_DROP && pd->af == AF_INET6 && icmp_dir == PF_OUT) { @@ -6581,7 +6582,7 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir, kif, virtual_id, virtual_type, - icmp_dir, &iidx, multi); + icmp_dir, &iidx, multi, 1); if (ret >= 0) return (ret); } else diff --git a/tests/sys/netpfil/pf/icmp.sh b/tests/sys/netpfil/pf/icmp.sh index 16c4123b8dfe..f4c8ec5e5836 100644 --- a/tests/sys/netpfil/pf/icmp.sh +++ b/tests/sys/netpfil/pf/icmp.sh @@ -108,7 +108,9 @@ ttl_exceeded_body() jexec nat pfctl -e pft_set_rules nat \ "nat on ${epair_int}b from 198.51.100.0/24 -> (${epair_int}b)" \ - "pass" + "block" \ + "pass inet proto udp" \ + "pass inet proto icmp icmp-type { echoreq }" # Sanity checks atf_check -s exit:0 -o ignore \ diff --git a/tests/sys/netpfil/pf/icmp6.sh b/tests/sys/netpfil/pf/icmp6.sh index c54b54c20a87..b9b60a484afc 100644 --- a/tests/sys/netpfil/pf/icmp6.sh +++ b/tests/sys/netpfil/pf/icmp6.sh @@ -120,7 +120,9 @@ ttl_exceeded_body() jexec nat pfctl -e pft_set_rules nat \ "nat on ${epair_int}b from 2001:db8:3::/64 -> (${epair_int}b:0)" \ - "pass" + "block" \ + "pass inet6 proto udp" \ + "pass inet6 proto icmp6 icmp6-type { neighbrsol, neighbradv, echoreq }" # Sanity checks atf_check -s exit:0 -o ignore \ From nobody Wed Aug 21 10:29:42 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpjJ65P6Gz5TdQD; Wed, 21 Aug 2024 10:29:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpjJ64shLz4lxq; Wed, 21 Aug 2024 10:29:42 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236182; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TGgjWaNaqbACxSS6r5PtXfNOaupI6fLb35HgwDD6d8E=; b=M+wIsnxTITrw0+X4t/aazwPBmAcKmHClushZ/jK9pQdw+YoEbPOmpjIdpSOdcZVY8oSWAy 47A+QTtq5jUny1Ls7nUL/fuzp41Pyqjr/Lk6fIVO/XA/c74KceiQrpJX2VfR4EzBXKeWEm TDNNBLcCiXLUzMVY8YKCN7HoO7ncEgDc/Pm66el2gaizAPWboepqwb+Bb/f/9pDqLseIKW IjXAUS+RrczNSZhU2VZKHk/BhFzDS2yucGRTxuUvvogBfUi1qpGdvjt6uRVG7xKXglP9G+ Zap7ChVaW+O9uqvi+jLvzHorEIQEydMJwDyKcQ4Nuss7Xh3VPKG3cya+0t4MVw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724236182; a=rsa-sha256; cv=none; b=HwEGV4uu9tI4F4Pewil6GHv5G3zemWXxXUhYf698Wy8q9L69rr5KzaKUsi0NhUDSguw6aN mL+jpVJabODcqaDgo8g8NNlNEeJuFYX2LOe7BkfEODvSv8ybl6/aBuhqhUv2+Byj9kCWQl BD17JOJ3j5R6EKe7i0q/UKQ61uBnNrZ7COGm4bXG92qe4D/ecY+06qqJIYOstoNW2NPRqq qeBsqpidAGenhr+ta2fqjRbZqXHP1RNl7rWFieSDdPaFsOmNQhZ+510jyd8CUD2hchBJsI HXruirNp5S/gJK2IGkMLeSiAus/9oMH5YYI7of5t/cll7Ky2xqwisuNDIhijBg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236182; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TGgjWaNaqbACxSS6r5PtXfNOaupI6fLb35HgwDD6d8E=; b=qg5/eepgIpzFEG4T3wZwyiVqjnkAUNjr02jcm3uttQJHTgJcZUJX0JK20SMAt7q9RZ4fNn 0NIWveZW+p5OdoY7rDnWosLNdDs0suK9gBjhViCq229b+X1tgn/k1PlPxwOzaDdxuhPqyB Eo311o885L0wP74NRVaq2MGvL7Zc+INMfiNocgwWHAllBew4jFL+q/M4sOiq642XKMw6I2 6bie+VQ1FXk/5AZaudGDAqQx8l3d7Ql1FvAm/CuMXR8kgXRspSOzNq81jh1f4XM1jLQj+p Ul2NgeH5yG+rQXvjkwWfephUMjpAZIkPG2XsreHydr4zkTjQlOW53oIad+6xeA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpjJ64Nvszg6d; Wed, 21 Aug 2024 10:29:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LATgF8061899; Wed, 21 Aug 2024 10:29:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LATgw1061896; Wed, 21 Aug 2024 10:29:42 GMT (envelope-from git) Date: Wed, 21 Aug 2024 10:29:42 GMT Message-Id: <202408211029.47LATgw1061896@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= Subject: git: da384ffbd5ad - stable/13 - adduser: create dataset only if home is directly within dataset List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: da384ffbd5adebd7079b4dadd2592e82232566e0 Auto-Submitted: auto-generated The branch stable/13 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=da384ffbd5adebd7079b4dadd2592e82232566e0 commit da384ffbd5adebd7079b4dadd2592e82232566e0 Author: Mike Karels AuthorDate: 2024-05-20 13:43:34 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2024-08-21 10:29:26 +0000 adduser: create dataset only if home is directly within dataset Currently, if the prefix of the new home directory is a subdirectory of a ZFS dataset, adduser will create a new dataset up one or more levels from the intended destination. "pw useradd" will then create a normal directory in the desired location, leaving an unused dataset. Check for this situation when determining whether to create a dataset, and let pw create the directory. Reviewed by: des Differential Revision: https://reviews.freebsd.org/D45229 MFC after: 3 days (cherry picked from commit 0b39b2e2ddb2df1d1325e042893ddcb1a1c12b8e) --- usr.sbin/adduser/adduser.sh | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/usr.sbin/adduser/adduser.sh b/usr.sbin/adduser/adduser.sh index 7c3fdb418179..ecac7478befd 100644 --- a/usr.sbin/adduser/adduser.sh +++ b/usr.sbin/adduser/adduser.sh @@ -474,7 +474,7 @@ get_homeperm() { # so, enable ZFS home dataset creation. # get_zfs_home() { - local _prefix= + local _prefix= _tmp= # check if zfs kernel module is loaded before attempting to run zfs to # prevent loading the kernel module on systems that don't use ZFS @@ -487,6 +487,13 @@ get_zfs_home() { Zcreate="no" return fi + # Make sure that _prefix is not a subdirectory within a dataset. If it + # is, the containing dataset will be the same for it and its parent. + _tmp=$(${ZFSCMD} list -Ho name "$(dirname "${homeprefix}")" 2>/dev/null) + if [ "${_tmp}" = "${_prefix}" ]; then + Zcreate="no" + return + fi zhome="${_prefix}/${username}" } From nobody Wed Aug 21 10:29:43 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpjJ80n0Vz5TdfB; Wed, 21 Aug 2024 10:29:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpjJ75llpz4mBR; Wed, 21 Aug 2024 10:29:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236183; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=S9oUU7bikC+I1cOiZ94cBd95PEsBjJI2ORGtHeld90s=; b=GGzTWAR+CXWevjgnzS6cHZ/oLcj+JSF57SS22lM7G5dJB4eCXtf3pOdKeE1yvZ1uTb9TDk yjmy6W09T5BBWievZdu2sxOJp1H6zA2nbWmx0Vy/pmr6QAV3X2sIm3OU8bfxd9wreRQulU zTAq5aJBEoDs940pQGIWLDRdE+ALJLYOVFIaeil1xB7H64PXr3oNXH7UL3ahbVy6mm/Syg S7LRxIs2x4wa8Q/jSa5z8nj4RJzj44t5AWW8zzlPEnPVELBhCHVBAa0ITtTC4g9cOHEzML pO7di2IA5N49CdkBFIOkXXn2cmB2t+pzPGtnBjJkG2Ez+29bUUAJRjTbwp8gEw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724236183; a=rsa-sha256; cv=none; b=IbIIA2nUjC9Ohn1fzYJHJERyotGi9uQzLbSqsvuyXfqSWdBYzoCI77Z22LAE+tnvsZMfNP hF+1YvX/xa1gaYdnDtxdI+iGNrdWt+SVQAR29lofEKGauyAa62rX5pRNUfYXpFJl95So2V GYfTStblDOiSubPF7buZlHE9sXii/1YG6d6G5mS8f+EJ3VZDegXwZlPbziCqdBLT0OZ2gI hMq1dLL4bp8bFgd+5o4kMdRuOYNJ7UVlt5QgajntTot3C6mws8AsaFrcvbXL1y9VDj6iTk 4GBRg41/Bc1DGKBfIaL/QJyi2qsuq9wzT/2kTJiA3OMWCBDWFmB5joPik0DsLg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236183; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=S9oUU7bikC+I1cOiZ94cBd95PEsBjJI2ORGtHeld90s=; b=NdW/90RH1flLXlDp5JkqoGh6RHcDDWzYnLd+qL58e8g+38H8OGbT1NXRYL1E8GDuO6Ptcb Th7CbZTDtF9OUHgon1lUwFsb8YdRtKqnV75j3of5ISwBhpRsvdX4MDdk3jty0B+1RyemcU N4FWtJg4woTxjhea5Btfsp5ZbWb5I+dbM6yASqp3eKHekzZiONSVnBbG7/QW1mJGidFvd+ ZlrebWHoXPbr/K8jzQV8eC/hrVxFjPyf9gjCTt8GEndQLVJSER127+nkDTf+trY6ZqbSgK 1xQcUZAdQWAWhyfJgYyzXRm+ySJluBwM+3ZnkU67aX41Rdn1UHSwdRsie/I9/g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpjJ74yB7zgJN; Wed, 21 Aug 2024 10:29:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LAThOX061947; Wed, 21 Aug 2024 10:29:43 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LAThcj061944; Wed, 21 Aug 2024 10:29:43 GMT (envelope-from git) Date: Wed, 21 Aug 2024 10:29:43 GMT Message-Id: <202408211029.47LAThcj061944@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= Subject: git: 8398c81b7c28 - stable/13 - adduser: Better document ZFS dataset creation. List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 8398c81b7c28ea315cb98405accb701502e3636a Auto-Submitted: auto-generated The branch stable/13 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=8398c81b7c28ea315cb98405accb701502e3636a commit 8398c81b7c28ea315cb98405accb701502e3636a Author: Dag-Erling Smørgrav AuthorDate: 2024-08-19 08:30:01 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2024-08-21 10:29:26 +0000 adduser: Better document ZFS dataset creation. MFC after: 3 days PR: 280873 Reviewed by: bcr Differential Revision: https://reviews.freebsd.org/D46316 (cherry picked from commit 9ff2ebd92891b6953bbe44c6d6a6d8bc31f5139f) --- usr.sbin/adduser/adduser.conf.5 | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/usr.sbin/adduser/adduser.conf.5 b/usr.sbin/adduser/adduser.conf.5 index 09b80f2df021..9663926ee341 100644 --- a/usr.sbin/adduser/adduser.conf.5 +++ b/usr.sbin/adduser/adduser.conf.5 @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd April 12, 2007 +.Dd August 18, 2024 .Dt ADDUSER.CONF 5 .Os .Sh NAME @@ -171,8 +171,12 @@ The default information to be held in the GECOS field of .It Va uidstart The default user ID setting. This must be a number above 1000 and fewer than 65534. -.It Va Zflag -Do not attempt to create ZFS home dataset. +.It Va Zcreate +Set to +.Dq no +to prevent the creation of a ZFS home dataset if +.Va homeprefix +is a ZFS mountpoint. .El .Sh EXAMPLES The following is an example From nobody Wed Aug 21 10:31:42 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpjLQ5NFnz5Tdjp; Wed, 21 Aug 2024 10:31:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpjLQ4wgnz4n09; Wed, 21 Aug 2024 10:31:42 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236302; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xLkD+dVe4MYVQrkVrIgaz8alFR4A3HYyCVbf78ztpjY=; b=cIpV4DF2Vp1xdAAC7bLBCGkEAy4TmwEO950dN6N3XCoLzHd6CG00qE0q6fbaOuMV1Nts/K Asj+AYlKByKxOR8TMAYYIsvY5qnMv/h/EwyTPuHq4uFZS90e0gmTe91UvE/JxHwf+PnHtg dnt9Ygg/npl/ZJ4kZbFHFbe1dJTtCLAtUVMODKB6cGm6/rWxovl/Hc256UtoAoe9WozQwS uqLrkVA4snRUIGwjiucO0A9W2/gTV87o9xx0+25X5tkLO5g4RH63pP4aw3eW+UuOCS8r0o GL8reeYuwLxk+TIGAfHe6ei2c0drwSLIaMqAKi111GQiC7i/0HE88r1TkHiieA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724236302; a=rsa-sha256; cv=none; b=sBK/1p6dD/0JepPjwpiWnh8Pv0KCCdNICpuOfYbYKjFSatTt0g84sn2weCIDJ3EKtN4xW1 4vtmMGV6l58+gzJKyoCd2jDdVYhqh603gbdnzU2Px/QzqGG+JVvb3S+QdQfOh5hGJADA6a fslpQlH/oyk6Rwi+7TONbG+n2FDI8+5YYTTE/erCxU9cZnqS44u42kWvpzo5rvzAz7NFDE jb5+GZ5bujFDhFK8JdAiwHu+l3oojJJ7vtU8Uyq35xBVf3FQub8hIOBak6xcI4nKHpDPuk MEGseVfJ2UDUx9k7elxy6+S1DcCNtcYyVQsWqFZ9fodWX8mhpD0RsbJ6N5RfUA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236302; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xLkD+dVe4MYVQrkVrIgaz8alFR4A3HYyCVbf78ztpjY=; b=js2opxQMJk19Me/5anIQ47ptphaveXvloQ9Nr5zYytdhAlylI8jqjBK2L2MkBQYIEKNbxx P3gzFxU2FE3H2kO4XVtmP61CO7bwNrtr/kqIDGsnsdmO8K3b7ZodkQu4ZMNAnZRrSfIXNY xXzewJJ3IU4xPEHpGzJM5gnpE1PLjVlJcHdNt28srq0JpZLDKq/EVEMRKxbB62KJ9iHPn1 h6wYQmzg9xnhd+46pPvRchyDhAcZAc9ribqICgacyAbDrykcbkPCZKUBCPzBg728XBUUPD SXQFSQcKPG7Cfndm9hhnb7SqpliF/GyddnBwY0NwlaOygjvO0pNHWjemHe5qIw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpjLQ4XZKzgpB; Wed, 21 Aug 2024 10:31:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LAVgUO076731; Wed, 21 Aug 2024 10:31:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LAVgUq076728; Wed, 21 Aug 2024 10:31:42 GMT (envelope-from git) Date: Wed, 21 Aug 2024 10:31:42 GMT Message-Id: <202408211031.47LAVgUq076728@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= Subject: git: 90a5cd466b84 - stable/14 - adduser: Better document ZFS dataset creation. List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 90a5cd466b84b72af539a560d8e3bf7b7e408e30 Auto-Submitted: auto-generated The branch stable/14 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=90a5cd466b84b72af539a560d8e3bf7b7e408e30 commit 90a5cd466b84b72af539a560d8e3bf7b7e408e30 Author: Dag-Erling Smørgrav AuthorDate: 2024-08-19 08:30:01 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2024-08-21 10:31:06 +0000 adduser: Better document ZFS dataset creation. MFC after: 3 days PR: 280873 Reviewed by: bcr Differential Revision: https://reviews.freebsd.org/D46316 (cherry picked from commit 9ff2ebd92891b6953bbe44c6d6a6d8bc31f5139f) --- usr.sbin/adduser/adduser.conf.5 | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/usr.sbin/adduser/adduser.conf.5 b/usr.sbin/adduser/adduser.conf.5 index 09b80f2df021..9663926ee341 100644 --- a/usr.sbin/adduser/adduser.conf.5 +++ b/usr.sbin/adduser/adduser.conf.5 @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd April 12, 2007 +.Dd August 18, 2024 .Dt ADDUSER.CONF 5 .Os .Sh NAME @@ -171,8 +171,12 @@ The default information to be held in the GECOS field of .It Va uidstart The default user ID setting. This must be a number above 1000 and fewer than 65534. -.It Va Zflag -Do not attempt to create ZFS home dataset. +.It Va Zcreate +Set to +.Dq no +to prevent the creation of a ZFS home dataset if +.Va homeprefix +is a ZFS mountpoint. .El .Sh EXAMPLES The following is an example From nobody Wed Aug 21 10:31:43 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpjLS1pnMz5Tdfs; Wed, 21 Aug 2024 10:31:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpjLR5zqjz4n6t; Wed, 21 Aug 2024 10:31:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236303; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qdvXMnHp3osGcr1fJoDoR9m3kQ83hWcjRI/og5XNez4=; b=IY26FwHbb+QRlkFEMhAT3dNaNEhOBGNd3AY43//H0zFnwoNPAk3q12c3cTWJXSytZXLMQ4 Re1lHGjuZu37N7Pqd8q5opgg8igKwmO4vOHbEpcwgzvhaUJLHPXnnL2WUK6HjD1dwkb1tk JiDKERsw3zFF2V3qJZvdNK3PUOv1XOjWLy9FXpMPm5VWKO1XoVoXRTu3K2bDJAVte+XpKz pz3eEs25ez6uxKUXse3LapQoGyOSoJ0tIPGscyGJU9Jl0mJhVAxPhrMHTUNbMHgU0S+xua efSRTKiMKZWYxKn54eAg1ii63fzmgWs+O4S4vz8aFKrT++8TEEe7rWPBC9NnQQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724236303; a=rsa-sha256; cv=none; b=AZuNkRPwu1UFiZin+NGl2szEd689udYflySzMCHGx6wuCIP7jXiOJrxG3Wp4ciMsHl71PP Ks+LmYcuRwl+YSKHGr4r3Yi13M5jPQJDXpsABT7zbyahpekxlejj5GMmhyc3Xm/5mV9TDU 7bnTnl0hcZQxWc91UnKZpZWzs1R+3IWEakrqFilVOTvVbBZerpdG7guv6cBZCtO46SKXbT okXRSjw0rKihjgQnuwM5vKXb23FHiMVsKDjr3ikLiNiA0493r01NCUrCP2anRBBp/do4yC fPWhtFIUcHPhiNe89gHa6QQ/D31sdrYD9Sv9oAtLzlq9gE02jJ9CDj89ppdr9g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236303; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qdvXMnHp3osGcr1fJoDoR9m3kQ83hWcjRI/og5XNez4=; b=KaFPMLg/RV69PtB3E6Z7yqyn80AwB1l5rHS2yQPZRcr04iNuP6NOEZdgP1om+dTbg6idaK iyT4lzQg3LagaM0vJ2PKL92Wk22xlpkgrJ9W11uhA6OSZaeaEYfJbVUzm32g3RJaEf7YOL Op/lb+BRRwRvqrFjYWFQNUO1RjSCIrVpEG9efUQsNVv1tGLmdvCdLEzCOCHWKULwBFEmK7 3vTV9oafdDqUVUSgZ0CvMdvWJgzcHiywWRCZGwSNhpUeEq+nZJArbpyPSpewq/K/3bYo7x swjhC/gHspakmrxaURYZAUNSq0hJzVlDivyTyVR/imWD5NX4QNIccFg74y1FMg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpjLR5Yr1zh3k; Wed, 21 Aug 2024 10:31:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LAVhSW076782; Wed, 21 Aug 2024 10:31:43 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LAVhWX076779; Wed, 21 Aug 2024 10:31:43 GMT (envelope-from git) Date: Wed, 21 Aug 2024 10:31:43 GMT Message-Id: <202408211031.47LAVhWX076779@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= Subject: git: dd62980f662c - stable/14 - pw userdel: destroy home dataset if empty List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: dd62980f662cd632bf59c6062f48b5021b307afe Auto-Submitted: auto-generated The branch stable/14 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=dd62980f662cd632bf59c6062f48b5021b307afe commit dd62980f662cd632bf59c6062f48b5021b307afe Author: Mike Karels AuthorDate: 2024-05-29 23:55:14 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2024-08-21 10:31:10 +0000 pw userdel: destroy home dataset if empty When removing a user's home directory, if the directory is a ZFS dataset, it cannot be removed. If the directory has been emptied, use "zfs destroy" to destroy it. This complements the automatic dataset creation in adduser. Note that datasets within the directory and snapshots are not handled, as the complete path is not constructed. While here, add waitpid() calls to rmat() and pw_user_del(). Reviewed by: des Differential Revision: https://reviews.freebsd.org/D45348 (cherry picked from commit d2f1f71ec8c62dd26d6169d0d671a5aa5a933c1a) --- usr.sbin/pw/pw.8 | 6 ++- usr.sbin/pw/pw_user.c | 15 ++++--- usr.sbin/pw/pwupd.h | 2 +- usr.sbin/pw/rm_r.c | 113 +++++++++++++++++++++++++++++++++++++++++++++----- 4 files changed, 118 insertions(+), 18 deletions(-) diff --git a/usr.sbin/pw/pw.8 b/usr.sbin/pw/pw.8 index 5d461fc6464e..5ba35c193811 100644 --- a/usr.sbin/pw/pw.8 +++ b/usr.sbin/pw/pw.8 @@ -741,6 +741,9 @@ Secondly, it will only remove files and directories that are actually owned by the user, or symbolic links owned by anyone under the user's home directory. Finally, after deleting all contents owned by the user only empty directories will be removed. +If the home directory is a ZFS dataset and has been emptied, +the dataset will be destroyed. +ZFS datasets within the home directory and snapshots are not handled. If any additional cleanup work is required, this is left to the administrator. .El .Pp @@ -1077,7 +1080,8 @@ No base home directory configured. .Xr passwd 5 , .Xr pw.conf 5 , .Xr pwd_mkdb 8 , -.Xr vipw 8 +.Xr vipw 8 , +.Xr zfs 8 .Sh HISTORY The .Nm diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c index 89354b249935..d9fd8c77c13e 100644 --- a/usr.sbin/pw/pw_user.c +++ b/usr.sbin/pw/pw_user.c @@ -28,7 +28,7 @@ */ #include -#include +#include #include #include @@ -669,6 +669,7 @@ rmat(uid_t uid) while ((e = readdir(d)) != NULL) { struct stat st; + pid_t pid; if (strncmp(e->d_name, ".lock", 5) != 0 && stat(e->d_name, &st) == 0 && @@ -679,11 +680,12 @@ rmat(uid_t uid) e->d_name, NULL }; - if (posix_spawn(NULL, argv[0], NULL, NULL, + if (posix_spawn(&pid, argv[0], NULL, NULL, (char *const *) argv, environ)) { warn("Failed to execute '%s %s'", argv[0], argv[1]); - } + } else + (void) waitpid(pid, NULL, 0); } } closedir(d); @@ -919,11 +921,14 @@ pw_user_del(int argc, char **argv, char *arg1) "-r", NULL }; - if (posix_spawnp(NULL, argv[0], NULL, NULL, + pid_t pid; + + if (posix_spawnp(&pid, argv[0], NULL, NULL, (char *const *) argv, environ)) { warn("Failed to execute '%s %s'", argv[0], argv[1]); - } + } else + (void) waitpid(pid, NULL, 0); } } diff --git a/usr.sbin/pw/pwupd.h b/usr.sbin/pw/pwupd.h index 4eff0be81066..55d359d5cc6f 100644 --- a/usr.sbin/pw/pwupd.h +++ b/usr.sbin/pw/pwupd.h @@ -140,7 +140,7 @@ void vendgrent(void); void copymkdir(int rootfd, char const * dir, int skelfd, mode_t mode, uid_t uid, gid_t gid, int flags); -void rm_r(int rootfd, char const * dir, uid_t uid); +bool rm_r(int rootfd, char const * dir, uid_t uid); __END_DECLS #endif /* !_PWUPD_H */ diff --git a/usr.sbin/pw/rm_r.c b/usr.sbin/pw/rm_r.c index 14218d68215b..f25da8ce6ad3 100644 --- a/usr.sbin/pw/rm_r.c +++ b/usr.sbin/pw/rm_r.c @@ -26,35 +26,58 @@ * SUCH DAMAGE. */ +#include +#include #include +#include #include +#include +#include #include +#include +#include +#include +#include +#include +#include #include #include #include "pwupd.h" -void +static bool try_dataset_remove(const char *home); +extern char **environ; + +/* + * "rm -r" a directory tree. If the top-level directory cannot be removed + * due to EBUSY, indicating that it is a ZFS dataset, and we have emptied + * it, destroy the dataset. Return true if any files or directories + * remain. + */ +bool rm_r(int rootfd, const char *path, uid_t uid) { int dirfd; DIR *d; struct dirent *e; struct stat st; + const char *fullpath; + bool skipped = false; + fullpath = path; if (*path == '/') path++; dirfd = openat(rootfd, path, O_DIRECTORY); if (dirfd == -1) { - return; + return (true); } d = fdopendir(dirfd); if (d == NULL) { (void)close(dirfd); - return; + return (true); } while ((e = readdir(d)) != NULL) { if (strcmp(e->d_name, ".") == 0 || strcmp(e->d_name, "..") == 0) @@ -62,16 +85,84 @@ rm_r(int rootfd, const char *path, uid_t uid) if (fstatat(dirfd, e->d_name, &st, AT_SYMLINK_NOFOLLOW) != 0) continue; - if (S_ISDIR(st.st_mode)) - rm_r(dirfd, e->d_name, uid); - else if (S_ISLNK(st.st_mode) || st.st_uid == uid) + if (S_ISDIR(st.st_mode)) { + if (rm_r(dirfd, e->d_name, uid) == true) + skipped = true; + } else if (S_ISLNK(st.st_mode) || st.st_uid == uid) unlinkat(dirfd, e->d_name, 0); + else + skipped = true; } closedir(d); if (fstatat(rootfd, path, &st, AT_SYMLINK_NOFOLLOW) != 0) - return; - if (S_ISLNK(st.st_mode)) - unlinkat(rootfd, path, 0); - else if (st.st_uid == uid) - unlinkat(rootfd, path, AT_REMOVEDIR); + return (skipped); + if (S_ISLNK(st.st_mode)) { + if (unlinkat(rootfd, path, 0) == -1) + skipped = true; + } else if (st.st_uid == uid) { + if (unlinkat(rootfd, path, AT_REMOVEDIR) == -1) { + if (errno == EBUSY && skipped == false) + skipped = try_dataset_remove(fullpath); + else + skipped = true; + } + } else + skipped = true; + + return (skipped); +} + +/* + * If the home directory is a ZFS dataset, attempt to destroy it. + * Return true if the dataset is not destroyed. + * This would be more straightforward as a shell script. + */ +static bool +try_dataset_remove(const char *path) +{ + bool skipped = true; + struct statfs stat; + const char *argv[] = { + "/sbin/zfs", + "destroy", + NULL, + NULL + }; + int status; + pid_t pid; + + /* see if this is an absolute path (top-level directory) */ + if (*path != '/') + return (skipped); + /* see if ZFS is loaded */ + if (kld_isloaded("zfs") == 0) + return (skipped); + /* This won't work if root dir is not / (-R option) */ + if (strcmp(conf.rootdir, "/") != 0) { + warnx("cannot destroy home dataset when -R was used"); + return (skipped); + } + /* if so, find dataset name */ + if (statfs(path, &stat) != 0) { + warn("statfs %s", path); + return (skipped); + } + /* + * Check that the path refers to the dataset itself, + * not a subdirectory. + */ + if (strcmp(stat.f_mntonname, path) != 0) + return (skipped); + argv[2] = stat.f_mntfromname; + if ((skipped = posix_spawn(&pid, argv[0], NULL, NULL, + (char *const *) argv, environ)) != 0) { + warn("Failed to execute '%s %s %s'", + argv[0], argv[1], argv[2]); + } else { + if (waitpid(pid, &status, 0) != -1 && status != 0) { + warnx("'%s %s %s' exit status %d\n", + argv[0], argv[1], argv[2], status); + } + } + return (skipped); } From nobody Wed Aug 21 10:31:48 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpjLX2QhKz5TdlF; Wed, 21 Aug 2024 10:31:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpjLX1pglz4mv7; Wed, 21 Aug 2024 10:31:48 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236308; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vvDxZ6DIKnWOT44TBInMMZL8YzlaNR+2f6asfBA0Uhw=; b=iNFSkX77qbUvcF6V1Ng+CvRnKQ1x8PbjQF1rMtfNypEqDWNDperU3iErhw09ap/e5bcj2D Df7+K/PMMkPFsYfCuhOjUmsrtlt2sqzP0uzfC7iBT4CevGLNUqYOCZk9N7plBjAtzR3tm9 gaAMnm92P9oRr76JOuEKW9l8GLyV7EIR7cv3VBc7LtB3CQcBCTsX649Wkn5vFKy2KxhpMU nb6HXOM/8vyOLFmMCc9QnpqaoQvoyt8CuZ1YBbsluYW8WZRRdI6w5dpQI+plev1OyGRJvc 16NzO5xT051gxW8uhJTX3PSUp515OIhpR2pQ4m06sJeo43oQVle87KdpurYjlw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724236308; a=rsa-sha256; cv=none; b=MD47l1glD/qHsC84/jcZXV3QLAj3fLHiTSBj4KnI3UXZd5Zbr/tc3OhFWPz3I0qeQfp9nn CH6AfEA+DD7SO4JIiyBcf6a3KDLQ626T7YhThfmbtYNCnNb83awAphclgibbDKpS9R7atX XrDIQsYU9XPTHIi6k7DdiMOJcm2prq94Ybfwx7FjLXi6yKxKV1k3+DZIqMnJgzk+lPNBId prqLTjlmxW1xuWJd9c7okUTpTSZMSWymKQQI4+9MgEY93khgXQHXVjlXT1/6Pv8LeAw8FE 4oNHE61LcUVYtKt8uPkZ7rgIClwXr81A7wFyAVKlnZshRmPKQSiwbvqvChNhWA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236308; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vvDxZ6DIKnWOT44TBInMMZL8YzlaNR+2f6asfBA0Uhw=; b=EknAE/o7T2oTUu3gOHq5lpt1rGSQNPoGx0LXi6ZM8rxI2sGVadyfoP8LHIMmcRx6/G9oBI lL+304XHbi8XRgbMNo6qx3RYGi2ehKSUquzcotZ1CaJbDqWmPEb2J33BOUMWl5edQT/fIU bg8Fw6BfJIvRH71Zkr6XjJiUCIfRWwTtn4C/sv1kLHzacdI0IgfXSlhBplEjSGrKnHl6Q/ NmsKZQo1Yk9sBKbaskxX0CaedVw1LxSQ+36+ukkOvh4mzBSNyMULTVCrUe2Xi2TelXzsWF c59b4IiPU0daUq6Z7JdhQ510qzdLNkuLkPU+aMLydXQ4UE+45M9g+xpCPDB5Tg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpjLX1DxZzh0L; Wed, 21 Aug 2024 10:31:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LAVm4h076941; Wed, 21 Aug 2024 10:31:48 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LAVmuu076938; Wed, 21 Aug 2024 10:31:48 GMT (envelope-from git) Date: Wed, 21 Aug 2024 10:31:48 GMT Message-Id: <202408211031.47LAVmuu076938@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= Subject: git: cd13258d2664 - stable/13 - pw userdel: destroy home dataset if empty List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: cd13258d266411c39944021ae46f5fcd724faa4a Auto-Submitted: auto-generated The branch stable/13 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=cd13258d266411c39944021ae46f5fcd724faa4a commit cd13258d266411c39944021ae46f5fcd724faa4a Author: Mike Karels AuthorDate: 2024-05-29 23:55:14 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2024-08-21 10:31:22 +0000 pw userdel: destroy home dataset if empty When removing a user's home directory, if the directory is a ZFS dataset, it cannot be removed. If the directory has been emptied, use "zfs destroy" to destroy it. This complements the automatic dataset creation in adduser. Note that datasets within the directory and snapshots are not handled, as the complete path is not constructed. While here, add waitpid() calls to rmat() and pw_user_del(). Reviewed by: des Differential Revision: https://reviews.freebsd.org/D45348 (cherry picked from commit d2f1f71ec8c62dd26d6169d0d671a5aa5a933c1a) --- usr.sbin/pw/pw.8 | 6 ++- usr.sbin/pw/pw_user.c | 15 ++++--- usr.sbin/pw/pwupd.h | 2 +- usr.sbin/pw/rm_r.c | 113 +++++++++++++++++++++++++++++++++++++++++++++----- 4 files changed, 118 insertions(+), 18 deletions(-) diff --git a/usr.sbin/pw/pw.8 b/usr.sbin/pw/pw.8 index 5d461fc6464e..5ba35c193811 100644 --- a/usr.sbin/pw/pw.8 +++ b/usr.sbin/pw/pw.8 @@ -741,6 +741,9 @@ Secondly, it will only remove files and directories that are actually owned by the user, or symbolic links owned by anyone under the user's home directory. Finally, after deleting all contents owned by the user only empty directories will be removed. +If the home directory is a ZFS dataset and has been emptied, +the dataset will be destroyed. +ZFS datasets within the home directory and snapshots are not handled. If any additional cleanup work is required, this is left to the administrator. .El .Pp @@ -1077,7 +1080,8 @@ No base home directory configured. .Xr passwd 5 , .Xr pw.conf 5 , .Xr pwd_mkdb 8 , -.Xr vipw 8 +.Xr vipw 8 , +.Xr zfs 8 .Sh HISTORY The .Nm diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c index ebe80977fa0e..7d919847aa93 100644 --- a/usr.sbin/pw/pw_user.c +++ b/usr.sbin/pw/pw_user.c @@ -28,7 +28,7 @@ */ #include -#include +#include #include #include @@ -687,6 +687,7 @@ rmat(uid_t uid) while ((e = readdir(d)) != NULL) { struct stat st; + pid_t pid; if (strncmp(e->d_name, ".lock", 5) != 0 && stat(e->d_name, &st) == 0 && @@ -697,11 +698,12 @@ rmat(uid_t uid) e->d_name, NULL }; - if (posix_spawn(NULL, argv[0], NULL, NULL, + if (posix_spawn(&pid, argv[0], NULL, NULL, (char *const *) argv, environ)) { warn("Failed to execute '%s %s'", argv[0], argv[1]); - } + } else + (void) waitpid(pid, NULL, 0); } } closedir(d); @@ -971,11 +973,14 @@ pw_user_del(int argc, char **argv, char *arg1) "-r", NULL }; - if (posix_spawnp(NULL, argv[0], NULL, NULL, + pid_t pid; + + if (posix_spawnp(&pid, argv[0], NULL, NULL, (char *const *) argv, environ)) { warn("Failed to execute '%s %s'", argv[0], argv[1]); - } + } else + (void) waitpid(pid, NULL, 0); } } diff --git a/usr.sbin/pw/pwupd.h b/usr.sbin/pw/pwupd.h index 4eff0be81066..55d359d5cc6f 100644 --- a/usr.sbin/pw/pwupd.h +++ b/usr.sbin/pw/pwupd.h @@ -140,7 +140,7 @@ void vendgrent(void); void copymkdir(int rootfd, char const * dir, int skelfd, mode_t mode, uid_t uid, gid_t gid, int flags); -void rm_r(int rootfd, char const * dir, uid_t uid); +bool rm_r(int rootfd, char const * dir, uid_t uid); __END_DECLS #endif /* !_PWUPD_H */ diff --git a/usr.sbin/pw/rm_r.c b/usr.sbin/pw/rm_r.c index 14218d68215b..f25da8ce6ad3 100644 --- a/usr.sbin/pw/rm_r.c +++ b/usr.sbin/pw/rm_r.c @@ -26,35 +26,58 @@ * SUCH DAMAGE. */ +#include +#include #include +#include #include +#include +#include #include +#include +#include +#include +#include +#include +#include #include #include #include "pwupd.h" -void +static bool try_dataset_remove(const char *home); +extern char **environ; + +/* + * "rm -r" a directory tree. If the top-level directory cannot be removed + * due to EBUSY, indicating that it is a ZFS dataset, and we have emptied + * it, destroy the dataset. Return true if any files or directories + * remain. + */ +bool rm_r(int rootfd, const char *path, uid_t uid) { int dirfd; DIR *d; struct dirent *e; struct stat st; + const char *fullpath; + bool skipped = false; + fullpath = path; if (*path == '/') path++; dirfd = openat(rootfd, path, O_DIRECTORY); if (dirfd == -1) { - return; + return (true); } d = fdopendir(dirfd); if (d == NULL) { (void)close(dirfd); - return; + return (true); } while ((e = readdir(d)) != NULL) { if (strcmp(e->d_name, ".") == 0 || strcmp(e->d_name, "..") == 0) @@ -62,16 +85,84 @@ rm_r(int rootfd, const char *path, uid_t uid) if (fstatat(dirfd, e->d_name, &st, AT_SYMLINK_NOFOLLOW) != 0) continue; - if (S_ISDIR(st.st_mode)) - rm_r(dirfd, e->d_name, uid); - else if (S_ISLNK(st.st_mode) || st.st_uid == uid) + if (S_ISDIR(st.st_mode)) { + if (rm_r(dirfd, e->d_name, uid) == true) + skipped = true; + } else if (S_ISLNK(st.st_mode) || st.st_uid == uid) unlinkat(dirfd, e->d_name, 0); + else + skipped = true; } closedir(d); if (fstatat(rootfd, path, &st, AT_SYMLINK_NOFOLLOW) != 0) - return; - if (S_ISLNK(st.st_mode)) - unlinkat(rootfd, path, 0); - else if (st.st_uid == uid) - unlinkat(rootfd, path, AT_REMOVEDIR); + return (skipped); + if (S_ISLNK(st.st_mode)) { + if (unlinkat(rootfd, path, 0) == -1) + skipped = true; + } else if (st.st_uid == uid) { + if (unlinkat(rootfd, path, AT_REMOVEDIR) == -1) { + if (errno == EBUSY && skipped == false) + skipped = try_dataset_remove(fullpath); + else + skipped = true; + } + } else + skipped = true; + + return (skipped); +} + +/* + * If the home directory is a ZFS dataset, attempt to destroy it. + * Return true if the dataset is not destroyed. + * This would be more straightforward as a shell script. + */ +static bool +try_dataset_remove(const char *path) +{ + bool skipped = true; + struct statfs stat; + const char *argv[] = { + "/sbin/zfs", + "destroy", + NULL, + NULL + }; + int status; + pid_t pid; + + /* see if this is an absolute path (top-level directory) */ + if (*path != '/') + return (skipped); + /* see if ZFS is loaded */ + if (kld_isloaded("zfs") == 0) + return (skipped); + /* This won't work if root dir is not / (-R option) */ + if (strcmp(conf.rootdir, "/") != 0) { + warnx("cannot destroy home dataset when -R was used"); + return (skipped); + } + /* if so, find dataset name */ + if (statfs(path, &stat) != 0) { + warn("statfs %s", path); + return (skipped); + } + /* + * Check that the path refers to the dataset itself, + * not a subdirectory. + */ + if (strcmp(stat.f_mntonname, path) != 0) + return (skipped); + argv[2] = stat.f_mntfromname; + if ((skipped = posix_spawn(&pid, argv[0], NULL, NULL, + (char *const *) argv, environ)) != 0) { + warn("Failed to execute '%s %s %s'", + argv[0], argv[1], argv[2]); + } else { + if (waitpid(pid, &status, 0) != -1 && status != 0) { + warnx("'%s %s %s' exit status %d\n", + argv[0], argv[1], argv[2], status); + } + } + return (skipped); } From nobody Wed Aug 21 10:33:22 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpjNM3GhZz5Tdmj; Wed, 21 Aug 2024 10:33:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpjNM1PpKz4pq9; Wed, 21 Aug 2024 10:33:23 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236403; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UgRCtEkMc4RvoA5JH8D2abkvbiO8sp6OGo4rRU5ZeSE=; b=msbuplWk0Uqjk2ffhatiuscyaArCoQlWyGSoC2qhxP7vo5F6qCjSUyQm+lLrQ95ZrVsAm9 osa1jbYpPLlou96BZlBfhmgg3jPdOHoUCC34xWCEo7lLzcW114baGISrBHybtiebWVmO1E 119q9ji4nB4cWnda07IeWD/Pj/ZDQnsMiZUW5ktYgNWHWW9NbQLoh4vewH9J7FNLJRO7XH VNWFNWi4O4LLKDctnir9XTLoJDgRDijeR7kNt3y79Wz3lV+z3Jv7RPJQJ/+eD4MerXb0DY DuS7D0lDV9gv3ZuWPTX/Cw3dTQD84k+K4WCEFqDNHVJ8LzjbdYMsRYt3P928LA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724236403; a=rsa-sha256; cv=none; b=d3jO56JCB2NES9Svlfd9XtYsFOTxSpLHX2CGwdRwbg+EGBK34/yTKFUIxRvoKn1JRoRHxj VigQNk0Y9SzKGFLiPiALHqAv1odwh8rQzGEYlx2TbYhAbyP4vqGJAIMM2hxzCfrQ6CQed3 gOYCP9fixy19NIHHZuhPTMeD+0I0M1K1/mGjp4krzJ4WbTi/JG91osj8m2j4jtKs2Cc4vC EVwAi7q02ICPIMuREfr4gl8IR1xdp/5Nl7JUwA6eRi492JMCh0GNo9SNOEgYKm/dhQ3ypg CgjS8FyX334IaR3J0o5johtrcAfiefjWyn72od5owcNSQdGWR0Rgcx6hJ0HJKA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236403; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UgRCtEkMc4RvoA5JH8D2abkvbiO8sp6OGo4rRU5ZeSE=; b=ROzLEC+G5Xa94jZfWmxLerInW44BZcDZfJzQ4xtIn5C+vHlL6QkbaM1Ax/6rFdw/4//RZ4 cTxT7FHZVSm9ZD02tFtxDyUwhV30UYu5DHZitUsrmagfrvaIQu+f0UyvTfmiZSVvwP+Q8t 2XXdw39n+HsBwx/tjPtIyFeRvfFtpwdHw9HJ0EaAQFoxccLsImkcP3W/+SIUcGwNBw8lG7 PawOUI1vm4en/HAztn/sBLDLERhDarzb83No9pDT7bX71o93VzEnkHgueOF7FPBGuutTc8 ZX6kzSDkHeuApVAMQV0ItUazMWza9NTUeLzFAylAe1yolEISRBlORj8dQjvvPg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpjNL6kHRzg3S; Wed, 21 Aug 2024 10:33:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LAXMlZ078396; Wed, 21 Aug 2024 10:33:22 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LAXM9b078393; Wed, 21 Aug 2024 10:33:22 GMT (envelope-from git) Date: Wed, 21 Aug 2024 10:33:22 GMT Message-Id: <202408211033.47LAXM9b078393@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 8d801641a398 - stable/14 - exit(3): make it thread-safe List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 8d801641a39834cf8ce72dc88cf8bc5712cc1cad Auto-Submitted: auto-generated The branch stable/14 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=8d801641a39834cf8ce72dc88cf8bc5712cc1cad commit 8d801641a39834cf8ce72dc88cf8bc5712cc1cad Author: Konstantin Belousov AuthorDate: 2024-07-24 20:41:32 +0000 Commit: Konstantin Belousov CommitDate: 2024-08-21 10:32:49 +0000 exit(3): make it thread-safe (cherry picked from commit 3f3ec4b99f79d32a0bf15495559ca9883bd751f2) --- lib/libc/stdlib/exit.3 | 20 ++++++++++++++++++-- lib/libc/stdlib/exit.c | 21 +++++++++++++++++++++ 2 files changed, 39 insertions(+), 2 deletions(-) diff --git a/lib/libc/stdlib/exit.3 b/lib/libc/stdlib/exit.3 index afdc58ec4831..c190f5fac27f 100644 --- a/lib/libc/stdlib/exit.3 +++ b/lib/libc/stdlib/exit.3 @@ -29,9 +29,8 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)exit.3 8.1 (Berkeley) 6/4/93 .\" -.Dd August 5, 2021 +.Dd July 24, 2024 .Dt EXIT 3 .Os .Sh NAME @@ -104,6 +103,23 @@ values described in .Xr sysexits 3 may be used to provide more information to the parent process. .Pp +Calls to the +.Fn exit +function are serialized. +All functions registered by +.Xr atexit 3 +are executed in the first thread that called +.Nm exit . +If any other thread of the process calls +.Nm exit +before all registered functions have completed or before the process +terminates, the thread is blocked until the process terminates. +The exit status of the process is the +.Fa status +argument of the first +.Nm exit +call which thread proceeds the atexit handlers. +.Pp Note that .Fn exit does nothing to prevent bottomless recursion should a function registered diff --git a/lib/libc/stdlib/exit.c b/lib/libc/stdlib/exit.c index a0c9622944c5..b2c2fa7db4bb 100644 --- a/lib/libc/stdlib/exit.c +++ b/lib/libc/stdlib/exit.c @@ -34,6 +34,7 @@ static char sccsid[] = "@(#)exit.c 8.1 (Berkeley) 6/4/93"; #endif /* LIBC_SCCS and not lint */ #include "namespace.h" #include +#include #include #include "un-namespace.h" @@ -51,6 +52,20 @@ void (*__cleanup)(void); */ int __isthreaded = 0; +static pthread_mutex_t exit_mutex; +static pthread_once_t exit_mutex_once = PTHREAD_ONCE_INIT; + +static void +exit_mutex_init_once(void) +{ + pthread_mutexattr_t ma; + + _pthread_mutexattr_init(&ma); + _pthread_mutexattr_settype(&ma, PTHREAD_MUTEX_RECURSIVE); + _pthread_mutex_init(&exit_mutex, &ma); + _pthread_mutexattr_destroy(&ma); +} + /* * Exit, flushing stdio buffers if necessary. */ @@ -62,6 +77,12 @@ exit(int status) _thread_autoinit_dummy_decl = 1; + /* Make exit(3) thread-safe */ + if (__isthreaded) { + _once(&exit_mutex_once, exit_mutex_init_once); + _pthread_mutex_lock(&exit_mutex); + } + /* * We're dealing with cleaning up thread_local destructors in the case of * the process termination through main() exit. From nobody Wed Aug 21 10:33:24 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpjNN3Q4Vz5Tdmn; Wed, 21 Aug 2024 10:33:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpjNN19fTz4pgx; Wed, 21 Aug 2024 10:33:24 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236404; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rPR5H3Py6zdwjwc3GAp81EgZs1pFQKYog1KPf0usFqE=; b=EF/1s/TKkpqa9fWgb3XBq/3jVK+CbVKcfIVjCJenQkXRIs7X9i/bGqQihRmQl/d4ttX5pz lxHpg0sjsubo0vnEKM25rUQzkfNhPZSFBvWgdpLBZdidV5DUProJehTud/iqU/74qZsjMV hZLoLT9+3yDzwX4/v44ZPc17dBPdsUjTZ0V7n43mrLQSwLVZ5NcCZkWu0N2Gq6WZykvbjW dH7Y2c0/7y/TU8Hp4K6bNug/KFQC3MUtZ134YOU018Xnux/wGstxXr87923096UKU6+gU4 AvCdbZAnvu37RGgXavxVyIiWHz5vEhbHabrc1/QIPRjQBBI6Wyv/ofK5MDzMeQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724236404; a=rsa-sha256; cv=none; b=s0jIf7jqEnYiHRSZrSSsUbyZsxF/4A5r6bKST8AraOx1kJnw+9FqwXkzRL7xsk+dWMXoie 96WhCAAcExWVgw3kIDLZerIgwp4vH2Hc1dbjPbFtwgeahAufVfx7MAU7t/5RLbQ8DxCeoy BOzUuKPaw5v62A8vkNQtJyna2tKNq1FVv0DHFdGZQkOSvd00hRE7uMvDRioDLINk87gUtz i7XOxryGpsrtTVaGh6O11CvZXZZkXd/IZePUwEEmY0tOm/uN4n1WyGxf26kdz82fO4KBax ywrInFUD1ISvg9tUTqwlzvdxYhYvvCyEbhOCNXjgM7sGjVYBwWehbT0yTlHBrA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236404; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rPR5H3Py6zdwjwc3GAp81EgZs1pFQKYog1KPf0usFqE=; b=I7psuPvt03MEDZA2g5ebVAuYe3geE6sxKTVrxTnyFXQtbExtdhEg0saoHUHSw5j1lHW105 Lir5OzJ4PfaKMnGM+mOx03xynau6D/g71x+zaulWQvhXjUW+RZJUYX0SrYadxc9KH8PKeF EPnlgbdQDd16508FUZGKDGr/5c3TzQ/CjFTHiL2IJeCoo8iSix/LyutpN4wmgKiRewzOjm sE43U3fDgXLd/bFRWAjWe5XTlOhCbyY57bJIipjS4al2AooSAtJaJidUWuxYdD2vEnbveq CguJhAwFQmM0vfW0/QMoEvikZBWXIhZnKDZVVKwjBryuG2S7DeoafL36OAHNmg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpjNN0f58zg3T; Wed, 21 Aug 2024 10:33:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LAXOKi078465; Wed, 21 Aug 2024 10:33:24 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LAXOwl078462; Wed, 21 Aug 2024 10:33:24 GMT (envelope-from git) Date: Wed, 21 Aug 2024 10:33:24 GMT Message-Id: <202408211033.47LAXOwl078462@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 2a1e8d7c30c9 - stable/14 - exit(3): clarify how to obtain full exit status of the exited process List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 2a1e8d7c30c90e17fccaeec89e4963a8d825063d Auto-Submitted: auto-generated The branch stable/14 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=2a1e8d7c30c90e17fccaeec89e4963a8d825063d commit 2a1e8d7c30c90e17fccaeec89e4963a8d825063d Author: Konstantin Belousov AuthorDate: 2024-07-25 17:28:45 +0000 Commit: Konstantin Belousov CommitDate: 2024-08-21 10:32:49 +0000 exit(3): clarify how to obtain full exit status of the exited process (cherry picked from commit c4269e63ecf301306a6176b9fe9002c4c2265695) --- lib/libc/stdlib/exit.3 | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/lib/libc/stdlib/exit.3 b/lib/libc/stdlib/exit.3 index c190f5fac27f..2fb3ab165dae 100644 --- a/lib/libc/stdlib/exit.3 +++ b/lib/libc/stdlib/exit.3 @@ -103,6 +103,20 @@ values described in .Xr sysexits 3 may be used to provide more information to the parent process. .Pp +The complete +.Fa status +value is avaliable as +.Va si_status +member of the +.Vt siginfo_t +structure, to the +.Xr wait6 2 +and +.Xr sigwaitinfo 2 +callers, and +.Va SIGCHLD +signal handlers. +.Pp Calls to the .Fn exit function are serialized. From nobody Wed Aug 21 10:33:25 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpjNP3Yt0z5Tf3S; Wed, 21 Aug 2024 10:33:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpjNP2JZ1z4pKx; Wed, 21 Aug 2024 10:33:25 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236405; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=PRHZsDlU3fIe2JUa2DJEKIywFc0aqRef2w15bp7tSwA=; b=rl2kOeDAkawkgqbUPMyMq2SD3J5/9vUbvMwVuLEQkWv/LLp/OlswqHD+EQhGQD8kfOYHq+ JFvxToHWJhWLLXI0KrFNsJ92nt9eJDieZnsRnT7mdFcTdk+TSTz/ptWNPOnUX8UgY9pfGQ 7TT4woGu8GLodlSjKsNG2mk05y1TXpJQilhyKf7ZUHjQz66xf/G6OYCbHu8tubz1+3d6fM r5yvVyRRIXp7Y10YX1uxKBot51j5t9bfFRvH2PGJqVm5ad8dBlKETaDnRnNvpKvxIf9rvJ KzcGBSLyMIXPK2YK4pnF5GHegrscGHMiyO9wp8lB9pGEKtHk7ohujShTgnGAaQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724236405; a=rsa-sha256; cv=none; b=JEBq/W80Xde190wTinF4N5qkOW/I4rGY+iTbMhvlz7YeeOgGsMZ6GwlPpltUEx3qFF68Od Px8fAhDZ3inzPgxX+/5i4KbVvAGTyO28uTh1hrVCF+vhJ8vEdrr1D+v+9ne3bLPx+iXJyb ugJ5by2BIgzOod4zTzzDfybWTZI5pXvRg1rime6xneYEExF32Z/XCfr4g5p5zhyATP8od6 tXwKCe6X/QFdJ1EgIElEjCBDcqwuUzfip7E2MGozCCfZ8DOjeoKALukZNhxBr75+R2LCgC H535p6GYr4SMvUW/z4xRKtR6IVMJyWk9IYz9USIlPIdhTNt/OMnulBcx1+5gPQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236405; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=PRHZsDlU3fIe2JUa2DJEKIywFc0aqRef2w15bp7tSwA=; b=CTjshnqgy5shh2DvIJamFycHk7+dY98IyQCbBWVwRsnPAS/rw6E7M6str7s3mxmBmaUD0L J4ZR0B/Yof3S0NR/VatkAeCznUSYg6YDJUHslSeQ+3t+gs1qTg74q4t+gYoWOXDaS9K3AE lkRhigqCNXlspfPLpp+ewVJRWJmuJHnYD/Wr216kMRLgHFfeOmgnRoqfoLmwKyXfCuzDOp mBp0og/2BckaWmiOfJ0lWg6bDZ4Fl7y+k1TLC8mnITYOiPj4D3Ls7R7NPDa5gVZHA2MhP+ vY8wGZVkDViGR4TvNZ/uImoXxbMeEE4SzLqMa72o+HXLCgebzcv+zDOHAOB31Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpjNP1wF2zgpG; Wed, 21 Aug 2024 10:33:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LAXPrg078505; Wed, 21 Aug 2024 10:33:25 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LAXP3I078502; Wed, 21 Aug 2024 10:33:25 GMT (envelope-from git) Date: Wed, 21 Aug 2024 10:33:25 GMT Message-Id: <202408211033.47LAXP3I078502@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: cf4a34bbc7df - stable/14 - tail -F: fix crash List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: cf4a34bbc7dfee43e9983a847ecf0fa0ed1d258d Auto-Submitted: auto-generated The branch stable/14 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=cf4a34bbc7dfee43e9983a847ecf0fa0ed1d258d commit cf4a34bbc7dfee43e9983a847ecf0fa0ed1d258d Author: Andre Albsmeier AuthorDate: 2024-08-19 07:54:24 +0000 Commit: Konstantin Belousov CommitDate: 2024-08-21 10:32:49 +0000 tail -F: fix crash PR: 280910 (cherry picked from commit 308399a179a49b7b858c725de10177fdb0502fd2) --- usr.bin/tail/forward.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/usr.bin/tail/forward.c b/usr.bin/tail/forward.c index a902e006afed..2edf8730e8b1 100644 --- a/usr.bin/tail/forward.c +++ b/usr.bin/tail/forward.c @@ -382,7 +382,8 @@ follow(file_info_t *files, enum STYLE style, off_t off) sb2.st_dev != file->st.st_dev || sb2.st_nlink == 0) { show(file); - fclose(file->fp); + if (file->fp != NULL) + fclose(file->fp); file->fp = ftmp; memcpy(&file->st, &sb2, sizeof(struct stat)); From nobody Wed Aug 21 10:34:17 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpjPP4jFcz5TfBW; Wed, 21 Aug 2024 10:34:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WpjPP4BlRz4qYM; Wed, 21 Aug 2024 10:34:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236457; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4/ZOesRV5e/Og8ddA0ux4H7o7lY0EqD9ZM1MGW9K6dU=; b=u0E4py185GEI4kfjV9H1I+IVateWmRQCVu0HOzcxtckw7cBpz7m2ff2+n9C599gjC98rUR cZo/o4WZpnf1ze/J0QU9kS3prdwWRwM/wQjSh200tCz5QxbH1gR1CiBSSibaAp6tIyjXdi LNqgwBHBp73vnkRr2HVFhx4Ozc9uuRbbOnqFjPs+HHD2y4U8bULXPSuSbVmYsUEVnYhEah q5JcDwW9bBJekEIorG9c2TKrzmORw/6JsXJxFMdlsdM3LZtBeZRY8yDrZmiXEx5/tAhZEJ Wb7SO3b+dtoqTH9s+gcGlZkt8iLhwkZOjxCH9GAGODGlKCWis1WzXUmjAcehfA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724236457; a=rsa-sha256; cv=none; b=VooSvtkC92R7WnOj9M2HfDSJwBrg0f/7CFU3IIxlQuMnBcFk+04KwGBq8s7VBorY68ghML EFy3wvX+PERW4PgpNvskyyjqtJvJp3TBMq+nwHTkDe/lGvGEBvFOpgbBK+1xLfznZHSb1D nKZjqUfIEIZkXWnDpaCQfn4Yvm2t0Gj1n+81ySSi2axPBlQ3fc5gv6ElKqfS1pOPWtEFoS GL82wgqkqaEqcPoQS1PnLHXk5FQw368AeX7XOb14kU22jP1DdrX1mLAb8hdu2pgXADNmyF hxAip6MoH48gYqYgPUSCthAgGR4dzMz2mOa0EgkZo+/3ANBvPj8LOTBb6/DxdQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724236457; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4/ZOesRV5e/Og8ddA0ux4H7o7lY0EqD9ZM1MGW9K6dU=; b=oJOEUJGgUxCGIe9laswDaRpGTJzm1/9SYumJTab/4H4woDIDf1CxCWhaqlUtA9qfieTj+4 uXye8MTeEEm7S660tpOhijOTD/kcSiQXsauaSpcOMW+YN7suYZ70JVWvilfHZTOWLgn2Sz xAL3Z3+A/V6FseA+NNxu3zEa04Y0+GK1Gmu4lMM9OAzZ0xkaZb57iv55GMPySVw+yNNW+S +D6aYQWbz0ptVHGN8U2gGgz3pQk12b8YNoN0EmyoKADR83PRQnyfn0Vvva6OD2LE5Bn8CR Dwve8/qyTud0i7RPLV3xaBGmihqNyWjmLCkesokxRPLgnF1wPPsIHrXxraM8pA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpjPP3YgqzgpH; Wed, 21 Aug 2024 10:34:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LAYHP6078777; Wed, 21 Aug 2024 10:34:17 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LAYHLV078774; Wed, 21 Aug 2024 10:34:17 GMT (envelope-from git) Date: Wed, 21 Aug 2024 10:34:17 GMT Message-Id: <202408211034.47LAYHLV078774@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 8dfa4e5b6ce2 - stable/13 - tail -F: fix crash List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 8dfa4e5b6ce2e22ef92c0ec13aa001994774c23f Auto-Submitted: auto-generated The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=8dfa4e5b6ce2e22ef92c0ec13aa001994774c23f commit 8dfa4e5b6ce2e22ef92c0ec13aa001994774c23f Author: Andre Albsmeier AuthorDate: 2024-08-19 07:54:24 +0000 Commit: Konstantin Belousov CommitDate: 2024-08-21 10:34:06 +0000 tail -F: fix crash PR: 280910 (cherry picked from commit 308399a179a49b7b858c725de10177fdb0502fd2) --- usr.bin/tail/forward.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/usr.bin/tail/forward.c b/usr.bin/tail/forward.c index a902e006afed..2edf8730e8b1 100644 --- a/usr.bin/tail/forward.c +++ b/usr.bin/tail/forward.c @@ -382,7 +382,8 @@ follow(file_info_t *files, enum STYLE style, off_t off) sb2.st_dev != file->st.st_dev || sb2.st_nlink == 0) { show(file); - fclose(file->fp); + if (file->fp != NULL) + fclose(file->fp); file->fp = ftmp; memcpy(&file->st, &sb2, sizeof(struct stat)); From nobody Wed Aug 21 16:00:03 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WprdH3SxYz5V5WN; Wed, 21 Aug 2024 16:00:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WprdH2kK5z4VC0; Wed, 21 Aug 2024 16:00:03 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724256003; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lr/YHBXWWY3CqqevT6xs5BzBS15FYM6U9DzD0JoUC/A=; b=uHJ+K01eYHFaZdKfibDKCbU4w7RT7V8LrGZa4Oqv6cnBPNilVPgBAB89s0wRFtEfNs4/E5 oSE9aG0N5JrKkQyLbiyVJ9Ob51F7Y6RipNM7xEkSGD+tlsohdpT2ZbONEb2QzMX1bPsHBu HQvDCHRPZQVRq8zQ83gN5R/F0+7FLAXvFrNYOs6hGknH75+iTTC4bEtb6b1Ckn1WZG77g/ Ke4XIUEmV7pQjBDfLTpUEXWEQXG7H5qUTdvDAAVnQSXLpSWVZwTIlZSfvR59+Ee1yA9vXJ w08OST5j0jCuYq7+u4+X6W2b7H6as4mm6jBq6PllKVHH03HgI42nCCTed1TyaA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724256003; a=rsa-sha256; cv=none; b=RVRcez80y+Wle+w7RNPR1L8NDK0VDwHjWbh981mrk9IQIIgh8DaxDyalz6+SK2kO/QGJwh Zep7Rv1GeaQU83uwLq8RavvdJeZQys+9di2xXg3CnB7ArNvVLr83AHEMVHXLsGmsol02q0 6wttF0F3tHrVoMW/24uq9R2MxGDCscKNFwcw+fwxSoN+68yrHsia+r+u8Ahq9LMkclOlgv ccmviGFwVs0Bv9J5xXIWVeXIlWhQuToNnrrdx4OhMCjkP52x5q0XgxUhuTZyivYMQyeJU2 AZyGZ65irIrWFvTuRiJO1+DtWDIOLxlnsz90eXuiID8P4+B2/dPwGMOMBmFeYA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724256003; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lr/YHBXWWY3CqqevT6xs5BzBS15FYM6U9DzD0JoUC/A=; b=Hgv1c/8ANF+fotD8a5z2ZG+Wr7vzs7IRxItLTBnm3NTHhhiFAQy6JvZiiEttlpRo9l1QqT j7mZnwYED+Z9EYQLqqDDcExgrboJpnUsB8F4aKa68/8349gaHuAeZXFFVyYvKoNiI+He9c O+OKm1e7PWCgvlLFyFBY8GnQR1N41vH1OpwrcQVo8IMLFNWOR7hH28YFTMto9N0WMJ1A8R MU/alJhUH+aEadN5ac+3BKxL3RUimkF9jTQgfXrXYkKbSYXSJEIjS3a4Ya2KedOj1EdLHn bLChsCmoZA9yI/NfEXNFa/rz2/w5syeFP+3ti/ZVpvRRcnIfXVx41tpklCH5Og== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WprdH2F9rzqps; Wed, 21 Aug 2024 16:00:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LG03xq024279; Wed, 21 Aug 2024 16:00:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LG03P5024271; Wed, 21 Aug 2024 16:00:03 GMT (envelope-from git) Date: Wed, 21 Aug 2024 16:00:03 GMT Message-Id: <202408211600.47LG03P5024271@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 9b945635c147 - releng/13.4 - tail -F: fix crash List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: 9b945635c147feb4ac6ebf84bd19e149e9a10227 Auto-Submitted: auto-generated The branch releng/13.4 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=9b945635c147feb4ac6ebf84bd19e149e9a10227 commit 9b945635c147feb4ac6ebf84bd19e149e9a10227 Author: Andre Albsmeier AuthorDate: 2024-08-19 07:54:24 +0000 Commit: Konstantin Belousov CommitDate: 2024-08-21 15:59:21 +0000 tail -F: fix crash PR: 280910 Approved by: re (cperciva) (cherry picked from commit 308399a179a49b7b858c725de10177fdb0502fd2) (cherry picked from commit 8dfa4e5b6ce2e22ef92c0ec13aa001994774c23f) --- usr.bin/tail/forward.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/usr.bin/tail/forward.c b/usr.bin/tail/forward.c index a902e006afed..2edf8730e8b1 100644 --- a/usr.bin/tail/forward.c +++ b/usr.bin/tail/forward.c @@ -382,7 +382,8 @@ follow(file_info_t *files, enum STYLE style, off_t off) sb2.st_dev != file->st.st_dev || sb2.st_nlink == 0) { show(file); - fclose(file->fp); + if (file->fp != NULL) + fclose(file->fp); file->fp = ftmp; memcpy(&file->st, &sb2, sizeof(struct stat)); From nobody Wed Aug 21 17:15:01 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WptHn3tCdz5VC6X; Wed, 21 Aug 2024 17:15:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WptHn3MrXz4fwr; Wed, 21 Aug 2024 17:15:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724260501; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=F5MrbDYB/O4FVIAHn/dnHXO5Hp4xrj5O/oiLCUdgYo0=; b=J13gVJaAyh8qs628S3C4OPKWPOrV8+E8viw5prm0CpY2Ns2tHnvP7OYPyWOHRZjkJ8e5dj IE+PVgS43r7x5Y2dZVMn3/YHHWxacViiWo3JSQ1audoUUxJM8DSvWhoPSDyIGmOKocVeGS fny+tAnHyaub67vPwkF2xZbiuJsIqBRUiKTocHdfP6RxPEGtqXx9c+7+633Te6ySQL2PKL OiQdwhWua6XJP31zrgEVvv4QEyubQNapt9DM0id7X7yL779vEr6nZunRkpQ85MzGWNMpkC 4bj65/a0Gahl7bD80W9fRhL9SKLM0/0vyH1Dw3VTPbXD6n9Wcaurfe1gXc3x4g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724260501; a=rsa-sha256; cv=none; b=TscVFPUT8pidGoO8tFZUjCyX4NwhtLogIUcu6pr8wpAXkCuq7M8H6lwImMiNNZaJVv4KjV cpMABKq8NDbMiuzZoImGOQUc3ni5TNFJ4bQm+iRGQ9eAHc1E6bggHzkMWBK9VaJzDkVAbJ 0Ftk5vJHfKKtFhlIvLKNnzsZwQMkXyZg1ojxwjIPxrBJZGujum85vyWl1ZoY0iOGv70Rg4 mOJFptZQWD8D5QNhvDiJBQJeukszrHvXOw8Lk+SqbOJxc2WzmMps0RjfIlM2ajofn4bQGo OaIUwgiWuXKih73/9AtKJl0GKZt1NtQ8ugf4PBk1r7C0YO4mq40TFh36fsKqWA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724260501; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=F5MrbDYB/O4FVIAHn/dnHXO5Hp4xrj5O/oiLCUdgYo0=; b=oUTN76iCi2kWeRLIGmpl1rzGnH8gLJOIoPrWdvuE7umOXsJk6NdVS3ldbttQCxXhda9Jff azPhhQfxlGDNxYl9DWuv4aVSPmr0gLx7rHMOVZfaSnO9qwgvBjoUC0pXiIw313BWEBjMuF 7IK06fI2Ir7IgbKfKuprx6om6RaRYLQA1dfwQJlT0jvAPC9O8hKmnf5uHLFaenXMJGu52Q YHJ01JLPw/k4xAOI4SQoShUg4SYigMYC57zhHG8fFeOUtSDYPonHPsLcCnkDMIii8nPawl sOiN2cHOLXq4MDah6km1qbHoAUkkAkwMKv9ZzQDgj3mEMTg9SaMOqiZmL7QxLA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WptHn2z4dzsCF; Wed, 21 Aug 2024 17:15:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LHF1e4057764; Wed, 21 Aug 2024 17:15:01 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LHF1fO057761; Wed, 21 Aug 2024 17:15:01 GMT (envelope-from git) Date: Wed, 21 Aug 2024 17:15:01 GMT Message-Id: <202408211715.47LHF1fO057761@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= Subject: git: 0ebe6df086f3 - releng/13.4 - adduser: create dataset only if home is directly within dataset List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: 0ebe6df086f3bac96945415965a8e0ea1431259a Auto-Submitted: auto-generated The branch releng/13.4 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=0ebe6df086f3bac96945415965a8e0ea1431259a commit 0ebe6df086f3bac96945415965a8e0ea1431259a Author: Mike Karels AuthorDate: 2024-05-20 13:43:34 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2024-08-21 17:13:22 +0000 adduser: create dataset only if home is directly within dataset Currently, if the prefix of the new home directory is a subdirectory of a ZFS dataset, adduser will create a new dataset up one or more levels from the intended destination. "pw useradd" will then create a normal directory in the desired location, leaving an unused dataset. Check for this situation when determining whether to create a dataset, and let pw create the directory. Reviewed by: des Differential Revision: https://reviews.freebsd.org/D45229 MFC after: 3 days Approved by: re (cperciva) (cherry picked from commit 0b39b2e2ddb2df1d1325e042893ddcb1a1c12b8e) (cherry picked from commit da384ffbd5adebd7079b4dadd2592e82232566e0) --- usr.sbin/adduser/adduser.sh | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/usr.sbin/adduser/adduser.sh b/usr.sbin/adduser/adduser.sh index 7c3fdb418179..ecac7478befd 100644 --- a/usr.sbin/adduser/adduser.sh +++ b/usr.sbin/adduser/adduser.sh @@ -474,7 +474,7 @@ get_homeperm() { # so, enable ZFS home dataset creation. # get_zfs_home() { - local _prefix= + local _prefix= _tmp= # check if zfs kernel module is loaded before attempting to run zfs to # prevent loading the kernel module on systems that don't use ZFS @@ -487,6 +487,13 @@ get_zfs_home() { Zcreate="no" return fi + # Make sure that _prefix is not a subdirectory within a dataset. If it + # is, the containing dataset will be the same for it and its parent. + _tmp=$(${ZFSCMD} list -Ho name "$(dirname "${homeprefix}")" 2>/dev/null) + if [ "${_tmp}" = "${_prefix}" ]; then + Zcreate="no" + return + fi zhome="${_prefix}/${username}" } From nobody Wed Aug 21 17:15:02 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WptHp4zlbz5VCHn; Wed, 21 Aug 2024 17:15:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WptHp4M2vz4g6T; Wed, 21 Aug 2024 17:15:02 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724260502; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Kuq4H3/KyK0mW2VRDDxAaQ/iEZPqwqkJhQfgJTuRA7Q=; b=x+YPZ7O796tOAE+jTaUOASMgNabD/B3Irkleysx70+de+1d/FeR+d4/uSZCDyhB9UO05MH Q7W9LpaumVi66xelVhIMYAdtSbfbrPJsenlevQsI/gpwXBNePXX2ydMxliWAgOA2FDps0S wuOGBT7E9uPbN++gyfQ0VxbaUeNtUHHXdbQKvrJhqSHkecAwjdODFKYKK0L8070bzQux6E mS+yMuFVfBVzd9KJ62lR7DvypUKxqHTefLNY4TfaTTjYlZ2xmlXWLUEKn50vEt6QvR+9v5 ksq8k4Y52gCsEvjqKJ/DqWdt5cZ7nCiOq9ltjcVMITQpexK482BWqLxpI2AyZA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724260502; a=rsa-sha256; cv=none; b=Uj3eKcajtJM/VkVhqcKMKfFJs/wqycrPRTW6ClmVwhXyhRD0oRzH96+9YKQpymGBebHlt7 VQOXenqw+AbfXwZ8JPtXAlEBV+7vA7gi56ey/OXifMf5kU/ZeNIx24wxkIvLrEI8p6YV3L cvYYB1vZDUP9i/lDHhuqiPEppsCkN/hR++Xh4mPMTurGgyE5s+3FI2bcyWZ3fqO+ex8IeN ZZJlEvwtvGmUEtaZU6gGCdMXjo4hJ5Z3andC3jTxO2W/CV2PErGbWLrmd0bOR/5bjvQLje WqlvMBIVX+sx3ohbtSaAcx3aNjef5iWwOp+bOkpq7PlLelkBvfqPbF7mq04UTQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724260502; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Kuq4H3/KyK0mW2VRDDxAaQ/iEZPqwqkJhQfgJTuRA7Q=; b=bTJ5mBjb+YgYqGSK/B5PGqcipI+6YR0z3PSREWvjxR0nLes8n73wEAxqZm6hbKE9mWML3l AboUU4qD2i4+XFNZfDWHtFL0iFHU8YHwWQmBBELTx75KaRHoiOn4vJ8WKFpjPncAEtEJDR pQz/gRVOuCFrH8mjN6pK7Z0uy517bRJNWcxvsS2c8OQe99KKrbz0qAnhOWP+clBTt2yfLF 2jR9hmUByLLdSH53kc7oC6yKCEBNKvndNPPEQ0BpoRTXZ5RJdR2X9IRcjIIiKwM7SxIVGb PAQZkymBpptJnS6RMCTkWVuLP/pRifOk03PmkVKMoykNJKvbXn1HXtw6CRiFHw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WptHp3ydqzsv9; Wed, 21 Aug 2024 17:15:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LHF21Y057812; Wed, 21 Aug 2024 17:15:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LHF2v4057809; Wed, 21 Aug 2024 17:15:02 GMT (envelope-from git) Date: Wed, 21 Aug 2024 17:15:02 GMT Message-Id: <202408211715.47LHF2v4057809@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= Subject: git: eb7bf0d07191 - releng/13.4 - adduser: Better document ZFS dataset creation. List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: eb7bf0d071916c2c11bc3f9810861998d7d070a6 Auto-Submitted: auto-generated The branch releng/13.4 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=eb7bf0d071916c2c11bc3f9810861998d7d070a6 commit eb7bf0d071916c2c11bc3f9810861998d7d070a6 Author: Dag-Erling Smørgrav AuthorDate: 2024-08-19 08:30:01 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2024-08-21 17:13:33 +0000 adduser: Better document ZFS dataset creation. MFC after: 3 days PR: 280873 Reviewed by: bcr Differential Revision: https://reviews.freebsd.org/D46316 Approved by: re (cperciva) (cherry picked from commit 9ff2ebd92891b6953bbe44c6d6a6d8bc31f5139f) (cherry picked from commit 8398c81b7c28ea315cb98405accb701502e3636a) --- usr.sbin/adduser/adduser.conf.5 | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/usr.sbin/adduser/adduser.conf.5 b/usr.sbin/adduser/adduser.conf.5 index 09b80f2df021..9663926ee341 100644 --- a/usr.sbin/adduser/adduser.conf.5 +++ b/usr.sbin/adduser/adduser.conf.5 @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd April 12, 2007 +.Dd August 18, 2024 .Dt ADDUSER.CONF 5 .Os .Sh NAME @@ -171,8 +171,12 @@ The default information to be held in the GECOS field of .It Va uidstart The default user ID setting. This must be a number above 1000 and fewer than 65534. -.It Va Zflag -Do not attempt to create ZFS home dataset. +.It Va Zcreate +Set to +.Dq no +to prevent the creation of a ZFS home dataset if +.Va homeprefix +is a ZFS mountpoint. .El .Sh EXAMPLES The following is an example From nobody Wed Aug 21 17:15:03 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WptHr1349z5VCHp; Wed, 21 Aug 2024 17:15:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WptHq5Nd4z4gFp; Wed, 21 Aug 2024 17:15:03 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724260503; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=j57AU2iEp65ttqBoRlxZGYZSNezlixO2naEnZdxOpk8=; b=PLpp76ABSJBQjNbfVMb+5Jc1Wzr46PYUoduF93GJO8kkNRwPIiYtflkjOpf/IS8qTkabK1 vkbHQDnENtRpydn6s1UNgRttAPW3ggGbJAYJLlUt3Nrza9fcNToZCNZg4YsqcDvy+Cyglw 2qhpFyts1/B7XRblcyLgIbPHdTvGnnubWxav+UKCzpdj65kHIl/UBB4HV6OQSG3sI+4lQi CV3xK2yg90mOpE/dHXZFtVV6L81luKXz/UTtaLLPdtucJPlWf23NYdQE13KMkUmSCpbfio 7q0TXiEA6x2ABtwNaAXGiMTJqbKh9549lkABGG4L2GFx6UKrEqrEaa1f2d31Fg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724260503; a=rsa-sha256; cv=none; b=n8z/RXCDPt1qeE3R1jdZ2BzLxGYfSiKIGIieniFLfl/Epy8kIKSLPSFHYkaXXDgvoKPN29 rjBrfZ7Cm8B8qhj3RTbiwhFvOUO2AzM5PGy2QU2ZznnW7OjtIxiaMLmXz3lnMmjd57r+Qe Om8iB0j6j/FLSWYlnab/93VCJ0zRsLPAwW0DD+jbsVt5TxuULSWhiWG/jue2kzfFSoK+Bk RFr2huuLewct1n91R2EqHSU4XM49PkgKsLJ3k+TN8NZigyDpHrU6SBrwH2SnUqMt8eNqW8 W+cLp8nnSi5//WhbxsUExU+swEuyoCVO6bqFSBEPpmythrG9z6bF/YAi4ydAOw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724260503; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=j57AU2iEp65ttqBoRlxZGYZSNezlixO2naEnZdxOpk8=; b=JCSCglBky8W7CQRaZ5S/Fjsvn4LyvGJJtQysIeXr27/z59s0qZmQSghCGAkAXYi5GbIGW6 p6HwX4VJ5mAfsNgV3u4SuHIdROqKSipPrnyALxH/UbWhqLKpMZiOPq7F3TMYv6QDbjnhcT pbaC0isJauNDd9yOS8cUbTbf20ZRGMDaFiZpkDb/dLkk1qks0mty6RnlUNfdu+l069mbmF jfpRDXEndrtkWdAbQgFYfAVKbdq2UqBRBJQqIBYVAW5mBZs+tBbOECzb/FA14IM+rI5ce4 F4W/l7elNr7Jz5OxDkez7THsszUIOQb6Cbe6qC6NTCr6vq/taw3A4BsNTUxitA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WptHq519yzssT; Wed, 21 Aug 2024 17:15:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47LHF3EI057868; Wed, 21 Aug 2024 17:15:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47LHF3tb057865; Wed, 21 Aug 2024 17:15:03 GMT (envelope-from git) Date: Wed, 21 Aug 2024 17:15:03 GMT Message-Id: <202408211715.47LHF3tb057865@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= Subject: git: 7847d5e56cdc - releng/13.4 - pw userdel: destroy home dataset if empty List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: 7847d5e56cdc35e42dea1f801ccb01e2a96993e6 Auto-Submitted: auto-generated The branch releng/13.4 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=7847d5e56cdc35e42dea1f801ccb01e2a96993e6 commit 7847d5e56cdc35e42dea1f801ccb01e2a96993e6 Author: Mike Karels AuthorDate: 2024-05-29 23:55:14 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2024-08-21 17:13:40 +0000 pw userdel: destroy home dataset if empty When removing a user's home directory, if the directory is a ZFS dataset, it cannot be removed. If the directory has been emptied, use "zfs destroy" to destroy it. This complements the automatic dataset creation in adduser. Note that datasets within the directory and snapshots are not handled, as the complete path is not constructed. While here, add waitpid() calls to rmat() and pw_user_del(). Reviewed by: des Differential Revision: https://reviews.freebsd.org/D45348 Approved by: re (cperciva) (cherry picked from commit d2f1f71ec8c62dd26d6169d0d671a5aa5a933c1a) (cherry picked from commit cd13258d266411c39944021ae46f5fcd724faa4a) --- usr.sbin/pw/pw.8 | 6 ++- usr.sbin/pw/pw_user.c | 15 ++++--- usr.sbin/pw/pwupd.h | 2 +- usr.sbin/pw/rm_r.c | 113 +++++++++++++++++++++++++++++++++++++++++++++----- 4 files changed, 118 insertions(+), 18 deletions(-) diff --git a/usr.sbin/pw/pw.8 b/usr.sbin/pw/pw.8 index 5d461fc6464e..5ba35c193811 100644 --- a/usr.sbin/pw/pw.8 +++ b/usr.sbin/pw/pw.8 @@ -741,6 +741,9 @@ Secondly, it will only remove files and directories that are actually owned by the user, or symbolic links owned by anyone under the user's home directory. Finally, after deleting all contents owned by the user only empty directories will be removed. +If the home directory is a ZFS dataset and has been emptied, +the dataset will be destroyed. +ZFS datasets within the home directory and snapshots are not handled. If any additional cleanup work is required, this is left to the administrator. .El .Pp @@ -1077,7 +1080,8 @@ No base home directory configured. .Xr passwd 5 , .Xr pw.conf 5 , .Xr pwd_mkdb 8 , -.Xr vipw 8 +.Xr vipw 8 , +.Xr zfs 8 .Sh HISTORY The .Nm diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c index ebe80977fa0e..7d919847aa93 100644 --- a/usr.sbin/pw/pw_user.c +++ b/usr.sbin/pw/pw_user.c @@ -28,7 +28,7 @@ */ #include -#include +#include #include #include @@ -687,6 +687,7 @@ rmat(uid_t uid) while ((e = readdir(d)) != NULL) { struct stat st; + pid_t pid; if (strncmp(e->d_name, ".lock", 5) != 0 && stat(e->d_name, &st) == 0 && @@ -697,11 +698,12 @@ rmat(uid_t uid) e->d_name, NULL }; - if (posix_spawn(NULL, argv[0], NULL, NULL, + if (posix_spawn(&pid, argv[0], NULL, NULL, (char *const *) argv, environ)) { warn("Failed to execute '%s %s'", argv[0], argv[1]); - } + } else + (void) waitpid(pid, NULL, 0); } } closedir(d); @@ -971,11 +973,14 @@ pw_user_del(int argc, char **argv, char *arg1) "-r", NULL }; - if (posix_spawnp(NULL, argv[0], NULL, NULL, + pid_t pid; + + if (posix_spawnp(&pid, argv[0], NULL, NULL, (char *const *) argv, environ)) { warn("Failed to execute '%s %s'", argv[0], argv[1]); - } + } else + (void) waitpid(pid, NULL, 0); } } diff --git a/usr.sbin/pw/pwupd.h b/usr.sbin/pw/pwupd.h index 4eff0be81066..55d359d5cc6f 100644 --- a/usr.sbin/pw/pwupd.h +++ b/usr.sbin/pw/pwupd.h @@ -140,7 +140,7 @@ void vendgrent(void); void copymkdir(int rootfd, char const * dir, int skelfd, mode_t mode, uid_t uid, gid_t gid, int flags); -void rm_r(int rootfd, char const * dir, uid_t uid); +bool rm_r(int rootfd, char const * dir, uid_t uid); __END_DECLS #endif /* !_PWUPD_H */ diff --git a/usr.sbin/pw/rm_r.c b/usr.sbin/pw/rm_r.c index 14218d68215b..f25da8ce6ad3 100644 --- a/usr.sbin/pw/rm_r.c +++ b/usr.sbin/pw/rm_r.c @@ -26,35 +26,58 @@ * SUCH DAMAGE. */ +#include +#include #include +#include #include +#include +#include #include +#include +#include +#include +#include +#include +#include #include #include #include "pwupd.h" -void +static bool try_dataset_remove(const char *home); +extern char **environ; + +/* + * "rm -r" a directory tree. If the top-level directory cannot be removed + * due to EBUSY, indicating that it is a ZFS dataset, and we have emptied + * it, destroy the dataset. Return true if any files or directories + * remain. + */ +bool rm_r(int rootfd, const char *path, uid_t uid) { int dirfd; DIR *d; struct dirent *e; struct stat st; + const char *fullpath; + bool skipped = false; + fullpath = path; if (*path == '/') path++; dirfd = openat(rootfd, path, O_DIRECTORY); if (dirfd == -1) { - return; + return (true); } d = fdopendir(dirfd); if (d == NULL) { (void)close(dirfd); - return; + return (true); } while ((e = readdir(d)) != NULL) { if (strcmp(e->d_name, ".") == 0 || strcmp(e->d_name, "..") == 0) @@ -62,16 +85,84 @@ rm_r(int rootfd, const char *path, uid_t uid) if (fstatat(dirfd, e->d_name, &st, AT_SYMLINK_NOFOLLOW) != 0) continue; - if (S_ISDIR(st.st_mode)) - rm_r(dirfd, e->d_name, uid); - else if (S_ISLNK(st.st_mode) || st.st_uid == uid) + if (S_ISDIR(st.st_mode)) { + if (rm_r(dirfd, e->d_name, uid) == true) + skipped = true; + } else if (S_ISLNK(st.st_mode) || st.st_uid == uid) unlinkat(dirfd, e->d_name, 0); + else + skipped = true; } closedir(d); if (fstatat(rootfd, path, &st, AT_SYMLINK_NOFOLLOW) != 0) - return; - if (S_ISLNK(st.st_mode)) - unlinkat(rootfd, path, 0); - else if (st.st_uid == uid) - unlinkat(rootfd, path, AT_REMOVEDIR); + return (skipped); + if (S_ISLNK(st.st_mode)) { + if (unlinkat(rootfd, path, 0) == -1) + skipped = true; + } else if (st.st_uid == uid) { + if (unlinkat(rootfd, path, AT_REMOVEDIR) == -1) { + if (errno == EBUSY && skipped == false) + skipped = try_dataset_remove(fullpath); + else + skipped = true; + } + } else + skipped = true; + + return (skipped); +} + +/* + * If the home directory is a ZFS dataset, attempt to destroy it. + * Return true if the dataset is not destroyed. + * This would be more straightforward as a shell script. + */ +static bool +try_dataset_remove(const char *path) +{ + bool skipped = true; + struct statfs stat; + const char *argv[] = { + "/sbin/zfs", + "destroy", + NULL, + NULL + }; + int status; + pid_t pid; + + /* see if this is an absolute path (top-level directory) */ + if (*path != '/') + return (skipped); + /* see if ZFS is loaded */ + if (kld_isloaded("zfs") == 0) + return (skipped); + /* This won't work if root dir is not / (-R option) */ + if (strcmp(conf.rootdir, "/") != 0) { + warnx("cannot destroy home dataset when -R was used"); + return (skipped); + } + /* if so, find dataset name */ + if (statfs(path, &stat) != 0) { + warn("statfs %s", path); + return (skipped); + } + /* + * Check that the path refers to the dataset itself, + * not a subdirectory. + */ + if (strcmp(stat.f_mntonname, path) != 0) + return (skipped); + argv[2] = stat.f_mntfromname; + if ((skipped = posix_spawn(&pid, argv[0], NULL, NULL, + (char *const *) argv, environ)) != 0) { + warn("Failed to execute '%s %s %s'", + argv[0], argv[1], argv[2]); + } else { + if (waitpid(pid, &status, 0) != -1 && status != 0) { + warnx("'%s %s %s' exit status %d\n", + argv[0], argv[1], argv[2], status); + } + } + return (skipped); } From nobody Thu Aug 22 07:55:57 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WqFrF6Z63z5Tr3t; Thu, 22 Aug 2024 07:55:57 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WqFrF64Gkz43sQ; Thu, 22 Aug 2024 07:55:57 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724313357; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oFcv+A16KNG04rV3sxMS34DhrW2QuyxYAZAwVKaZj+M=; b=PChZkWNRaSqdSDaCSYYZdEC4CZZ7rmobi4uSOGQY9ughKgI9KT/VCw7Le1v/L9CDA0uPDr 6Henn/wOuuNouLpbe/pyUyCWChRH7u6nlavp/9C7qsZx5wVYnLZAjWzhLynzNp4iV7gH24 Jxr9AKbyJi1Wil78C9nuASaW0NwgxDShnzsmlS16gpHU/cpfUMRSsCGcKAdCz5H3UofVoT E68KB2l1Ru29mYWPwbSHHpjmo9QU3uQ7neHM5l6jRi69BZK0TE7fVBfTmfACMv9TS/cLLf s3ZTKcs5Q9fyfAkCtOYnxTSPz4TQBQ01e1pwZ0NdXFNKOvq1wK+x8owV2zqkNw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724313357; a=rsa-sha256; cv=none; b=lXlTWhRLn4oymqfZzTbgzSNnqg8v7fjW32X8stlAc/4V+g8/8eC+N1hS1PUFPe4Ht7+cLt hDZv/43U4jL+SBS2J6kGiJakZL2mjCdVFCmJaWabzBygdrrudTDUww28+XPG/uD0k8bncE 61dng/4RXPhC1JHx40VvxLaojLk299fHFej0W7jByUBtmVUZpIAOJ6bERoA42Cv7Xidzyo A1Ub0Y9QgcfbYHxZBxZJ0e6C8RMYpnzmTMHg+EqA70mk9kOmSdAlMRZwz4hPEBAf/reLVH HTi1v8bsLf5LBvPjD4oBfOuTJE2suHf68ncTSo+OzB3xXcgnfo4hvg5ThhjYPw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724313357; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oFcv+A16KNG04rV3sxMS34DhrW2QuyxYAZAwVKaZj+M=; b=LRuVuMElnFUca+LilIDukERG4hlYGLhXrS90eqmCMdDpxUzRC7vHFSPAVBDbgcmDqZgBqX i3xDQkRrSEvk6VxeFmUFqMj0ee7jqPhena7kdDMkxJCQffD/1MbF5KGlcwat8SzAakEwGY zW7UK3fC35iQ5B2evOnaUcxLMhbQdwuTezyqH8ghLni0oSH2ixFVpviRiJ9xY+THY7VIkJ AyKs4+D9QGSZsLKa6DJXTLwhFbl7Wu7XBTn8WcQwkpC8xMxbmKnmDAPElyUOsS18+v2FZM Jb397Kh65V9Wz0wNlmTkqIwAIwZsfZkZdlWkqT2IeGG9LucZDNd3FJeXIBbfVw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WqFrF5LcRzJhy; Thu, 22 Aug 2024 07:55:57 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47M7tvIx048275; Thu, 22 Aug 2024 07:55:57 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47M7tvud048272; Thu, 22 Aug 2024 07:55:57 GMT (envelope-from git) Date: Thu, 22 Aug 2024 07:55:57 GMT Message-Id: <202408220755.47M7tvud048272@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 1d0920986f0b - stable/14 - Makefile.ec2: Add missing CLEANFILES entry List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 1d0920986f0b0cdb2de0456620a795e2a39780ce Auto-Submitted: auto-generated The branch stable/14 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=1d0920986f0b0cdb2de0456620a795e2a39780ce commit 1d0920986f0b0cdb2de0456620a795e2a39780ce Author: Colin Percival AuthorDate: 2024-08-18 01:59:18 +0000 Commit: Colin Percival CommitDate: 2024-08-22 07:55:48 +0000 Makefile.ec2: Add missing CLEANFILES entry Without this, "make clean ec2ami" won't build a new AMI. MFC after: 3 days Sponsored by: Amazon (cherry picked from commit e06022e1bfc263e8b1393c7b948707a250f16f83) --- release/Makefile.ec2 | 1 + 1 file changed, 1 insertion(+) diff --git a/release/Makefile.ec2 b/release/Makefile.ec2 index 8f5f6f205779..4363aac21369 100644 --- a/release/Makefile.ec2 +++ b/release/Makefile.ec2 @@ -60,6 +60,7 @@ cw-ec2-portinstall: SSMOPTS_${_FL}_${_FS}= --ssm-name ${SSMPREFIX}/${TARGET_ARCH:S/aarch64/arm64/}/${_FL}/${_FS}/${REVISION}/${BRANCH} .endif EC2AMILIST+= ec2ami-${_FL}-${_FS} +CLEANFILES+= ec2ami-${_FL}-${_FS} ec2ami-${_FL}-${_FS}: cw-ec2-${_FL}-${_FS} ${CW_EC2_PORTINSTALL} .if !defined(AWSKEYFILE) || !exists(${AWSKEYFILE}) @echo "--------------------------------------------------------------" From nobody Thu Aug 22 19:03:35 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WqXfb4KTRz5TSP8; Thu, 22 Aug 2024 19:03:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WqXfb3R7vz4JZd; Thu, 22 Aug 2024 19:03:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724353415; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xvoBel26OE6vb3Mqr5+RtMslnWwsxXScSbbi8gwWoHk=; b=LGNnchfJKo/TpVPYGX3fXwoBZjoIrPW3N7FDH+5uQjknqrUf5sL7AJH1zB7JSfV6Ty36Qa SUhwhZ8Vkhu4tSe1pKTN1a/Lz6ZwHKyBV+cboJ+AX814a6GIlFBr7EkT6NUnmSZPfI2t6S moLBLnCB9FF+vmvTzxgdd2BqE29pxYnohHllk8l3E4uPYUzT93SPwayLmiJrCwsy2C6DEl Fy+GBYnZZyRbWIYtsO1eD91TKGSyjDDLzRlQ54k00JtGEELAlSvsw+K+LnetUNLc4ZG0Qm dDhM2PRBJOHG9HtmCws8exfWSlaN/T/jo5rkNW/aZ69Qnf2Kb7ajDBtkMz2uug== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724353415; a=rsa-sha256; cv=none; b=OHEWkSdr189jFuGobti896mc5aXdtFOMOZwngz61JlfQgTN7m6tra0JPuJDPMM1owFDuKb z59mx1j5VsKKvWJQwep9Ezxu8iwZyG3nx0dLeyQj8ny3CN0AmZ9XOm+990mpkwVZXvL6rZ ze0NgBEw5VelHWFiYYwik7nTCcQQYcLExlpol8yv8NFAUIgLdhj4ddgBdIq9TqNYa0deUB O9MBGSD3cf2RjhrYFPWNUM0iOpO0CFjX7YaZQatRgeAgUeXrDMgsLKiLjFA8SsBQeXFnEr Pd17NAEWMjPva9021eBObaq4wi7KX54adCwM1AKyq8hFy1D7QZ5peA3//BBFRg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724353415; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xvoBel26OE6vb3Mqr5+RtMslnWwsxXScSbbi8gwWoHk=; b=KJxaRlF6N8sa/sNw8FXLjW7WDGl5DRXIvKAlUdG+eZ28FQyAAO9x1xVlDtTGvrEqKxKPVO gdvcoKIuooOmkVheMkHnupU1R0qJwo+0Heiq075lyMzRebNKztneCOjqYUEqs2gtty9APm h0A0LGniFX9upPUHn0SjFGDf911Vn6o5bjAQPhclOEGy9AcWsJM4m13GPHtfSViLITAn5o KXledSSX5SdAz4r2T7dhMIsexz9FGZqTcR7LtcvKUfrIpAP7P/jNbNAv/swDOZjNNMWBcX OolXfxQ+7bYU5A6Jq9wH02/KIkFnvGsV7fndFeSwpEsZRGw7Cbpx82rZkgZetg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WqXfb32D8zg0Q; Thu, 22 Aug 2024 19:03:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47MJ3ZWn083083; Thu, 22 Aug 2024 19:03:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47MJ3Zj7083080; Thu, 22 Aug 2024 19:03:35 GMT (envelope-from git) Date: Thu, 22 Aug 2024 19:03:35 GMT Message-Id: <202408221903.47MJ3Zj7083080@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: b75115dfd4f6 - stable/13 - pf tests: ensure temporary files end up in the atf working directory List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: b75115dfd4f6bb37aabf015eb1861ed8a879e1ee Auto-Submitted: auto-generated The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=b75115dfd4f6bb37aabf015eb1861ed8a879e1ee commit b75115dfd4f6bb37aabf015eb1861ed8a879e1ee Author: Kristof Provost AuthorDate: 2024-07-19 13:13:33 +0000 Commit: Kristof Provost CommitDate: 2024-08-22 07:36:06 +0000 pf tests: ensure temporary files end up in the atf working directory Many of the tests create temporary files. pid files, log files, tcpdump captures, ... We should take care to ensure they're stored in the temporary working directory Kyua creates rather than in the root directory. This ensures there are no conflicts between simultaneously running tests, and also keeps the root directory clean. MFC after: 1 month Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit b0fcf4d5222bfdbbc0e2af2b14f0d73704706aa0) --- tests/sys/netpfil/common/dummynet.sh | 4 ++-- tests/sys/netpfil/pf/altq.sh | 2 +- tests/sys/netpfil/pf/killstate.sh | 2 +- tests/sys/netpfil/pf/map_e.sh | 3 +-- tests/sys/netpfil/pf/nat.sh | 3 +-- tests/sys/netpfil/pf/proxy.sh | 2 +- tests/sys/netpfil/pf/ridentifier.sh | 16 +++++++--------- tests/sys/netpfil/pf/route_to.sh | 3 +-- tests/sys/netpfil/pf/syncookie.sh | 15 ++++++--------- tests/sys/netpfil/pf/synproxy.sh | 9 +++------ 10 files changed, 24 insertions(+), 35 deletions(-) diff --git a/tests/sys/netpfil/common/dummynet.sh b/tests/sys/netpfil/common/dummynet.sh index a508d829bd0b..e9c25ee1775f 100644 --- a/tests/sys/netpfil/common/dummynet.sh +++ b/tests/sys/netpfil/common/dummynet.sh @@ -128,7 +128,7 @@ queue_body() ifconfig ${epair}a 192.0.2.1/24 up jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/../pf/echo_inetd.conf # Sanity check @@ -230,7 +230,7 @@ queue_v6_body() ifconfig ${epair}a inet6 2001:db8:42::1/64 no_dad up jexec alcatraz ifconfig ${epair}b inet6 2001:db8:42::2 no_dad up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/../pf/echo_inetd.conf # Sanity check diff --git a/tests/sys/netpfil/pf/altq.sh b/tests/sys/netpfil/pf/altq.sh index 8622ce72dfbf..e021afd6e85f 100644 --- a/tests/sys/netpfil/pf/altq.sh +++ b/tests/sys/netpfil/pf/altq.sh @@ -212,7 +212,7 @@ prioritise_body() ifconfig ${epair}a 192.0.2.1/24 up jexec altq_prioritise ifconfig ${epair}b 192.0.2.2/24 up - jexec altq_prioritise /usr/sbin/inetd -p inetd-altq.pid \ + jexec altq_prioritise /usr/sbin/inetd -p ${PWD}/inetd-altq.pid \ $(atf_get_srcdir)/../pf/echo_inetd.conf # Sanity check diff --git a/tests/sys/netpfil/pf/killstate.sh b/tests/sys/netpfil/pf/killstate.sh index 1ae6c2599726..f3c2a3897d84 100644 --- a/tests/sys/netpfil/pf/killstate.sh +++ b/tests/sys/netpfil/pf/killstate.sh @@ -413,7 +413,7 @@ match_body() vnet_mkjail singsing ${epair_two}b jexec singsing ifconfig ${epair_two}b 198.51.100.2/24 up jexec singsing route add default 198.51.100.1 - jexec singsing /usr/sbin/inetd -p inetd-echo.pid \ + jexec singsing /usr/sbin/inetd -p ${PWD}/inetd-echo.pid \ $(atf_get_srcdir)/echo_inetd.conf route add 198.51.100.0/24 192.0.2.2 diff --git a/tests/sys/netpfil/pf/map_e.sh b/tests/sys/netpfil/pf/map_e.sh index 742264dcf547..59f9e7f7e14c 100644 --- a/tests/sys/netpfil/pf/map_e.sh +++ b/tests/sys/netpfil/pf/map_e.sh @@ -53,7 +53,7 @@ map_e_body() jexec map_e sysctl net.inet.ip.forwarding=1 jexec echo ifconfig ${epair_echo}b 198.51.100.2/24 up - jexec echo /usr/sbin/inetd -p inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf + jexec echo /usr/sbin/inetd -p ${PWD}/inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf # Enable pf! jexec map_e pfctl -e @@ -81,7 +81,6 @@ map_e_body() map_e_cleanup() { - rm -f inetd-echo.pid pft_cleanup } diff --git a/tests/sys/netpfil/pf/nat.sh b/tests/sys/netpfil/pf/nat.sh index 4ceded782cfb..ca83e432fea6 100644 --- a/tests/sys/netpfil/pf/nat.sh +++ b/tests/sys/netpfil/pf/nat.sh @@ -51,7 +51,7 @@ exhaust_body() jexec nat sysctl net.inet.ip.forwarding=1 jexec echo ifconfig ${epair_echo}b 198.51.100.2/24 up - jexec echo /usr/sbin/inetd -p inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf + jexec echo /usr/sbin/inetd -p ${PWD}/inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf # Enable pf! jexec nat pfctl -e @@ -79,7 +79,6 @@ exhaust_body() exhaust_cleanup() { - rm -f inetd-echo.pid pft_cleanup } diff --git a/tests/sys/netpfil/pf/proxy.sh b/tests/sys/netpfil/pf/proxy.sh index 4a7ea00a0cd4..b112001ef2b4 100644 --- a/tests/sys/netpfil/pf/proxy.sh +++ b/tests/sys/netpfil/pf/proxy.sh @@ -57,7 +57,7 @@ ftp_body() jexec srv route add default 198.51.100.1 # Start FTP server in srv - jexec srv twistd ftp -r `pwd` -p 21 + jexec srv twistd --logfile=/dev/null ftp -r `pwd` -p 21 # Sanity check atf_check -s exit:0 -o ignore ping -c 1 198.51.100.2 diff --git a/tests/sys/netpfil/pf/ridentifier.sh b/tests/sys/netpfil/pf/ridentifier.sh index c456d2111e20..8d83bcfb8213 100644 --- a/tests/sys/netpfil/pf/ridentifier.sh +++ b/tests/sys/netpfil/pf/ridentifier.sh @@ -45,7 +45,7 @@ basic_body() vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig lo0 up jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid $(atf_get_srcdir)/echo_inetd.conf + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid $(atf_get_srcdir)/echo_inetd.conf # Sanity check atf_check -s exit:0 -o ignore ping -c 1 192.0.2.2 @@ -56,7 +56,7 @@ basic_body() "pass in log" \ "pass in log proto tcp ridentifier 1234" - jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > tcpdump.log & + jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > ${PWD}/tcpdump.log & sleep 1 echo "test" | nc -N 192.0.2.2 7 @@ -67,17 +67,17 @@ basic_body() # Make sure we spotted the ridentifier atf_check -s exit:0 -o ignore \ - grep 'rule 1/0.*ridentifier 1234' tcpdump.log + grep 'rule 1/0.*ridentifier 1234' ${PWD}/tcpdump.log # But not on the !TCP traffic atf_check -s exit:1 -o ignore \ - grep 'rule 0/0.*ridentifier' tcpdump.log + grep 'rule 0/0.*ridentifier' ${PWD}/tcpdump.log # Now try with antispoof rules pft_set_rules alcatraz \ "pass in log" \ "antispoof log for ${epair}b ridentifier 4321" - jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > tcpdump.log & + jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > ${PWD}/tcpdump.log & sleep 1 # Without explicit rules for lo0 we're going to drop packets to ourself @@ -87,18 +87,16 @@ basic_body() sleep 1 jexec alcatraz killall tcpdump - cat tcpdump.log + cat ${PWD}/tcpdump.log # Make sure we spotted the ridentifier atf_check -s exit:0 -o ignore \ - grep 'rule 2/0.*ridentifier 4321' tcpdump.log + grep 'rule 2/0.*ridentifier 4321' ${PWD}/tcpdump.log } basic_cleanup() { pft_cleanup - rm -f inetd-alcatraz.pid - rm -f tcpdump.log } atf_init_test_cases() diff --git a/tests/sys/netpfil/pf/route_to.sh b/tests/sys/netpfil/pf/route_to.sh index 669cddbb0012..06fa14c6918c 100644 --- a/tests/sys/netpfil/pf/route_to.sh +++ b/tests/sys/netpfil/pf/route_to.sh @@ -140,7 +140,7 @@ multiwan_body() jexec srv sysctl net.inet.ip.forwarding=1 # Run echo server in srv jail - jexec srv /usr/sbin/inetd -p multiwan.pid $(atf_get_srcdir)/echo_inetd.conf + jexec srv /usr/sbin/inetd -p ${PWD}/multiwan.pid $(atf_get_srcdir)/echo_inetd.conf jexec srv pfctl -e pft_set_rules srv \ @@ -178,7 +178,6 @@ multiwan_body() multiwan_cleanup() { - rm -f multiwan.pid pft_cleanup } diff --git a/tests/sys/netpfil/pf/syncookie.sh b/tests/sys/netpfil/pf/syncookie.sh index 814593adbf98..b295bcf354f7 100644 --- a/tests/sys/netpfil/pf/syncookie.sh +++ b/tests/sys/netpfil/pf/syncookie.sh @@ -51,7 +51,7 @@ basic_body() vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig ${epair}b 192.0.2.1/24 up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf ifconfig ${epair}a 192.0.2.2/24 up @@ -81,7 +81,7 @@ basic_body() basic_cleanup() { - rm -f inetd-alcatraz.pid + rm -f ${PWD}/inetd-alcatraz.pid pft_cleanup } @@ -100,7 +100,7 @@ basic_v6_body() vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig ${epair}b inet6 2001:db8::1/64 up no_dad - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf ifconfig ${epair}a inet6 2001:db8::2/64 up no_dad @@ -130,7 +130,6 @@ basic_v6_body() basic_v6_cleanup() { - rm -f inetd-alcatraz.pid pft_cleanup } @@ -157,7 +156,7 @@ forward_body() jexec srv ifconfig ${epair_out}b 198.51.100.2/24 up jexec srv route add default 198.51.100.1 - jexec srv /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec srv /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf ifconfig ${epair_in}a 192.0.2.2/24 up @@ -181,7 +180,6 @@ forward_body() forward_cleanup() { - rm -f inetd-alcatraz.pid pft_cleanup } @@ -208,7 +206,7 @@ forward_v6_body() jexec srv ifconfig ${epair_out}b inet6 2001:db8:1::2/64 up no_dad jexec srv route -6 add default 2001:db8:1::1 - jexec srv /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec srv /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf ifconfig ${epair_in}a inet6 2001:db8::2/64 up no_dad @@ -232,7 +230,6 @@ forward_v6_body() forward_v6_cleanup() { - rm -f inetd-alcatraz.pid pft_cleanup } @@ -408,7 +405,7 @@ port_reuse_body() vnet_mkjail alcatraz ${epair}b vnet_mkjail singsing jexec alcatraz ifconfig ${epair}b 192.0.2.1/24 up - jexec alcatraz /usr/sbin/inetd -p ${HOME}/inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf ifconfig ${epair}a 192.0.2.2/24 up diff --git a/tests/sys/netpfil/pf/synproxy.sh b/tests/sys/netpfil/pf/synproxy.sh index 3b3dc62b8993..617fa6ba2afc 100644 --- a/tests/sys/netpfil/pf/synproxy.sh +++ b/tests/sys/netpfil/pf/synproxy.sh @@ -52,7 +52,7 @@ synproxy_body() jexec singsing ifconfig ${link}b 198.51.100.2/24 up jexec singsing route add default 198.51.100.1 - jexec singsing /usr/sbin/inetd -p inetd-singsing.pid $(atf_get_srcdir)/echo_inetd.conf + jexec singsing /usr/sbin/inetd -p ${PWD}/inetd-singsing.pid $(atf_get_srcdir)/echo_inetd.conf jexec alcatraz pfctl -e pft_set_rules alcatraz "set fail-policy return" \ @@ -74,7 +74,6 @@ synproxy_body() synproxy_cleanup() { - rm -f inetd-singsing.pid pft_cleanup } @@ -94,7 +93,7 @@ local_body() vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig ${epair}b 192.0.2.1/24 up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf jexec alcatraz pfctl -e @@ -115,7 +114,6 @@ local_body() local_cleanup() { - rm -f inetd-alcatraz.pid pft_cleanup } @@ -135,7 +133,7 @@ local_v6_body() vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig ${epair}b inet6 2001:db8:42::2/64 up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf jexec alcatraz pfctl -e @@ -155,7 +153,6 @@ local_v6_body() local_v6_cleanup() { - rm -f inetd-alcatraz.pid pft_cleanup } From nobody Thu Aug 22 19:03:35 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WqXfc1JNJz5TSKD; Thu, 22 Aug 2024 19:03:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WqXfb6Zfwz4JpT; Thu, 22 Aug 2024 19:03:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724353415; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=02THse0707N+g9BOX+/QjmsWsiAjtOgLCtgxBiE99pE=; b=bH5XxNjE+R5NyWoDtjLCKpkVHB+AHl+MtYFoRWkzwUvJXYh9kpc+jEQ9/pXmrAyacqdhV6 a9R7juuxorTrJArL1jXvW2xju4J/8yTdgJzUcNrLN8c+TbIsbcQrld1R0SfuDwsssTxs6E ShSz7D2ybPOeXRXtbkke4pQLya/NiMcvJ54E1/FvZ+j7hvynhdjXeO4v27N4ZRRyg6ey8v I4WjL3QtrzVWyW7RJbTiiphDVOWoLqvnS0HghISmfTU/lQ27IDxtq8vDXLMECbKBnF0Sct LKz/SAkYCnoPosxIdvhfoKB8qtswwhq+XmvflKcfDpI14ALBmYDnj7jyDvtoKg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724353415; a=rsa-sha256; cv=none; b=vrkoeaj++EqyMJoed/WTt0wXn51tht2tnQddrRpG1q6WNyn4HhxBkx+S4mRvTodGQJn8lB CUdQWX4NF7I/TnHLTV51UjUVGgsMwwZ01HN722uSHn1kHkQx0G8a+S7h7vW+l+KkdGQCf0 02Fd95sLh9TAzJdx3Vo/Ke0NzCgYTCmkjmrCKZBKbcI2MtbLI1iBq2o50E85xLFJVRhE+g TCqU7WvUwVeAGNfehSUeN3r9kOvzR+6AiaYYHuyOjak3FizCNirtQUKl5/5IIffDqFU28C tQy5Lpho8xZ3G1q00hSxsgn0QeXCErI4/KqK06yItjJNYDiCnMmguwE1KeksjA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724353415; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=02THse0707N+g9BOX+/QjmsWsiAjtOgLCtgxBiE99pE=; b=Q5WBAgjHu/vhUTAy72GDwYFvBTmPJSl1Mfm3uNN97zPL09FbZMxMsoD+cq+9kwbHW7DFgv 6v0kP8Fz2BXVmzGSSo0aK4FzlU+/KODJPj86nH2me8T3ScM3eUoep4roanC9ROpiqioM05 Z88+4+vwoizvZVf5DZUd5c/kwFBb0q8+XywseGnNGxxZv+xnMdNkLBohk0WQ7nyaDefjtS joWjTSfQZqNEAOTfSmGhC0VqHzT+u2mJZ0NBAWgkUWWh/FBVxl/Hk8eiQaYu9lc70vt/y+ 7gcqRZRUXGJiIg7VOykYVsExndquDtswxjHIBvNWb9MHE/yn3PT2fzEWyIh2QA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WqXfb690fzfK6; Thu, 22 Aug 2024 19:03:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47MJ3Znw083206; Thu, 22 Aug 2024 19:03:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47MJ3ZYO083203; Thu, 22 Aug 2024 19:03:35 GMT (envelope-from git) Date: Thu, 22 Aug 2024 19:03:35 GMT Message-Id: <202408221903.47MJ3ZYO083203@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 145f5005aea3 - stable/14 - pf tests: ensure temporary files end up in the atf working directory List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 145f5005aea398e88333a3d86d288bac811920b2 Auto-Submitted: auto-generated The branch stable/14 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=145f5005aea398e88333a3d86d288bac811920b2 commit 145f5005aea398e88333a3d86d288bac811920b2 Author: Kristof Provost AuthorDate: 2024-07-19 13:13:33 +0000 Commit: Kristof Provost CommitDate: 2024-08-22 19:01:33 +0000 pf tests: ensure temporary files end up in the atf working directory Many of the tests create temporary files. pid files, log files, tcpdump captures, ... We should take care to ensure they're stored in the temporary working directory Kyua creates rather than in the root directory. This ensures there are no conflicts between simultaneously running tests, and also keeps the root directory clean. MFC after: 1 month Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit b0fcf4d5222bfdbbc0e2af2b14f0d73704706aa0) --- tests/sys/netpfil/common/dummynet.sh | 4 ++-- tests/sys/netpfil/pf/altq.sh | 2 +- tests/sys/netpfil/pf/ether.sh | 4 ++-- tests/sys/netpfil/pf/killstate.sh | 2 +- tests/sys/netpfil/pf/map_e.sh | 3 +-- tests/sys/netpfil/pf/nat.sh | 3 +-- tests/sys/netpfil/pf/proxy.sh | 2 +- tests/sys/netpfil/pf/ridentifier.sh | 16 +++++++--------- tests/sys/netpfil/pf/route_to.sh | 3 +-- tests/sys/netpfil/pf/syncookie.sh | 15 ++++++--------- tests/sys/netpfil/pf/synproxy.sh | 9 +++------ 11 files changed, 26 insertions(+), 37 deletions(-) diff --git a/tests/sys/netpfil/common/dummynet.sh b/tests/sys/netpfil/common/dummynet.sh index 7537231c13bd..ab96bedb1ec0 100644 --- a/tests/sys/netpfil/common/dummynet.sh +++ b/tests/sys/netpfil/common/dummynet.sh @@ -277,7 +277,7 @@ queue_body() ifconfig ${epair}a 192.0.2.1/24 up jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/../pf/echo_inetd.conf # Sanity check @@ -385,7 +385,7 @@ queue_v6_body() ifconfig ${epair}a inet6 2001:db8:42::1/64 no_dad up jexec alcatraz ifconfig ${epair}b inet6 2001:db8:42::2 no_dad up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/../pf/echo_inetd.conf jexec alcatraz sysctl net.inet6.icmp6.errppslimit=0 diff --git a/tests/sys/netpfil/pf/altq.sh b/tests/sys/netpfil/pf/altq.sh index a902c7caaf4f..416a55777849 100644 --- a/tests/sys/netpfil/pf/altq.sh +++ b/tests/sys/netpfil/pf/altq.sh @@ -212,7 +212,7 @@ prioritise_body() ifconfig ${epair}a 192.0.2.1/24 up jexec altq_prioritise ifconfig ${epair}b 192.0.2.2/24 up - jexec altq_prioritise /usr/sbin/inetd -p inetd-altq.pid \ + jexec altq_prioritise /usr/sbin/inetd -p ${PWD}/inetd-altq.pid \ $(atf_get_srcdir)/../pf/echo_inetd.conf # Sanity check diff --git a/tests/sys/netpfil/pf/ether.sh b/tests/sys/netpfil/pf/ether.sh index e1855949476b..0369e0e57ee6 100644 --- a/tests/sys/netpfil/pf/ether.sh +++ b/tests/sys/netpfil/pf/ether.sh @@ -362,8 +362,8 @@ captive_long_body() # ICMP should still work, because we don't redirect it. atf_check -s exit:0 -o ignore ping -c 1 -t 1 198.51.100.2 - jexec gw /usr/sbin/inetd -p gw.pid $(atf_get_srcdir)/echo_inetd.conf - jexec srv /usr/sbin/inetd -p srv.pid $(atf_get_srcdir)/daytime_inetd.conf + jexec gw /usr/sbin/inetd -p ${PWD}/gw.pid $(atf_get_srcdir)/echo_inetd.conf + jexec srv /usr/sbin/inetd -p ${PWD}/srv.pid $(atf_get_srcdir)/daytime_inetd.conf echo foo | nc -N 198.51.100.2 13 diff --git a/tests/sys/netpfil/pf/killstate.sh b/tests/sys/netpfil/pf/killstate.sh index 72f8d9d29fc2..33995eec6fcc 100644 --- a/tests/sys/netpfil/pf/killstate.sh +++ b/tests/sys/netpfil/pf/killstate.sh @@ -407,7 +407,7 @@ match_body() vnet_mkjail singsing ${epair_two}b jexec singsing ifconfig ${epair_two}b 198.51.100.2/24 up jexec singsing route add default 198.51.100.1 - jexec singsing /usr/sbin/inetd -p inetd-echo.pid \ + jexec singsing /usr/sbin/inetd -p ${PWD}/inetd-echo.pid \ $(atf_get_srcdir)/echo_inetd.conf route add 198.51.100.0/24 192.0.2.2 diff --git a/tests/sys/netpfil/pf/map_e.sh b/tests/sys/netpfil/pf/map_e.sh index 742264dcf547..59f9e7f7e14c 100644 --- a/tests/sys/netpfil/pf/map_e.sh +++ b/tests/sys/netpfil/pf/map_e.sh @@ -53,7 +53,7 @@ map_e_body() jexec map_e sysctl net.inet.ip.forwarding=1 jexec echo ifconfig ${epair_echo}b 198.51.100.2/24 up - jexec echo /usr/sbin/inetd -p inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf + jexec echo /usr/sbin/inetd -p ${PWD}/inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf # Enable pf! jexec map_e pfctl -e @@ -81,7 +81,6 @@ map_e_body() map_e_cleanup() { - rm -f inetd-echo.pid pft_cleanup } diff --git a/tests/sys/netpfil/pf/nat.sh b/tests/sys/netpfil/pf/nat.sh index 4ceded782cfb..ca83e432fea6 100644 --- a/tests/sys/netpfil/pf/nat.sh +++ b/tests/sys/netpfil/pf/nat.sh @@ -51,7 +51,7 @@ exhaust_body() jexec nat sysctl net.inet.ip.forwarding=1 jexec echo ifconfig ${epair_echo}b 198.51.100.2/24 up - jexec echo /usr/sbin/inetd -p inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf + jexec echo /usr/sbin/inetd -p ${PWD}/inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf # Enable pf! jexec nat pfctl -e @@ -79,7 +79,6 @@ exhaust_body() exhaust_cleanup() { - rm -f inetd-echo.pid pft_cleanup } diff --git a/tests/sys/netpfil/pf/proxy.sh b/tests/sys/netpfil/pf/proxy.sh index 4a7ea00a0cd4..b112001ef2b4 100644 --- a/tests/sys/netpfil/pf/proxy.sh +++ b/tests/sys/netpfil/pf/proxy.sh @@ -57,7 +57,7 @@ ftp_body() jexec srv route add default 198.51.100.1 # Start FTP server in srv - jexec srv twistd ftp -r `pwd` -p 21 + jexec srv twistd --logfile=/dev/null ftp -r `pwd` -p 21 # Sanity check atf_check -s exit:0 -o ignore ping -c 1 198.51.100.2 diff --git a/tests/sys/netpfil/pf/ridentifier.sh b/tests/sys/netpfil/pf/ridentifier.sh index c456d2111e20..8d83bcfb8213 100644 --- a/tests/sys/netpfil/pf/ridentifier.sh +++ b/tests/sys/netpfil/pf/ridentifier.sh @@ -45,7 +45,7 @@ basic_body() vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig lo0 up jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid $(atf_get_srcdir)/echo_inetd.conf + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid $(atf_get_srcdir)/echo_inetd.conf # Sanity check atf_check -s exit:0 -o ignore ping -c 1 192.0.2.2 @@ -56,7 +56,7 @@ basic_body() "pass in log" \ "pass in log proto tcp ridentifier 1234" - jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > tcpdump.log & + jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > ${PWD}/tcpdump.log & sleep 1 echo "test" | nc -N 192.0.2.2 7 @@ -67,17 +67,17 @@ basic_body() # Make sure we spotted the ridentifier atf_check -s exit:0 -o ignore \ - grep 'rule 1/0.*ridentifier 1234' tcpdump.log + grep 'rule 1/0.*ridentifier 1234' ${PWD}/tcpdump.log # But not on the !TCP traffic atf_check -s exit:1 -o ignore \ - grep 'rule 0/0.*ridentifier' tcpdump.log + grep 'rule 0/0.*ridentifier' ${PWD}/tcpdump.log # Now try with antispoof rules pft_set_rules alcatraz \ "pass in log" \ "antispoof log for ${epair}b ridentifier 4321" - jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > tcpdump.log & + jexec alcatraz tcpdump --immediate-mode -n -e -i pflog0 > ${PWD}/tcpdump.log & sleep 1 # Without explicit rules for lo0 we're going to drop packets to ourself @@ -87,18 +87,16 @@ basic_body() sleep 1 jexec alcatraz killall tcpdump - cat tcpdump.log + cat ${PWD}/tcpdump.log # Make sure we spotted the ridentifier atf_check -s exit:0 -o ignore \ - grep 'rule 2/0.*ridentifier 4321' tcpdump.log + grep 'rule 2/0.*ridentifier 4321' ${PWD}/tcpdump.log } basic_cleanup() { pft_cleanup - rm -f inetd-alcatraz.pid - rm -f tcpdump.log } atf_init_test_cases() diff --git a/tests/sys/netpfil/pf/route_to.sh b/tests/sys/netpfil/pf/route_to.sh index d8cfb1b22d8b..7b446a896814 100644 --- a/tests/sys/netpfil/pf/route_to.sh +++ b/tests/sys/netpfil/pf/route_to.sh @@ -140,7 +140,7 @@ multiwan_body() jexec srv sysctl net.inet.ip.forwarding=1 # Run echo server in srv jail - jexec srv /usr/sbin/inetd -p multiwan.pid $(atf_get_srcdir)/echo_inetd.conf + jexec srv /usr/sbin/inetd -p ${PWD}/multiwan.pid $(atf_get_srcdir)/echo_inetd.conf jexec srv pfctl -e pft_set_rules srv \ @@ -178,7 +178,6 @@ multiwan_body() multiwan_cleanup() { - rm -f multiwan.pid pft_cleanup } diff --git a/tests/sys/netpfil/pf/syncookie.sh b/tests/sys/netpfil/pf/syncookie.sh index 8feb2816f589..ac7483bc258b 100644 --- a/tests/sys/netpfil/pf/syncookie.sh +++ b/tests/sys/netpfil/pf/syncookie.sh @@ -51,7 +51,7 @@ basic_body() vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig ${epair}b 192.0.2.1/24 up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf ifconfig ${epair}a 192.0.2.2/24 up @@ -81,7 +81,7 @@ basic_body() basic_cleanup() { - rm -f inetd-alcatraz.pid + rm -f ${PWD}/inetd-alcatraz.pid pft_cleanup } @@ -100,7 +100,7 @@ basic_v6_body() vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig ${epair}b inet6 2001:db8::1/64 up no_dad - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf ifconfig ${epair}a inet6 2001:db8::2/64 up no_dad @@ -130,7 +130,6 @@ basic_v6_body() basic_v6_cleanup() { - rm -f inetd-alcatraz.pid pft_cleanup } @@ -157,7 +156,7 @@ forward_body() jexec srv ifconfig ${epair_out}b 198.51.100.2/24 up jexec srv route add default 198.51.100.1 - jexec srv /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec srv /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf ifconfig ${epair_in}a 192.0.2.2/24 up @@ -181,7 +180,6 @@ forward_body() forward_cleanup() { - rm -f inetd-alcatraz.pid pft_cleanup } @@ -208,7 +206,7 @@ forward_v6_body() jexec srv ifconfig ${epair_out}b inet6 2001:db8:1::2/64 up no_dad jexec srv route -6 add default 2001:db8:1::1 - jexec srv /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec srv /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf ifconfig ${epair_in}a inet6 2001:db8::2/64 up no_dad @@ -232,7 +230,6 @@ forward_v6_body() forward_v6_cleanup() { - rm -f inetd-alcatraz.pid pft_cleanup } @@ -440,7 +437,7 @@ port_reuse_body() vnet_mkjail alcatraz ${epair}b vnet_mkjail singsing jexec alcatraz ifconfig ${epair}b 192.0.2.1/24 up - jexec alcatraz /usr/sbin/inetd -p ${HOME}/inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf ifconfig ${epair}a 192.0.2.2/24 up diff --git a/tests/sys/netpfil/pf/synproxy.sh b/tests/sys/netpfil/pf/synproxy.sh index 3b3dc62b8993..617fa6ba2afc 100644 --- a/tests/sys/netpfil/pf/synproxy.sh +++ b/tests/sys/netpfil/pf/synproxy.sh @@ -52,7 +52,7 @@ synproxy_body() jexec singsing ifconfig ${link}b 198.51.100.2/24 up jexec singsing route add default 198.51.100.1 - jexec singsing /usr/sbin/inetd -p inetd-singsing.pid $(atf_get_srcdir)/echo_inetd.conf + jexec singsing /usr/sbin/inetd -p ${PWD}/inetd-singsing.pid $(atf_get_srcdir)/echo_inetd.conf jexec alcatraz pfctl -e pft_set_rules alcatraz "set fail-policy return" \ @@ -74,7 +74,6 @@ synproxy_body() synproxy_cleanup() { - rm -f inetd-singsing.pid pft_cleanup } @@ -94,7 +93,7 @@ local_body() vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig ${epair}b 192.0.2.1/24 up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf jexec alcatraz pfctl -e @@ -115,7 +114,6 @@ local_body() local_cleanup() { - rm -f inetd-alcatraz.pid pft_cleanup } @@ -135,7 +133,7 @@ local_v6_body() vnet_mkjail alcatraz ${epair}b jexec alcatraz ifconfig ${epair}b inet6 2001:db8:42::2/64 up - jexec alcatraz /usr/sbin/inetd -p inetd-alcatraz.pid \ + jexec alcatraz /usr/sbin/inetd -p ${PWD}/inetd-alcatraz.pid \ $(atf_get_srcdir)/echo_inetd.conf jexec alcatraz pfctl -e @@ -155,7 +153,6 @@ local_v6_body() local_v6_cleanup() { - rm -f inetd-alcatraz.pid pft_cleanup } From nobody Thu Aug 22 19:03:36 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WqXfd1f1rz5TS5G; Thu, 22 Aug 2024 19:03:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WqXfd0J67z4K13; Thu, 22 Aug 2024 19:03:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724353417; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=AxwZOkIdU6eio32VFusk3IaT4FronKp3fOogULUSpbc=; b=macUgdWoL8c0SDCvZQQvUsaL6zQcY8mmvjygmIbw5jRpYhK6u+uBV9BVrnpFGgTVVG8ren Fr3MjewjGdiVFw3esWQFrcvcD1LVqiyju210gc0EKzpErrOMQVwzBkzG0760b3LfckcEho IWqru6kD52/Ngj0wwbLgLMC5Kb0Rz2x5L8b19YBymbP5AEMkDEVrQ6bF0jhzWtBZwVW4Ga 4/mpymEioIjmkxw4yHeNQDkSep0TkNrllz1WnsshC83I94NBR6ciM8AFjKt0mILePK2b87 HQjyJrT1N9XAnPd/wZ5/tob7KkY8p8tVDhUuEFPwS8J52WX7JOKHxuHxUzXp/w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724353417; a=rsa-sha256; cv=none; b=vsv30OJLB0URg0mnAFqvNLhuAGHy3XMu0kmBRoRWfHlDL+1hHwSqh6WeG/FtAaoNNJYMWC tuJP/qPlnfBIjM0mbEZl3pvpv2oC5e5dFQpjHLwrKhhscYTYjsmUVAOqF0ZpJzRXgBcZTm sHjhja1kHbB1s7N74QoG9FyZPCHHDZG/L8USL8bWMB9RE2jhZefpLlSijNalltCoaCwJU0 uBCkhFKNoAvAWUl4cWC/e3qcqsiywMhAK8wAgMyKrhUZ+FxPOyX+wQgefmIVN01RKmA5Wy RlTX/+jiphDzf95KKJCZzKWTnkdoWaJWrGXSqfq58eWQ0MPTaMUYtnx/3Oqpvg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724353417; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=AxwZOkIdU6eio32VFusk3IaT4FronKp3fOogULUSpbc=; b=d+j4Zf4ZaIDJ6SsHYM6VZDjRQLvNnpakLeMLqFXNhZyGz29L4BVVxb22Buj6/AkLYbC8GK 6D7ACclUU9ZRjjAQkG5vOYwqFGwiGmh01dlE303FSakQXBEgI5tjXPZ/qHEo3Na0mRBc4Y xMzME+tZYSD8BVm8xLVA6aVHwZ7I/VRspIEFW4SViSr83dojSt6nPXHyKXSa9j+8glAtsC 3Yrjt0UbpkeCo10Ci5ef/MYV7HpchvKXO7JNwvm/qCMbYtuZSUPpGZaS/CXFYlQCbMyCmx FqUun0UeiXpiUkXWBPpvYSyOAXFbSrUS2OxEd4z1sNzbj0wT5SmfL/icgobxpQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WqXfc71Mhzg98; Thu, 22 Aug 2024 19:03:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47MJ3a06083293; Thu, 22 Aug 2024 19:03:36 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47MJ3apI083290; Thu, 22 Aug 2024 19:03:36 GMT (envelope-from git) Date: Thu, 22 Aug 2024 19:03:36 GMT Message-Id: <202408221903.47MJ3apI083290@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 09d61b28a00a - stable/14 - vnet tests: verify that we can load if_epair and if_bridge List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 09d61b28a00a0645087859ca124c17499c6941e1 Auto-Submitted: auto-generated The branch stable/14 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=09d61b28a00a0645087859ca124c17499c6941e1 commit 09d61b28a00a0645087859ca124c17499c6941e1 Author: Kristof Provost AuthorDate: 2024-07-18 20:36:55 +0000 Commit: Kristof Provost CommitDate: 2024-08-22 19:01:33 +0000 vnet tests: verify that we can load if_epair and if_bridge We're going to start running many of the vnet tests in nested jails (so they can run in parallel). That means the tests won't be able to load kernel modules, which we commonly do for if_epair and if_bridge. Just assume that all vnet tests need this, because so many of them do that we don't want to manually annotate all of them. This is essentially a no-op on non-nested tests. Do the same for the python test framework. While here also have pflog_init actually call pft_init. While having pflog loaded implies we have pf too pft_init also checks for vimage support, and now for if_epair. Reviewed by: markj MFC after: 1 month Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46039 (cherry picked from commit ae8d58814089308028046ac80aeeb9cbb784bd0a) --- tests/atf_python/sys/net/vnet.py | 6 ++++++ tests/sys/common/vnet.subr | 21 +++++++++++++++++++++ tests/sys/netpfil/pf/utils.subr | 2 ++ 3 files changed, 29 insertions(+) diff --git a/tests/atf_python/sys/net/vnet.py b/tests/atf_python/sys/net/vnet.py index 8942e6839b35..7af63aa2b0c3 100644 --- a/tests/atf_python/sys/net/vnet.py +++ b/tests/atf_python/sys/net/vnet.py @@ -335,6 +335,10 @@ class VnetTestTemplate(BaseTest): NEED_ROOT: bool = True TOPOLOGY = {} + def _require_default_modules(self): + libc.kldload("if_epair.ko") + self.require_module("if_epair") + def _get_vnet_handler(self, vnet_alias: str): handler_name = "{}_handler".format(vnet_alias) return getattr(self, handler_name, None) @@ -452,6 +456,8 @@ class VnetTestTemplate(BaseTest): def setup_method(self, _method): """Sets up all the required topology and handlers for the given test""" super().setup_method(_method) + self._require_default_modules() + # TestIP6Output.test_output6_pktinfo[ipandif] topology_id = get_topology_id(self.test_id) topology = self.TOPOLOGY diff --git a/tests/sys/common/vnet.subr b/tests/sys/common/vnet.subr index 0f7dec0dc6f1..ee498cda64f3 100644 --- a/tests/sys/common/vnet.subr +++ b/tests/sys/common/vnet.subr @@ -11,11 +11,32 @@ unlist_interface() sed -i "" /^$1\$/d created_interfaces.lst } +_vnet_check_req() +{ + type=$1 + + if kldstat -q -n if_${type}.ko; then + return + fi + + if ! kldload -n -q if_${type}; then + atf_skip "if_${type}.ko is required to run this test." + return + fi +} + vnet_init() { if [ "`sysctl -i -n kern.features.vimage`" != 1 ]; then atf_skip "This test requires VIMAGE" fi + + # Check if we can create if_epair or if_bridge interfaces. + # We may be running in a jail already, unable to load modules. + # If so, skip this test because it very likely (but not certainly) + # wants at least one of those + _vnet_check_req epair + _vnet_check_req bridge } vnet_mkepair() diff --git a/tests/sys/netpfil/pf/utils.subr b/tests/sys/netpfil/pf/utils.subr index 74ed07984601..8b463ca15fb3 100644 --- a/tests/sys/netpfil/pf/utils.subr +++ b/tests/sys/netpfil/pf/utils.subr @@ -83,6 +83,8 @@ pfsynct_init() pflog_init() { + pft_init + if ! kldstat -q -m pflog; then atf_skip "This test requires pflog" fi From nobody Thu Aug 22 22:00:18 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WqcZV1j1gz5TjwN; Thu, 22 Aug 2024 22:00:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WqcZV1FmDz4gLw; Thu, 22 Aug 2024 22:00:18 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724364018; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bwofZcH4W+mhptLouZi19y0XDSMJptFWbpJ6T4vRN+A=; b=sxpmu1FTHUb/gWB2Xk+NZ/dUmldJJLCaQoYN+gxSxuVu0JtsoYcyBlp0pcxunHL1HUDg/+ JZJ8FSH7qiSATidQKk8CBmZw3TxjcqD7z2s2IHgZ7G3vBPWrBYXsdG92BqXN1VL2eBbcdU ZPjvuSZkOfj9BQPDDke/FcDFlvAj3XlITp+Qe+5k+kMeoUJjPyPcYPSNLpuyLAhSPJHT9q N1eqB21dZH9tXyNbAafMb/buOstmgADzP6LQ6jFPpoTVotTsfJAsMW/cwES7F7S6uqU0Zm Q1UXJRoA3u89Hz919Kk2wXjKZryh2D1mn7cD/9QvePDySmF/qLmQ9ntZEx4UpQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724364018; a=rsa-sha256; cv=none; b=do1oFWZpDVtWI7tmdRPOdZaQyy6BKTijcUVEWafSLtzKc59hT2Kexcfh3C8KiPzjtwktfm gYHVYWm4QvATNilpqyG5WTBOaaRYYCwDHWtR5HmFg4YhcKUo5c1P9+L8hbuxe5xcEx/mov OnxfKPu0hnVF9tub6Iddu6A2JOB34++yQFgccTus1KXeuFWPMe3ghcHSONPH5QA7e9phpE 2ZgL1dnqmdWaHrdJw2ydsS4FdOQk9GO5INMI29jQNQ0nWEHVePBQwVdGSU2UockxbEXeTp dc1x0cPo0GWjUdteF/Np7QPlsxae/KEDhLS3/hKg6jN8E9Yw7DlmQNBEHaJLzQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724364018; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bwofZcH4W+mhptLouZi19y0XDSMJptFWbpJ6T4vRN+A=; b=v49yp98+hkS43Sb/7ZZQEy0ftbzEEjR+4qVF/GBZFcpJYkJRPs4rjNGU1a6gga2M+LWuqv XvnoceFudBelUocEg1jfqPfeXLNKo8OSWn05klg2NUG04uAZxoFLD/+gXpYO0IzMyUtXmN 35gQFuSpfo9RPLSqO2CaJK3xsTkFmVXzkbKhXjv04H82RUjrj7T7LF91vMJDmqYePL9qrJ 2zp3ZfcS8oOxeS/1UubANU6bKm184CbMbo1ZprjXaI7WVuXPvAf25AUTvWHJ3KOVRY0NLE oWq7pzvrk2Ogg2+ffFpIgwqKBA9cy1F1jW0Z0vTTvAtt80ncaCy3Y9M7NExa9Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WqcZV0sYMzlQ1; Thu, 22 Aug 2024 22:00:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47MM0Is3081219; Thu, 22 Aug 2024 22:00:18 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47MM0Isi081214; Thu, 22 Aug 2024 22:00:18 GMT (envelope-from git) Date: Thu, 22 Aug 2024 22:00:18 GMT Message-Id: <202408222200.47MM0Isi081214@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 6becc61b94f8 - stable/13 - pkg-stage.sh: add x11/sddm List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 6becc61b94f8dc366e5e8104ff82a9cb43bf21b3 Auto-Submitted: auto-generated The branch stable/13 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=6becc61b94f8dc366e5e8104ff82a9cb43bf21b3 commit 6becc61b94f8dc366e5e8104ff82a9cb43bf21b3 Author: Graham Perrin AuthorDate: 2024-02-02 23:35:42 +0000 Commit: Colin Percival CommitDate: 2024-08-22 21:59:53 +0000 pkg-stage.sh: add x11/sddm MFC After: 2 days Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/996 --- release/scripts/pkg-stage.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/release/scripts/pkg-stage.sh b/release/scripts/pkg-stage.sh index b51bdd4a2117..e9974deaae29 100755 --- a/release/scripts/pkg-stage.sh +++ b/release/scripts/pkg-stage.sh @@ -32,6 +32,7 @@ www/links x11-drivers/xf86-video-vmware x11/gnome x11/kde5 +x11/sddm x11/xorg" # If NOPORTS is set for the release, do not attempt to build pkg(8). From nobody Thu Aug 22 22:00:19 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WqcZW4jd7z5TjwP; Thu, 22 Aug 2024 22:00:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WqcZW274mz4g7p; Thu, 22 Aug 2024 22:00:19 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724364019; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=VZPPQUbKtlyvHaM41AcNelGZH6MrCxp7KfAucBUNCUI=; b=UyQwB6Z9JPbdgcOhxQmVqgzrIBb1kuRXGU9lhu/h8cv+h3ErmhR8tYoEPB8xBxzQeucgea GyrSmCjOLZTj5meGuDYkHiFNoDUAok2WMQjryTTOUYZD5LGtyvtfbuMl1l7lUBQi3DoodF 8Ohl3FHkEt3eMAtQWskRERiXB3Boq2/PAdjSs5/n9rJXj/r3vIbtctuZAtFjbFqz+2An4S VkKUCJbfCkSjbf9Eh9J1ZyLk+gPDYX3ipqyJYc+UPsxXICly5KnJjKkpTdDW61o80SxpAb Xd3Y+qHIj6H5lvGd3p3FSuOosUNm4loEwSby0/ETYI9jzaS/s0kBtfydwNK6vg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724364019; a=rsa-sha256; cv=none; b=IbsRE6aFtx6nGD+KV8C839WgpCiWvbiR24Y1FZmIIsSiImhLbcFA1uoI6xyL2B7wye7Rrk HqdYsHPvyVZF41iE1H+GkIvuffB7YBQYELdOsYyhWBDPvdUtxubc7keGp5lJ6CB2FmYYtd fXHWl5rc6CSOwr2yb3qQ+B/1XCUVSC/MdklFK1H1JBpMfWDeLwASOqitWS1CqZ/m6p4rSz z7ogl6CnnpJavz4zoxEdBtoV+PcYQR4UQg5OeNl9XvVdRl5XIUnfTuxVInqO4ZUhbdLBWJ O+mWZ4t0KWhh460GZujpX7KkVFlRZrMoKerLu8GvkiFPECWfNtci1/DzfyePXQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724364019; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=VZPPQUbKtlyvHaM41AcNelGZH6MrCxp7KfAucBUNCUI=; b=c0kYjCtRSPQK0N9Ti7f/9lFWTHdzift3pyzHXWsM8WDy83mNfqMQ+smyZZj5sX1avCh+px m/qscCNKiX8MgP43Wopfny5ek/DBXse28LGbL+JBN62WbE5T0NX/AlNLjKE3y7UcAcBljw Oe9jm9WvMXHBuOJuM1mjr9SQGcNpWpuZaruRqdM9oOYnrpzq5NftzGot+jicLagU6fLMD/ CcRUDV4VNoN/FChjkMLRBx33g1skfXNH7K0te/LNqkr4Bo2lu11wjYWIbFg4MUm8hHLkZB w9yN5WJCJI5E6QAoUov1A63w3v2Tx20o78h4g2NCXzNQJ4eB4DOuxE4kB9wr1A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WqcZW1lJlzlVY; Thu, 22 Aug 2024 22:00:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47MM0JAT081367; Thu, 22 Aug 2024 22:00:19 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47MM0JBd081364; Thu, 22 Aug 2024 22:00:19 GMT (envelope-from git) Date: Thu, 22 Aug 2024 22:00:19 GMT Message-Id: <202408222200.47MM0JBd081364@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: a926bf9254b2 - stable/13 - Modernize DVD package set in preparation for 14.1 List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: a926bf9254b2a5a9c3b60cf1760fe7746584308b Auto-Submitted: auto-generated The branch stable/13 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=a926bf9254b2a5a9c3b60cf1760fe7746584308b commit a926bf9254b2a5a9c3b60cf1760fe7746584308b Author: Colin Percival AuthorDate: 2024-05-20 17:42:49 +0000 Commit: Colin Percival CommitDate: 2024-08-22 21:59:53 +0000 Modernize DVD package set in preparation for 14.1 [MFC note: We're making the same changes for 13.4.] Remove archivers/unzip (now in base) and emulators/linux_base-c7 (old and unlikely to be useful without other linux packages being installed), ports-mgmt/portmaster (now largely obsolete and discouraged in favour of using pkg and binary packages) and x11-drivers/xf86-video-vmware (questionably useful). Replace devel/git with devel/git@lite (sufficient for most purposes), and adjust the "ensure the ports exist to sanitize the list" code to ignore the @lite part when checking that /usr/ports/devel/git exists. Add sysutils/seatd and x11-wm/sway for wayland support. MFC after: 1 minute Differential Revision: https://reviews.freebsd.org/D45278 --- release/scripts/pkg-stage.sh | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/release/scripts/pkg-stage.sh b/release/scripts/pkg-stage.sh index e9974deaae29..b7305337c012 100755 --- a/release/scripts/pkg-stage.sh +++ b/release/scripts/pkg-stage.sh @@ -12,28 +12,26 @@ export ROOTDIR="$PWD/dvd" export PKGCMD="/usr/sbin/pkg -d --rootdir ${ROOTDIR}" export PORTSDIR="${PORTSDIR:-/usr/ports}" -_DVD_PACKAGES="archivers/unzip -devel/git -emulators/linux_base-c7 +_DVD_PACKAGES="devel/git@lite graphics/drm-kmod graphics/drm-510-kmod misc/freebsd-doc-all net/mpd5 net/rsync ports-mgmt/pkg -ports-mgmt/portmaster shells/bash shells/zsh security/sudo sysutils/screen +sysutils/seatd sysutils/tmux www/firefox www/links -x11-drivers/xf86-video-vmware x11/gnome x11/kde5 x11/sddm -x11/xorg" +x11/xorg +x11-wm/sway" # If NOPORTS is set for the release, do not attempt to build pkg(8). if [ ! -f ${PORTSDIR}/Makefile ]; then @@ -60,10 +58,10 @@ fi # Ensure the ports listed in _DVD_PACKAGES exist to sanitize the # final list. for _P in ${_DVD_PACKAGES}; do - if [ -d "${PORTSDIR}/${_P}" ]; then + if [ -d "${PORTSDIR}/${_P%%@*}" ]; then DVD_PACKAGES="${DVD_PACKAGES} ${_P}" else - echo "*** Skipping nonexistent port: ${_P}" + echo "*** Skipping nonexistent port: ${_P%%@*}" fi done From nobody Thu Aug 22 22:13:59 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WqctJ0XVfz5TksW; Thu, 22 Aug 2024 22:14:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WqctJ04x2z4hmS; Thu, 22 Aug 2024 22:14:00 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724364840; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wMkETD8RRqmX/2g4U9jC9HTtshn7uNKLhVBCOVZLL+c=; b=PFk6DMco4jS/hzjVTEWvojzfdt50YjGqa4vS8xggzQTEB8vB4S0oxKNvwuMushGd8vpORG fL6srdnkv/IFRO0+s4BuX4vo9FM5tbxazI8l+nsLupWMCWQjQyqQfWtR+Ar7wQGSWoLhx2 jNlrybc7Ms+1MuqkloeTKB2JnujEoQmNCjA6G+SRGkxr3/eNxukFU05qeERWynLoNOiwOR a1JLz1NK/PnMZDaplAKSoMhCeHdOJtIM18/hkqYAERqNtnNVUUFyLLi7B1m7DC6ab3ZSH2 uc0/xxMaLTyyTEsCY11gKz3e/CNmUcI4cl6xDzQ8yVMpVyhJHiZ2lsry3P4sTg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724364840; a=rsa-sha256; cv=none; b=u0edeSzFX7pcDNW1Pa3gCEvgDSZWcvlABfMyteCPzwUskmewVC7Qh9IhC0ypo/CwHnYh8c j7nQxvflMu3vSCJtKRUobagNsuvkOIRd3MpMe8JFBbiwZaMtDZ4KdKg26Qo38e2frLpaaI x72t4FdqDzCBOC3vXl6uUr2fXikwZ/vZVDbVtwIfdu+cHppeddDrqP77xU4WC8EURGfHAL ZZ6evnNRus8v4qewVn3SqZ67Q1NgLS383xMrAdXTycImNWuFfalqRx6F/eDnbwqF3FyYNG kjBXOurPTw9XdEHdIwrUz0lNL92jq7q9Qgg3y7LFLb0lRMByqpDlU7d4v9MqdA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724364840; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wMkETD8RRqmX/2g4U9jC9HTtshn7uNKLhVBCOVZLL+c=; b=nPeuKJAEYhQq2h1To5N/qIQhdZVkR+gXVuDsfVbZUheXGjK9sshMcASV9b/bHIRESxKJX6 q6fTUUp+jQQdHqZsCJVcDAVYUJWm2ZhEa5+1yZo1L4SR65kn/5p/rBzlQcU2gUq6tUE0hN uIlWlsrvcXdPFoL9YJaNI1Jum7zeUlkbNZ+PIPQ68wELm11e2FDq//RrixwQOz+5LY5WB1 IA7e/IM0xkitiEd85Q++TZ57OEgXGTNETwCwoHPmHnwB+uSK/GjNp0z1jSuSYUCmhtPMmS D7JuYMRs6ckRJlglRtLCyV5jl/Pv85yxnn9Znph5MLrx3rryNjAO0ETt1lK6AA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WqctH6mz3zl7b; Thu, 22 Aug 2024 22:13:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47MMDxo5005637; Thu, 22 Aug 2024 22:13:59 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47MMDxpT005634; Thu, 22 Aug 2024 22:13:59 GMT (envelope-from git) Date: Thu, 22 Aug 2024 22:13:59 GMT Message-Id: <202408222213.47MMDxpT005634@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 7bcf0d3320d5 - releng/13.4 - pkg-stage.sh: add x11/sddm List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: 7bcf0d3320d5b9706169cac0a331a1aa5ad3f828 Auto-Submitted: auto-generated The branch releng/13.4 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=7bcf0d3320d5b9706169cac0a331a1aa5ad3f828 commit 7bcf0d3320d5b9706169cac0a331a1aa5ad3f828 Author: Graham Perrin AuthorDate: 2024-02-02 23:35:42 +0000 Commit: Colin Percival CommitDate: 2024-08-22 22:01:07 +0000 pkg-stage.sh: add x11/sddm Approved by: re (cperciva) MFC After: 2 days Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/996 (cherry picked from commit 6becc61b94f8dc366e5e8104ff82a9cb43bf21b3) --- release/scripts/pkg-stage.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/release/scripts/pkg-stage.sh b/release/scripts/pkg-stage.sh index b51bdd4a2117..e9974deaae29 100755 --- a/release/scripts/pkg-stage.sh +++ b/release/scripts/pkg-stage.sh @@ -32,6 +32,7 @@ www/links x11-drivers/xf86-video-vmware x11/gnome x11/kde5 +x11/sddm x11/xorg" # If NOPORTS is set for the release, do not attempt to build pkg(8). From nobody Thu Aug 22 22:14:00 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WqctK2lYrz5Tl3p; Thu, 22 Aug 2024 22:14:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WqctK10Smz4hWS; Thu, 22 Aug 2024 22:14:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724364841; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=VYpmeto7Wl04DN4sPTz+plT8V7Pq3yP/0RnVrx7teQY=; b=A3nr+IwP9BKIrrSkllSY+RibpuoCEf8dH4FLrg40XomeM560xWt4jX1600YysXdBGE4zx9 AE7mUporiIYsDJciUurrgWvxVNsG8eUrOlecEW4LKoPt7WVeXzHEhdygk9MfUV88Q6+O07 E3/n171PdU5DcxTgfTyufOmmU9rOWLDVVYCVcIPk/DSsinugLT4UY9Vf0gQOgjkJCeru8r H1CeDtAeftt17WFC2Cz48xc3iq4Zkvw94Frf9ZiMa4BNUkT59uY06h0otpBMJ8oJl5iDXP iqECANKdeJu5Eu417dzRtqugmbH++04q6oJMwbVwn+aMWjIphYhbkMU44XtdNw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724364841; a=rsa-sha256; cv=none; b=PNBmu+dSx5BiLHJe12ZiDfRLJjKZYG6KFL/Y/P4EpenAAd9rV+zkAmPRP6F8sdSDA6ANE4 6z38kJU4KRsA5mXWTecVaRsaENy4TG6qmm/pcaNNJKA4bk2OSERV+rs8pLYafTM9NCKE1M HXyJzPnwn02c6XWqBYrV4UfxmdI3FAKmbP4CMGo1R9bveMqw9O6fC0kKbYlzlVrrgOs3Ne Ml556uNqw2rYbW7FLyLhPns96LYW7b8LscWhSHFkdCDgukuGbeTEnoZp20V+n/Y9wSCc3j BX0A8IB+QBaMHNIkdnTnQ5vpXpkaz3JH551fQxoZsaxFv5+QhF7Wct/7TmpDeQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724364841; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=VYpmeto7Wl04DN4sPTz+plT8V7Pq3yP/0RnVrx7teQY=; b=nEUaIxfCm1IMu4G1+RGc4fuHuYLF/lFp29javV0iQFSbt4dVIP6fguwlj1UpI68OSsqrbO zkZNdPkgipyUAG6tqHDaaVu4mxE9JTc68t/pePbXUeeZaV/6yvg934co33CJzO6DtxK07x thdIFBdM3mrjobA8PVFzPyj7MqbUEfeCJbO8EvBARneSriAMh2HscLNVKL+ifVhSTHYzGO WhvAnND0cgt3B413/Ahds/Xbzg6Iuatebn+MKcxmN57krggfYKtAwu01xdXEUpLXWsn5GT EDcAJNdHMGf/PQ783jEGYiRRfKPFcaXnVpyy6QOKlFo0I73QcV4z/i3tY8n8YA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WqctK0cc1zlWT; Thu, 22 Aug 2024 22:14:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47MME0r4005701; Thu, 22 Aug 2024 22:14:00 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47MME0Fg005698; Thu, 22 Aug 2024 22:14:00 GMT (envelope-from git) Date: Thu, 22 Aug 2024 22:14:00 GMT Message-Id: <202408222214.47MME0Fg005698@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 2006e3634b40 - releng/13.4 - Modernize DVD package set in preparation for 14.1 List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: 2006e3634b402b76c13c3e834a91ff596ac6cbcd Auto-Submitted: auto-generated The branch releng/13.4 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=2006e3634b402b76c13c3e834a91ff596ac6cbcd commit 2006e3634b402b76c13c3e834a91ff596ac6cbcd Author: Colin Percival AuthorDate: 2024-05-20 17:42:49 +0000 Commit: Colin Percival CommitDate: 2024-08-22 22:01:22 +0000 Modernize DVD package set in preparation for 14.1 [MFC note: We're making the same changes for 13.4.] Remove archivers/unzip (now in base) and emulators/linux_base-c7 (old and unlikely to be useful without other linux packages being installed), ports-mgmt/portmaster (now largely obsolete and discouraged in favour of using pkg and binary packages) and x11-drivers/xf86-video-vmware (questionably useful). Replace devel/git with devel/git@lite (sufficient for most purposes), and adjust the "ensure the ports exist to sanitize the list" code to ignore the @lite part when checking that /usr/ports/devel/git exists. Add sysutils/seatd and x11-wm/sway for wayland support. Approved by: re (cperciva) MFC after: 1 minute Differential Revision: https://reviews.freebsd.org/D45278 (cherry picked from commit a926bf9254b2a5a9c3b60cf1760fe7746584308b) --- release/scripts/pkg-stage.sh | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/release/scripts/pkg-stage.sh b/release/scripts/pkg-stage.sh index e9974deaae29..b7305337c012 100755 --- a/release/scripts/pkg-stage.sh +++ b/release/scripts/pkg-stage.sh @@ -12,28 +12,26 @@ export ROOTDIR="$PWD/dvd" export PKGCMD="/usr/sbin/pkg -d --rootdir ${ROOTDIR}" export PORTSDIR="${PORTSDIR:-/usr/ports}" -_DVD_PACKAGES="archivers/unzip -devel/git -emulators/linux_base-c7 +_DVD_PACKAGES="devel/git@lite graphics/drm-kmod graphics/drm-510-kmod misc/freebsd-doc-all net/mpd5 net/rsync ports-mgmt/pkg -ports-mgmt/portmaster shells/bash shells/zsh security/sudo sysutils/screen +sysutils/seatd sysutils/tmux www/firefox www/links -x11-drivers/xf86-video-vmware x11/gnome x11/kde5 x11/sddm -x11/xorg" +x11/xorg +x11-wm/sway" # If NOPORTS is set for the release, do not attempt to build pkg(8). if [ ! -f ${PORTSDIR}/Makefile ]; then @@ -60,10 +58,10 @@ fi # Ensure the ports listed in _DVD_PACKAGES exist to sanitize the # final list. for _P in ${_DVD_PACKAGES}; do - if [ -d "${PORTSDIR}/${_P}" ]; then + if [ -d "${PORTSDIR}/${_P%%@*}" ]; then DVD_PACKAGES="${DVD_PACKAGES} ${_P}" else - echo "*** Skipping nonexistent port: ${_P}" + echo "*** Skipping nonexistent port: ${_P%%@*}" fi done From nobody Thu Aug 22 22:14:02 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WqctL57R3z5TkyR; Thu, 22 Aug 2024 22:14:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WqctL2Fplz4hq5; Thu, 22 Aug 2024 22:14:02 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724364842; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/mcXbJBZn1ci5Pd0EAuwaAO0yLo/eIr27+w8anD7OPo=; b=Vsa9b4h9+U+R2eKETMqa9sRjAhTgFvF9Pn+eha0zR+tIVijaxcgcox8b4cdsM67G0VH+tY PHEOcl4tbphCA5+lidARPMHOlJrMVdyp32IaKzTARPiu8sopC1Z8mZEpNQPrcBeIk7wqu4 N/D0dFruJOEyMzvUhfGbBgu2nkYUkDhMJvAa9YFzFUxtj1yXjC5WKkTDVK8REhDKFkXMtm VjIlrEiatTjCHIy2GdK9l+764lo4mO91wqQUUe0QOc5cqKO+1Rik8XV+V9I6JqEqL1I9dm yMeXUEx7woKT6tlt2XKm7rXe67uyCd7mceAIrdw+XYkhzLQUFF0iWwrr+mLHvQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724364842; a=rsa-sha256; cv=none; b=Tv5D/iZsRukHBN0W6Vnudk58YuMV0yJDpHmJuCIpKeNNAact8L29Gb5HYng5dDRiMVS7xN iySurDvv2fQDwINkjGMT+BPfAZ5eJywuT+5My8APT5GACueSiwCzy9bxdfWS+gMt7jnYC9 7pW76r4tIpb3ysvmxndbfhKFcwEgZxYVcbtMBwqGKxC7CbP3zPgbhwrCviJA51ISONweV5 5nnhBWEOty4zr6GgUiBtzMMjn7dMoLU2LOLaQBn65v/tsRkCF4WYII7Z7+fdJtwoU3H/Ff yZYUpcOX7pi/RFL6GCnoyeqNEDRaYY3d+YrVrnUaREyHsQ2vDT1EdmoV1IOdYQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724364842; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/mcXbJBZn1ci5Pd0EAuwaAO0yLo/eIr27+w8anD7OPo=; b=NJUD0ZwnwGsZ8B9ribbr8G8Ex5i6O8vyz+uoxWTzz8vY/Yx9skQyujWyVmDbYM0uv4PadV FZlgPV1rsrAd4/HK/1IHBThMvHc0uI+T43xur/POy7PlA0ITB2jR/gqsmpxSSVNPvKuUcv Tp1sgGhE05i5MkOi3nakiRgrqrqalcQEstNu/J4wARUhpQtCtLJvx+NtPgl1cdDGcaOAyS uSpsCregutJIavpE0cvAguOWgPkzYw83rV3W4dneeCd52Tdie6R1NYZlmgcQQifyQN9YPR AayGTcnP/fGeD3L5w6TG2dAFWwDY4DbkP9Mt8ZODSPP2wfk9NxAu75itfqRQXw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WqctL1c07zlTM; Thu, 22 Aug 2024 22:14:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47MME2tA005749; Thu, 22 Aug 2024 22:14:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47MME2or005746; Thu, 22 Aug 2024 22:14:02 GMT (envelope-from git) Date: Thu, 22 Aug 2024 22:14:02 GMT Message-Id: <202408222214.47MME2or005746@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 3b8f0ffc0f49 - releng/13.4 - 13.4: Switch from "quarterly" to "release" pkgs List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: 3b8f0ffc0f49d20527d9a49420e2354790bfa2ce Auto-Submitted: auto-generated The branch releng/13.4 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=3b8f0ffc0f49d20527d9a49420e2354790bfa2ce commit 3b8f0ffc0f49d20527d9a49420e2354790bfa2ce Author: Colin Percival AuthorDate: 2024-08-22 22:10:46 +0000 Commit: Colin Percival CommitDate: 2024-08-22 22:11:08 +0000 13.4: Switch from "quarterly" to "release" pkgs Approved by: re (implicit) Sponsored by: Amazon --- release/pkg_repos/release-dvd.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release/pkg_repos/release-dvd.conf b/release/pkg_repos/release-dvd.conf index 600c309d5979..79f7c4c8dbca 100644 --- a/release/pkg_repos/release-dvd.conf +++ b/release/pkg_repos/release-dvd.conf @@ -1,5 +1,5 @@ release: { - url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly", + url: "pkg+http://pkg.FreeBSD.org/${ABI}/release_4", mirror_type: "srv", signature_type: "fingerprints", fingerprints: "/usr/share/keys/pkg", From nobody Fri Aug 23 00:07:22 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WqgP63tJRz5Ttnq; Fri, 23 Aug 2024 00:07:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WqgP63Ghdz4rXy; Fri, 23 Aug 2024 00:07:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724371642; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=58fSFjxmPeSczKYZ0v/iozzHAWucRv6aPVwHza+VPls=; b=yNVkbE/Y4OYn4yoXs7dldQccdue46T2mfVxqT5NfphAf1QKD7sx/+v0YaSVca+IGNnDwY3 65LnrHno4frSMX9ykAjuHqB3iJW5ECT/ITi2Zb9s/RM/8x42IRgjhXYKq8H+C1+HQrKm1U 4tHZhdwyTyDdQgPAaxqnUq6YaAiP8iIITQ6VMZpba1gTo6z8r94Z78pQJgRzpr5d8JTLAN NoCq70/B/UPtsKyWKcVxoioXTCIsuPKT0+WSmkqWcuG8VLjJliOm4eMzHUUR1oJslsAvKn IP+R4HqeJCy0K5ZHe4t9j2tl8RRIBQ2cu1zvtWEt9M2UFdV0nVehCj4SIESNuw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724371642; a=rsa-sha256; cv=none; b=xPoATSTGWGPGZRcZVra8Arwo93y3RkEo5P4DO4DQdtBXlSkgVtAUMPWekLM1uQ7OuI9Hmr CPnJ9AwoVXYyOJbWrlkbckZXMoopVI0ufbzYf/QB5GF0D2rUeN+ov3kO38y3DHRx2FcBzK YD6BLTqJ4LsA1Mitwf2PQxDpQOZ1aNedfPVDyWOPVI+BSZyKij2ESdrDcOTrhdmf+FlR8U sBSS7HwqLsH8QssHoxRB5uBkPK0hp3f6JqO5X+9e/zOAXq2MJ8GP3tl7EaeFOiXhulbiLU lNZRGUntAjqiCZcVpTgU4d8oUJagGMbL5pC+H42hYSL9xfn2Gz8No9rqZF7qEA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724371642; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=58fSFjxmPeSczKYZ0v/iozzHAWucRv6aPVwHza+VPls=; b=DDS5BYboGvmLhKu98Pzsc/2LGpzsMBlrcOpGug0HvbPjg2RjrkSJB4UZJOqnU/bglbGTxL qmjLMU/Uswa1oz6P+d09ZrWlwqO3hx6jBkpC/jbW9uzueFTXA1ITW/C0azrhvmNE1A4Fcs 3ZSi4DOvdUFBzk3qso47b+/S8tz4k+Gqkf0uqn2wPaU7eeTqlkYrvRvbS4F9hM1nsIR++H oHZkq5MwzU4vSUTWgmAS+/RqG9m+ShefnkFVjzYIj1HhNxBirV+R8RM/aDo29xcObTf2TL 1dLwjEDJUp7WKHpkZKWNUjcyHEismeP3yOAf/MUrOYhrCX3wIMuawkDsojwHEg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WqgP62nPzzpSh; Fri, 23 Aug 2024 00:07:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47N07Mlo092796; Fri, 23 Aug 2024 00:07:22 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47N07McU092793; Fri, 23 Aug 2024 00:07:22 GMT (envelope-from git) Date: Fri, 23 Aug 2024 00:07:22 GMT Message-Id: <202408230007.47N07McU092793@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 700ff8f05f08 - releng/13.4 - 13.4: Update to RC1 List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: 700ff8f05f08b1329daa1acc924d0d2885be0822 Auto-Submitted: auto-generated The branch releng/13.4 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=700ff8f05f08b1329daa1acc924d0d2885be0822 commit 700ff8f05f08b1329daa1acc924d0d2885be0822 Author: Colin Percival AuthorDate: 2024-08-23 00:06:43 +0000 Commit: Colin Percival CommitDate: 2024-08-23 00:06:43 +0000 13.4: Update to RC1 Approved by: re (implicit) Sponsored by: Amazon --- sys/conf/newvers.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 9a74c5f15d09..4323fb23657c 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -53,7 +53,7 @@ TYPE="FreeBSD" REVISION="13.4" -BRANCH="BETA3" +BRANCH="RC1" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From nobody Fri Aug 23 19:30:11 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wr9Bq6Cl5z5Tnm0; Fri, 23 Aug 2024 19:30:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wr9Bq5dv6z4QsR; Fri, 23 Aug 2024 19:30:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724441411; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=DXDGxb1e6upRoMUUAcYKW9tUiAio+ivkhTRGPPBjozw=; b=FfUpFRO5g4cpIacxtb/AnHDOzXBZgZKwcnsKh11LFG20y41Wo3hjUWUANJ3Bodq6V2IDMm qGsX2GB8JojleRiVkcsDBMol2TdI61H6eYrf26IPjL8is4ctBVgxdEIi+D+699T59+dMwL Tqyz1Q8cjyp+7dkUKIcz4KdDQoFUiC9feo89ZaF6v+rJpJ4LIx28/G5l6kQwTPjTfdxAnq FBpXmXJblux0xyemQOV8qHi+Ga+s45XzmEUIjoTCPzMFIfgWS/dOidXD1dpx8vh5b4FO4I 2l0GI3dsPNaIUZDfq9xJ2G/pccXeMD8In3Sn11aKqibMvYg0hA9EfuJ5+qZN5A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724441411; a=rsa-sha256; cv=none; b=KPY0XIL42kn9fOcQgez3gIAgDGbbf/L3C/uR7zKt6MwfYFgtUpVlCukq/KNCHtJhedtj6E i/KcsUKX8XvMfCdPrKN3yAmJdNz6uPPs0eBHcf8LnDDcTKrAxk4GRrO/DYi05PxFddGHoW yIzYGWyECVjmMRUaAce24W/yxoqesduoXva7IR6U58Xir8tx9qwAyve+z3okY0NFpNaCkx PI3G1xr7NNse9ijYBpi2adjLa9IeM+DqJxMZWmSaXV0+DKvzXn1+RFaCkVmSvwAL+gMS0K wAgpbcWE50ZkcIUCA/iRuTTDRQI9olO2aOV8Xkeu+d5Ii7dct73Whev+KDE1VQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724441411; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=DXDGxb1e6upRoMUUAcYKW9tUiAio+ivkhTRGPPBjozw=; b=B6g7dGYEyA5M+SX6QvkklRmuoPOsMDg7G2FdKdR6bN4kEz+7xUt2SwtTKSCIwgHK0uo8vz of6qSNUNbN8ZxW/beRq/S/ihNtlSCIo9f7/fb+e82aVm/9WBcHALecJ12mWctQMdak7wnm zDZTinkibONv0DvkT87sX340rp7EfAN+4l4mH9cY1D1i11hXGDUsFR3TNYb65wiIek6Rnk Timc2cZs9nK+rDLwnKk1ttNU0MnZqnACrQokqyavufXfI32meLei5+BrmYon0JnrNNKQDq hqMjoQ7g8QYSzxn+1JswI8geV/wvKJ9eFifo6JnQGKmC3AEsSqKR93TEHSrTWw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wr9Bq56mYzNRp; Fri, 23 Aug 2024 19:30:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47NJUBiI060966; Fri, 23 Aug 2024 19:30:11 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47NJUBKs060848; Fri, 23 Aug 2024 19:30:11 GMT (envelope-from git) Date: Fri, 23 Aug 2024 19:30:11 GMT Message-Id: <202408231930.47NJUBKs060848@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Cy Schubert Subject: git: 7f6d0ce8e6cf - stable/14 - unbound: Remove backup file List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 7f6d0ce8e6cf04cb9a7dfd2234ef2d5c71a9c40f Auto-Submitted: auto-generated The branch stable/14 has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=7f6d0ce8e6cf04cb9a7dfd2234ef2d5c71a9c40f commit 7f6d0ce8e6cf04cb9a7dfd2234ef2d5c71a9c40f Author: Cy Schubert AuthorDate: 2024-07-15 15:15:27 +0000 Commit: Cy Schubert CommitDate: 2024-08-23 19:29:42 +0000 unbound: Remove backup file Upstream unbound includes a backup configure file which is distributed in the upstream tarball. It must be created by their release process and not deleted prior to packaging the tarball. I've received two emails so far asking about it. Let's remove it so nobody else asks about it. (cherry picked from commit 51c8a9c1be57b6750e7c64e1379e8c33bd0f02c1) --- contrib/unbound/configure~ | 26616 ------------------------------------------- 1 file changed, 26616 deletions(-) diff --git a/contrib/unbound/configure~ b/contrib/unbound/configure~ deleted file mode 100755 index d4a394eb9540..000000000000 --- a/contrib/unbound/configure~ +++ /dev/null @@ -1,26616 +0,0 @@ -#! /bin/sh -# Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.71 for unbound 1.20.0. -# -# Report bugs to . -# -# -# Copyright (C) 1992-1996, 1998-2017, 2020-2021 Free Software Foundation, -# Inc. -# -# -# This configure script is free software; the Free Software Foundation -# gives unlimited permission to copy, distribute and modify it. -## -------------------- ## -## M4sh Initialization. ## -## -------------------- ## - -# Be more Bourne compatible -DUALCASE=1; export DUALCASE # for MKS sh -as_nop=: -if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 -then : - emulate sh - NULLCMD=: - # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else $as_nop - case `(set -o) 2>/dev/null` in #( - *posix*) : - set -o posix ;; #( - *) : - ;; -esac -fi - - - -# Reset variables that may have inherited troublesome values from -# the environment. - -# IFS needs to be set, to space, tab, and newline, in precisely that order. -# (If _AS_PATH_WALK were called with IFS unset, it would have the -# side effect of setting IFS to empty, thus disabling word splitting.) -# Quoting is to prevent editors from complaining about space-tab. -as_nl=' -' -export as_nl -IFS=" "" $as_nl" - -PS1='$ ' -PS2='> ' -PS4='+ ' - -# Ensure predictable behavior from utilities with locale-dependent output. -LC_ALL=C -export LC_ALL -LANGUAGE=C -export LANGUAGE - -# We cannot yet rely on "unset" to work, but we need these variables -# to be unset--not just set to an empty or harmless value--now, to -# avoid bugs in old shells (e.g. pre-3.0 UWIN ksh). This construct -# also avoids known problems related to "unset" and subshell syntax -# in other old shells (e.g. bash 2.01 and pdksh 5.2.14). -for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH -do eval test \${$as_var+y} \ - && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : -done - -# Ensure that fds 0, 1, and 2 are open. -if (exec 3>&0) 2>/dev/null; then :; else exec 0&1) 2>/dev/null; then :; else exec 1>/dev/null; fi -if (exec 3>&2) ; then :; else exec 2>/dev/null; fi - -# The user is always right. -if ${PATH_SEPARATOR+false} :; then - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { - (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || - PATH_SEPARATOR=';' - } -fi - - -# Find who we are. Look in the path if we contain no directory separator. -as_myself= -case $0 in #(( - *[\\/]* ) as_myself=$0 ;; - *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - case $as_dir in #((( - '') as_dir=./ ;; - */) ;; - *) as_dir=$as_dir/ ;; - esac - test -r "$as_dir$0" && as_myself=$as_dir$0 && break - done -IFS=$as_save_IFS - - ;; -esac -# We did not find ourselves, most probably we were run as `sh COMMAND' -# in which case we are not to be found in the path. -if test "x$as_myself" = x; then - as_myself=$0 -fi -if test ! -f "$as_myself"; then - printf "%s\n" "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - exit 1 -fi - - -# Use a proper internal environment variable to ensure we don't fall - # into an infinite loop, continuously re-executing ourselves. - if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then - _as_can_reexec=no; export _as_can_reexec; - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 -exit 255 - fi - # We don't want this to propagate to other subprocesses. - { _as_can_reexec=; unset _as_can_reexec;} -if test "x$CONFIG_SHELL" = x; then - as_bourne_compatible="as_nop=: -if test \${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 -then : - emulate sh - NULLCMD=: - # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which - # is contrary to our usage. Disable this feature. - alias -g '\${1+\"\$@\"}'='\"\$@\"' - setopt NO_GLOB_SUBST -else \$as_nop - case \`(set -o) 2>/dev/null\` in #( - *posix*) : - set -o posix ;; #( - *) : - ;; -esac -fi -" - as_required="as_fn_return () { (exit \$1); } -as_fn_success () { as_fn_return 0; } -as_fn_failure () { as_fn_return 1; } -as_fn_ret_success () { return 0; } -as_fn_ret_failure () { return 1; } - -exitcode=0 -as_fn_success || { exitcode=1; echo as_fn_success failed.; } -as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } -as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } -as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } -if ( set x; as_fn_ret_success y && test x = \"\$1\" ) -then : - -else \$as_nop - exitcode=1; echo positional parameters were not saved. -fi -test x\$exitcode = x0 || exit 1 -blah=\$(echo \$(echo blah)) -test x\"\$blah\" = xblah || exit 1 -test -x / || exit 1" - as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO - as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO - eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && - test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 -test \$(( 1 + 1 )) = 2 || exit 1 - - test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || ( - ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' - ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO - ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO - PATH=/empty FPATH=/empty; export PATH FPATH - test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\ - || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1" - if (eval "$as_required") 2>/dev/null -then : - as_have_required=yes -else $as_nop - as_have_required=no -fi - if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null -then : - -else $as_nop - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -as_found=false -for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH -do - IFS=$as_save_IFS - case $as_dir in #((( - '') as_dir=./ ;; - */) ;; - *) as_dir=$as_dir/ ;; - esac - as_found=: - case $as_dir in #( - /*) - for as_base in sh bash ksh sh5; do - # Try only shells that exist, to save several forks. - as_shell=$as_dir$as_base - if { test -f "$as_shell" || test -f "$as_shell.exe"; } && - as_run=a "$as_shell" -c "$as_bourne_compatible""$as_required" 2>/dev/null -then : - CONFIG_SHELL=$as_shell as_have_required=yes - if as_run=a "$as_shell" -c "$as_bourne_compatible""$as_suggested" 2>/dev/null -then : - break 2 -fi -fi - done;; - esac - as_found=false -done -IFS=$as_save_IFS -if $as_found -then : - -else $as_nop - if { test -f "$SHELL" || test -f "$SHELL.exe"; } && - as_run=a "$SHELL" -c "$as_bourne_compatible""$as_required" 2>/dev/null -then : - CONFIG_SHELL=$SHELL as_have_required=yes -fi -fi - - - if test "x$CONFIG_SHELL" != x -then : - export CONFIG_SHELL - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 -exit 255 -fi - - if test x$as_have_required = xno -then : - printf "%s\n" "$0: This script requires a shell more modern than all" - printf "%s\n" "$0: the shells that I found on your system." - if test ${ZSH_VERSION+y} ; then - printf "%s\n" "$0: In particular, zsh $ZSH_VERSION has bugs and should" - printf "%s\n" "$0: be upgraded to zsh 4.3.4 or later." - else - printf "%s\n" "$0: Please tell bug-autoconf@gnu.org and -$0: unbound-bugs@nlnetlabs.nl or -$0: https://github.com/NLnetLabs/unbound/issues about your -$0: system, including any error possibly output before this -$0: message. Then install a modern shell, or manually run -$0: the script under such a shell if you do have one." - fi - exit 1 -fi -fi -fi -SHELL=${CONFIG_SHELL-/bin/sh} -export SHELL -# Unset more variables known to interfere with behavior of common tools. -CLICOLOR_FORCE= GREP_OPTIONS= -unset CLICOLOR_FORCE GREP_OPTIONS - -## --------------------- ## -## M4sh Shell Functions. ## -## --------------------- ## -# as_fn_unset VAR -# --------------- -# Portably unset VAR. -as_fn_unset () -{ - { eval $1=; unset $1;} -} -as_unset=as_fn_unset - - -# as_fn_set_status STATUS -# ----------------------- -# Set $? to STATUS, without forking. -as_fn_set_status () -{ - return $1 -} # as_fn_set_status - -# as_fn_exit STATUS -# ----------------- -# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. -as_fn_exit () -{ - set +e - as_fn_set_status $1 - exit $1 -} # as_fn_exit -# as_fn_nop -# --------- -# Do nothing but, unlike ":", preserve the value of $?. -as_fn_nop () -{ - return $? -} -as_nop=as_fn_nop - -# as_fn_mkdir_p -# ------------- -# Create "$as_dir" as a directory, including parents if necessary. -as_fn_mkdir_p () -{ - - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || eval $as_mkdir_p || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`printf "%s\n" "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -printf "%s\n" X"$as_dir" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" - - -} # as_fn_mkdir_p - -# as_fn_executable_p FILE -# ----------------------- -# Test if FILE is an executable regular file. -as_fn_executable_p () -{ - test -f "$1" && test -x "$1" -} # as_fn_executable_p -# as_fn_append VAR VALUE -# ---------------------- -# Append the text in VALUE to the end of the definition contained in VAR. Take -# advantage of any shell optimizations that allow amortized linear growth over -# repeated appends, instead of the typical quadratic growth present in naive -# implementations. -if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null -then : - eval 'as_fn_append () - { - eval $1+=\$2 - }' -else $as_nop - as_fn_append () - { - eval $1=\$$1\$2 - } -fi # as_fn_append - -# as_fn_arith ARG... -# ------------------ -# Perform arithmetic evaluation on the ARGs, and store the result in the -# global $as_val. Take advantage of shells that can avoid forks. The arguments -# must be portable across $(()) and expr. -if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null -then : - eval 'as_fn_arith () - { - as_val=$(( $* )) - }' -else $as_nop - as_fn_arith () - { - as_val=`expr "$@" || test $? -eq 1` - } -fi # as_fn_arith - -# as_fn_nop -# --------- -# Do nothing but, unlike ":", preserve the value of $?. -as_fn_nop () -{ - return $? -} -as_nop=as_fn_nop - -# as_fn_error STATUS ERROR [LINENO LOG_FD] -# ---------------------------------------- -# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are -# provided, also output the error to LOG_FD, referencing LINENO. Then exit the -# script with STATUS, using 1 if that was 0. -as_fn_error () -{ - as_status=$1; test $as_status -eq 0 && as_status=1 - if test "$4"; then - as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 - fi - printf "%s\n" "$as_me: error: $2" >&2 - as_fn_exit $as_status -} # as_fn_error - -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then - as_basename=basename -else - as_basename=false -fi - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - -as_me=`$as_basename -- "$0" || -$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -printf "%s\n" X/"$0" | - sed '/^.*\/\([^/][^/]*\)\/*$/{ - s//\1/ - q - } - /^X\/\(\/\/\)$/{ - s//\1/ - q - } - /^X\/\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - - - as_lineno_1=$LINENO as_lineno_1a=$LINENO - as_lineno_2=$LINENO as_lineno_2a=$LINENO - eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && - test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { - # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) - sed -n ' - p - /[$]LINENO/= - ' <$as_myself | - sed ' - s/[$]LINENO.*/&-/ - t lineno - b - :lineno - N - :loop - s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ - t loop - s/-\n.*// - ' >$as_me.lineno && - chmod +x "$as_me.lineno" || - { printf "%s\n" "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } - - # If we had to re-execute with $CONFIG_SHELL, we're ensured to have - # already done that, so ensure we don't try to do so again and fall - # in an infinite loop. This has already happened in practice. - _as_can_reexec=no; export _as_can_reexec - # Don't try to exec as it changes $[0], causing all sort of problems - # (the dirname of $[0] is not the place where we might find the - # original and so on. Autoconf is especially sensitive to this). - . "./$as_me.lineno" - # Exit status is that of the last command. - exit -} - - -# Determine whether it's possible to make 'echo' print without a newline. -# These variables are no longer used directly by Autoconf, but are AC_SUBSTed -# for compatibility with existing Makefiles. -ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in #((((( --n*) - case `echo 'xy\c'` in - *c*) ECHO_T=' ';; # ECHO_T is single tab character. - xy) ECHO_C='\c';; - *) echo `echo ksh88 bug on AIX 6.1` > /dev/null - ECHO_T=' ';; - esac;; -*) - ECHO_N='-n';; -esac - -# For backward compatibility with old third-party macros, we provide -# the shell variables $as_echo and $as_echo_n. New code should use -# AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively. -as_echo='printf %s\n' -as_echo_n='printf %s' - - -rm -f conf$$ conf$$.exe conf$$.file -if test -d conf$$.dir; then - rm -f conf$$.dir/conf$$.file -else - rm -f conf$$.dir - mkdir conf$$.dir 2>/dev/null -fi -if (echo >conf$$.file) 2>/dev/null; then - if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -pR' - elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln - else - as_ln_s='cp -pR' - fi -else - as_ln_s='cp -pR' -fi -rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file -rmdir conf$$.dir 2>/dev/null - -if mkdir -p . 2>/dev/null; then - as_mkdir_p='mkdir -p "$as_dir"' -else - test -d ./-p && rmdir ./-p - as_mkdir_p=false -fi - -as_test_x='test -x' -as_executable_p=as_fn_executable_p - -# Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" - -# Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - -SHELL=${CONFIG_SHELL-/bin/sh} - - -test -n "$DJDIR" || exec 7<&0 &1 - -# Name of the host. -# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, -# so uname gets run too. -ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` - -# -# Initializations. -# -ac_default_prefix=/usr/local -ac_clean_files= -ac_config_libobj_dir=. -LIBOBJS= -cross_compiling=no -subdirs= -MFLAGS= -MAKEFLAGS= - -# Identity of this package. -PACKAGE_NAME='unbound' -PACKAGE_TARNAME='unbound' -PACKAGE_VERSION='1.20.0' -PACKAGE_STRING='unbound 1.20.0' -PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues' -PACKAGE_URL='' - -# Factoring default headers for most tests. -ac_includes_default="\ -#include -#ifdef HAVE_STDIO_H -# include -#endif -#ifdef HAVE_STDLIB_H -# include -#endif -#ifdef HAVE_STRING_H -# include -#endif -#ifdef HAVE_INTTYPES_H -# include -#endif -#ifdef HAVE_STDINT_H -# include -#endif -#ifdef HAVE_STRINGS_H -# include -#endif -#ifdef HAVE_SYS_TYPES_H -# include -#endif -#ifdef HAVE_SYS_STAT_H -# include -#endif -#ifdef HAVE_UNISTD_H -# include -#endif" - -ac_header_c_list= -ac_func_c_list= -ac_subst_vars='LTLIBOBJS -date -version -INSTALLTARGET -ALLTARGET -SOURCEFILE -SOURCEDETERMINE -IPSET_OBJ -IPSET_SRC -IPSECMOD_HEADER -IPSECMOD_OBJ -CACHEDB_OBJ -CACHEDB_SRC -DNSCRYPT_OBJ -DNSCRYPT_SRC -ENABLE_DNSCRYPT -ENABLE_DNSCRYPT_XCHACHA20 -DNSTAP_OBJ -DNSTAP_SRC -DNSTAP_SOCKET_TESTBIN -DNSTAP_SOCKET_PATH -opt_dnstap_socket_path -ENABLE_DNSTAP -PROTOBUFC_LIBS -PROTOBUFC_CFLAGS -PROTOC_C -UBSYMS -EXTRALINK -COMMON_OBJ_ALL_SYMBOLS -LIBOBJ_WITHOUT_CTIME -LIBOBJ_WITHOUT_CTIMEARC4 -WIN_CHECKCONF_OBJ_LINK -WIN_CONTROL_OBJ_LINK -WIN_UBANCHOR_OBJ_LINK -WIN_HOST_OBJ_LINK -WIN_DAEMON_OBJ_LINK -WIN_DAEMON_OBJ -WIN_DAEMON_SRC -WINAPPS -WINDRES -CHECKLOCK_OBJ -staticexe -PC_LIBEVENT_DEPENDENCY -UNBOUND_EVENT_UNINSTALL -UNBOUND_EVENT_INSTALL -SUBNET_HEADER -SUBNET_OBJ -PC_LIBBSD_DEPENDENCY -SSLLIB -HAVE_SSL -PC_CRYPTO_DEPENDENCY -CONFIG_DATE -GCC_DOCKER_LINTFLAGS -NETBSD_LINTFLAGS -PYUNBOUND_UNINSTALL -PYUNBOUND_INSTALL -PYUNBOUND_TARGET -PYUNBOUND_OBJ -WITH_PYUNBOUND -PYTHONMOD_UNINSTALL -PYTHONMOD_INSTALL -PYTHONMOD_HEADER -PYTHONMOD_OBJ -WITH_PYTHONMODULE -swig -SWIG_LIB -SWIG -PC_PY_DEPENDENCY -PYTHON_LIBS -PY_MAJOR_VERSION -PYTHON_SITE_PKG -PYTHON_LDFLAGS -PYTHON_CPPFLAGS -PYTHON -PYTHON_VERSION -DYNLIBMOD_EXTRALIBS -DYNLIBMOD_HEADER -DYNLIBMOD_OBJ -WITH_DYNLIBMODULE -PTHREAD_CFLAGS_ONLY -PTHREAD_CFLAGS -PTHREAD_LIBS -PTHREAD_CXX -PTHREAD_CC -ax_pthread_config -ASYNCLOOK_ALLOCCHECK_EXTRA_OBJ -SLDNS_ALLOCCHECK_EXTRA_OBJ -USE_SYSTEMD_FALSE -USE_SYSTEMD_TRUE -SYSTEMD_DAEMON_LIBS -SYSTEMD_DAEMON_CFLAGS -SYSTEMD_LIBS -SYSTEMD_CFLAGS -RUNTIME_PATH -LIBOBJS -CPP -PKG_CONFIG_LIBDIR -PKG_CONFIG_PATH -PKG_CONFIG -LT_SYS_LIBRARY_PATH -OTOOL64 -OTOOL -LIPO -NMEDIT -DSYMUTIL -MANIFEST_TOOL -AWK -RANLIB -ac_ct_AR -DLLTOOL -OBJDUMP -LN_S -NM -ac_ct_DUMPBIN -DUMPBIN -LD -FGREP -EGREP -SED -LIBTOOL -AR -host_os -host_vendor -host_cpu -host -build_os -build_vendor -build_cpu -build -libtool -STRIP -doxygen -YFLAGS -YACC -LEXLIB -LEX_OUTPUT_ROOT -LEX -debug_enabled -DEPFLAG -GREP -UNBOUND_USERNAME -UNBOUND_ROOTCERT_FILE -UNBOUND_ROOTKEY_FILE -UNBOUND_PIDFILE -UNBOUND_SHARE_DIR -UNBOUND_CHROOT_DIR -UNBOUND_RUN_DIR -ub_conf_dir -ub_conf_file -UNBOUND_LOCALSTATE_DIR -UNBOUND_SYSCONF_DIR -UNBOUND_SBIN_DIR -OBJEXT -EXEEXT -ac_ct_CC -CPPFLAGS -LDFLAGS -CFLAGS -CC -LIBUNBOUND_AGE -LIBUNBOUND_REVISION -LIBUNBOUND_CURRENT -UNBOUND_VERSION_MICRO -UNBOUND_VERSION_MINOR -UNBOUND_VERSION_MAJOR -target_alias -host_alias -build_alias -LIBS -ECHO_T -ECHO_N -ECHO_C -DEFS -mandir -localedir -libdir -psdir -pdfdir -dvidir -htmldir -infodir -docdir -oldincludedir -includedir -runstatedir -localstatedir -sharedstatedir -sysconfdir -datadir -datarootdir -libexecdir -sbindir -bindir -program_transform_name -prefix -exec_prefix -PACKAGE_URL -PACKAGE_BUGREPORT -PACKAGE_STRING -PACKAGE_VERSION -PACKAGE_TARNAME -PACKAGE_NAME -PATH_SEPARATOR -SHELL' -ac_subst_files='' -ac_user_opts=' -enable_option_checking -with_conf_file -with_run_dir -with_chroot_dir -with_share_dir -with_pidfile -with_rootkey_file -with_rootcert_file -with_username -enable_checking -enable_debug -enable_flto -enable_pie -enable_relro_now -enable_shared -enable_static -with_pic -enable_fast_install -with_aix_soname -with_gnu_ld -with_sysroot -enable_libtool_lock -enable_rpath -enable_largefile -enable_systemd -enable_alloc_checks -enable_alloc_lite -enable_alloc_nonregional -with_pthreads -with_solaris_threads -with_syslog_facility -with_dynlibmodule -with_pyunbound -with_pythonmodule -enable_swig_version_check -with_nss -with_nettle -with_ssl -with_libbsd -enable_sha1 -enable_sha2 -enable_subnet -enable_gost -enable_ecdsa -enable_dsa -with_deprecate_rsa_1024 -enable_ed25519 -enable_ed448 -enable_event_api -enable_tfo_client -enable_tfo_server -with_libevent -with_libexpat -with_libhiredis -with_libnghttp2 -enable_static_exe -enable_fully_static -enable_lock_checks -enable_allsymbols -enable_dnstap -with_dnstap_socket_path -with_protobuf_c -enable_dnscrypt -with_libsodium -enable_cachedb -enable_ipsecmod -enable_ipset -with_libmnl -enable_explicit_port_randomisation -enable_linux_ip_local_port_range -with_libunbound_only -' - ac_precious_vars='build_alias -host_alias -target_alias -CC -CFLAGS -LDFLAGS -LIBS -CPPFLAGS -YACC -YFLAGS -LT_SYS_LIBRARY_PATH -PKG_CONFIG -PKG_CONFIG_PATH -PKG_CONFIG_LIBDIR -CPP -SYSTEMD_CFLAGS -SYSTEMD_LIBS -SYSTEMD_DAEMON_CFLAGS *** 25658 LINES SKIPPED *** From nobody Fri Aug 23 19:30:12 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wr9Bs1f9fz5TnY1; Fri, 23 Aug 2024 19:30:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wr9Bs15Nbz4R3p; Fri, 23 Aug 2024 19:30:13 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724441413; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7E9zFf62wGVwhI5YchBKaKsx2tjteQh1HpepnL7NcaM=; b=EvyIQ4wHvNWLGJMXkjupFy0Qab2l6E7O7aVT3CMYvsbBCsEUaFJWQZpG3PEUfS6Oa90uOa N4+EAz7esLJj1f23FNagD0P+WSBRhQ5FEBNUmXwIZiW3rLgn08CmPqKHLM1OKIqfBHeDI2 N9/ZJaxVHTZq0A4Aygp6f7FsGd3iz0AA898qQ5+UH/une3ApQBGcPH8RaGak15Heq4rBP7 3Kcon8nv+vldRxPoruo1QzvjlyqA12tvHNGzBIXH+5N8eeaf9Y2VC9g0C2XM9ofx5mVZOC t3nlOLykNbzqn2JSQ0HtV4o9ukJ6LJV2cBt5qHgLUCZS5xtyrRuv5bGtiGbzIg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724441413; a=rsa-sha256; cv=none; b=HosMNU1FkDwPQmSofvxQBhgQWO5zl6g+8XGYIyPVunkW6XXi8QkPatwJgWyIBjMmFud32X JzhnxzNxciIaR9OJWolVqDHpPnRaWvFrrxHpDoiSGomB+n8KKANtmEiQTwxCNga+3x68xH /fnazNpshSwVyhiNaXLJmfe7Uq+xmC08eY5RruwxaWcAbUoO01rtuF9lu+ubgD3DdxmxsF Y8bsCxMEdTHj3j2K7D3hSnTnKbDK9qqHqzxx42SVsnASWsKvu/Z3et+s0oCwOwdsf3M21E RzJbumECoUUhGu2fxMUq+F9TIC3/nWV+NxKKsBiE6YhiDR4UKF6RfzCm+DAk8g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724441413; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7E9zFf62wGVwhI5YchBKaKsx2tjteQh1HpepnL7NcaM=; b=q1B6H9GxZCvXPOBTXNjDqrFOXBoBIrLzIj0p97cjJOEwJIvDGiZ/nXq7Dg/ZG+grgS0J3U qxwiU7sNWCp9YzwkFtgmq3V3fyNa6PU87caV3+qHcgIzOeBAq/4reT3/YlI14ZZ8LCDmJ6 LfcB6KXOA5MkOQIKNOVeRVud1K7mPA0DzbH/7GFoxbI3PwBhbN96RH0/vWElepMGU/3BBa 5OfDhqaYxJrccvIprWrJX50/0VqS9K5QkiioMuRsKIo3y3rGPjf3ZLDpy25J9gJ4+fthg7 LpnmAa0k5gOZrgqiQ+Pv863Mlal7ftjSyA7Onx/2ijJzt+9VekCmfApHlBPZ6g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wr9Bs0hs6zNr5; Fri, 23 Aug 2024 19:30:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47NJUDQH061825; Fri, 23 Aug 2024 19:30:13 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47NJUCCL061605; Fri, 23 Aug 2024 19:30:12 GMT (envelope-from git) Date: Fri, 23 Aug 2024 19:30:12 GMT Message-Id: <202408231930.47NJUCCL061605@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Cy Schubert Subject: git: 78c66b88cc91 - stable/14 - unbound: Vendor import 1.21.0 List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 78c66b88cc919d7ccb84b1fc3a66768fb32d1812 Auto-Submitted: auto-generated The branch stable/14 has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=78c66b88cc919d7ccb84b1fc3a66768fb32d1812 commit 78c66b88cc919d7ccb84b1fc3a66768fb32d1812 Author: Cy Schubert AuthorDate: 2024-08-16 16:45:39 +0000 Commit: Cy Schubert CommitDate: 2024-08-23 19:29:42 +0000 unbound: Vendor import 1.21.0 Release notes at https://nlnetlabs.nl/news/2024/Aug/15/unbound-1.21.0-released/ Merge commit '96ef46e5cff01648c80c09c4364d10bc6f58119d' (cherry picked from commit 5685098846d7f11ad642d9804d94dc7429a7b212) --- contrib/unbound/Makefile.in | 5 +- contrib/unbound/acx_python.m4 | 2 +- contrib/unbound/cachedb/cachedb.c | 55 +- contrib/unbound/cachedb/cachedb.h | 8 + contrib/unbound/config.guess | 11 +- contrib/unbound/config.h.in | 15 + contrib/unbound/config.sub | 729 ++- contrib/unbound/configure | 290 +- contrib/unbound/configure.ac | 96 +- contrib/unbound/contrib/unbound.service.in | 4 +- .../unbound/contrib/unbound_portable.service.in | 4 +- contrib/unbound/daemon/daemon.c | 43 +- contrib/unbound/daemon/daemon.h | 14 + contrib/unbound/daemon/remote.c | 540 +- contrib/unbound/daemon/stats.c | 9 +- contrib/unbound/daemon/unbound.c | 6 +- contrib/unbound/daemon/worker.c | 11 +- contrib/unbound/dns64/dns64.c | 5 +- contrib/unbound/dnstap/dnstap.c | 45 + contrib/unbound/dnstap/dnstap.h | 8 + contrib/unbound/dnstap/dnstap.m4 | 59 +- contrib/unbound/dnstap/dtstream.c | 53 +- contrib/unbound/dnstap/unbound-dnstap-socket.c | 285 +- contrib/unbound/doc/Changelog | 267 +- contrib/unbound/doc/README | 2 +- contrib/unbound/doc/example.conf.in | 14 +- contrib/unbound/doc/libunbound.3.in | 4 +- contrib/unbound/doc/unbound-anchor.8.in | 2 +- contrib/unbound/doc/unbound-checkconf.8.in | 2 +- contrib/unbound/doc/unbound-control.8.in | 66 +- contrib/unbound/doc/unbound-host.1.in | 2 +- contrib/unbound/doc/unbound.8.in | 4 +- contrib/unbound/doc/unbound.conf.5.in | 59 +- contrib/unbound/dynlibmod/dynlibmod.c | 4 +- contrib/unbound/edns-subnet/subnetmod.c | 3 +- contrib/unbound/ipsecmod/ipsecmod.c | 2 +- contrib/unbound/ipset/ipset.c | 209 +- contrib/unbound/ipset/ipset.h | 6 +- contrib/unbound/iterator/iter_scrub.c | 82 + contrib/unbound/iterator/iter_utils.c | 3 +- contrib/unbound/iterator/iterator.c | 124 +- contrib/unbound/iterator/iterator.h | 6 + contrib/unbound/libunbound/context.c | 4 +- contrib/unbound/libunbound/libunbound.c | 19 +- contrib/unbound/libunbound/libworker.c | 1 + contrib/unbound/respip/respip.c | 4 +- contrib/unbound/services/authzone.c | 48 +- contrib/unbound/services/cache/dns.c | 33 +- contrib/unbound/services/cache/infra.c | 27 +- contrib/unbound/services/cache/infra.h | 2 +- contrib/unbound/services/listen_dnsport.c | 2 +- contrib/unbound/services/localzone.c | 71 +- contrib/unbound/services/localzone.h | 19 + contrib/unbound/services/mesh.c | 41 +- contrib/unbound/services/modstack.c | 78 +- contrib/unbound/services/modstack.h | 38 +- contrib/unbound/services/outside_network.c | 20 +- contrib/unbound/services/rpz.c | 41 +- contrib/unbound/sldns/parse.h | 6 +- contrib/unbound/sldns/parseutil.c | 9 + contrib/unbound/sldns/rrdef.h | 5 + contrib/unbound/sldns/wire2str.c | 6 + contrib/unbound/smallapp/unbound-anchor.c | 10 +- contrib/unbound/smallapp/unbound-checkconf.c | 9 +- .../unbound/smallapp/unbound-control-setup.sh.in | 4 + contrib/unbound/smallapp/unbound-control.c | 29 +- contrib/unbound/systemd.m4 | 14 +- .../09-unbound-control.tdir/view_local_data | 4 + .../09-unbound-control.tdir/view_local_data_remove | 4 + .../testdata/acl_interface.tdir/rpz-nx.zone | 3 + .../testdata/acl_interface.tdir/rpz-one.zone | 3 + .../testdata/acl_interface.tdir/rpz-two.zone | 3 + contrib/unbound/testdata/cachedb_val_expired.crpl | 327 + .../testdata/cookie_file.tdir/cookie_file.conf | 19 + .../testdata/cookie_file.tdir/cookie_file.dsc | 16 + .../testdata/cookie_file.tdir/cookie_file.pre | 24 + .../testdata/cookie_file.tdir/cookie_file.test | 248 + contrib/unbound/testdata/fwd_name_lookup.rpl | 152 + contrib/unbound/testdata/rpz_cname_tag.rpl | 281 + contrib/unbound/testdata/val_dname_twice.rpl | 226 + contrib/unbound/testdata/val_failure_dnskey.rpl | 348 ++ contrib/unbound/util/alloc.c | 21 + contrib/unbound/util/config_file.c | 82 +- contrib/unbound/util/config_file.h | 4 + contrib/unbound/util/configlexer.c | 6453 ++++++++++---------- contrib/unbound/util/configlexer.lex | 2 + contrib/unbound/util/configparser.c | 4701 +++++++------- contrib/unbound/util/configparser.h | 666 +- contrib/unbound/util/configparser.y | 133 +- contrib/unbound/util/data/dname.h | 2 +- contrib/unbound/util/data/msgparse.c | 50 +- contrib/unbound/util/data/msgparse.h | 5 +- contrib/unbound/util/edns.c | 186 + contrib/unbound/util/edns.h | 85 + contrib/unbound/util/fptr_wlist.c | 26 +- contrib/unbound/util/fptr_wlist.h | 16 + contrib/unbound/util/module.h | 30 +- contrib/unbound/util/net_help.c | 56 +- contrib/unbound/util/net_help.h | 17 + contrib/unbound/util/netevent.c | 21 +- contrib/unbound/util/netevent.h | 3 + contrib/unbound/util/proxy_protocol.c | 1 + contrib/unbound/util/siphash.c | 6 + contrib/unbound/util/storage/lookup3.c | 227 +- contrib/unbound/validator/autotrust.c | 3 +- contrib/unbound/validator/val_nsec.c | 12 +- contrib/unbound/validator/val_nsec.h | 4 +- contrib/unbound/validator/val_nsec3.c | 9 +- contrib/unbound/validator/val_nsec3.h | 4 +- contrib/unbound/validator/val_secalgo.c | 8 +- contrib/unbound/validator/val_sigcrypt.c | 19 +- contrib/unbound/validator/val_sigcrypt.h | 12 +- contrib/unbound/validator/val_utils.c | 82 +- contrib/unbound/validator/val_utils.h | 26 +- contrib/unbound/validator/validator.c | 129 +- lib/libunbound/config.h | 15 +- 116 files changed, 11672 insertions(+), 6800 deletions(-) diff --git a/contrib/unbound/Makefile.in b/contrib/unbound/Makefile.in index f30ca81a84f8..672435e01e9f 100644 --- a/contrib/unbound/Makefile.in +++ b/contrib/unbound/Makefile.in @@ -439,7 +439,8 @@ unbound-control-setup: smallapp/unbound-control-setup.sh dnstap.lo dnstap.o: $(srcdir)/dnstap/dnstap.c config.h dnstap/dnstap_config.h \ dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h $(srcdir)/dnstap/dnstap.h \ $(srcdir)/util/config_file.h $(srcdir)/util/log.h \ - $(srcdir)/util/netevent.h $(srcdir)/util/net_help.h + $(srcdir)/util/netevent.h $(srcdir)/util/net_help.h \ + $(srcdir)/util/locks.h dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h: $(srcdir)/dnstap/dnstap.proto @-if test ! -d dnstap; then $(INSTALL) -d dnstap; fi @@ -1297,7 +1298,7 @@ remote.lo remote.o: $(srcdir)/daemon/remote.c config.h $(srcdir)/daemon/remote.h $(srcdir)/validator/val_anchor.h $(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h \ $(srcdir)/iterator/iter_fwd.h $(srcdir)/iterator/iter_hints.h $(srcdir)/iterator/iter_delegpt.h \ $(srcdir)/services/outside_network.h $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/parseutil.h \ - $(srcdir)/sldns/wire2str.h + $(srcdir)/sldns/wire2str.h $(srcdir)/util/edns.h stats.lo stats.o: $(srcdir)/daemon/stats.c config.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h \ $(srcdir)/libunbound/unbound.h $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/sldns/sbuffer.h \ $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ diff --git a/contrib/unbound/acx_python.m4 b/contrib/unbound/acx_python.m4 index c945d6c8989e..4ed298cf9ebd 100644 --- a/contrib/unbound/acx_python.m4 +++ b/contrib/unbound/acx_python.m4 @@ -9,7 +9,7 @@ AC_DEFUN([AC_PYTHON_DEVEL],[ AC_PATH_PROG([PYTHON],[python[$PYTHON_VERSION]]) if test -z "$PYTHON"; then - AC_MSG_ERROR([Cannot find python$PYTHON_VERSION in your system path]) + AC_MSG_ERROR([Cannot find 'python$PYTHON_VERSION' in your system path. You can use the environment variable 'PYTHON_VERSION=version_number' for an explicit version.]) PYTHON_VERSION="" fi diff --git a/contrib/unbound/cachedb/cachedb.c b/contrib/unbound/cachedb/cachedb.c index 95ac28904693..7a07b9976967 100644 --- a/contrib/unbound/cachedb/cachedb.c +++ b/contrib/unbound/cachedb/cachedb.c @@ -322,30 +322,30 @@ error_response(struct module_qstate* qstate, int id, int rcode) /** * Hash the query name, type, class and dbacess-secret into lookup buffer. - * @param qstate: query state with query info - * and env->cfg with secret. + * @param qinfo: query info + * @param env: with env->cfg with secret. * @param buf: returned buffer with hash to lookup * @param len: length of the buffer. */ static void -calc_hash(struct module_qstate* qstate, char* buf, size_t len) +calc_hash(struct query_info* qinfo, struct module_env* env, char* buf, + size_t len) { uint8_t clear[1024]; size_t clen = 0; uint8_t hash[CACHEDB_HASHSIZE/8]; const char* hex = "0123456789ABCDEF"; - const char* secret = qstate->env->cfg->cachedb_secret; + const char* secret = env->cfg->cachedb_secret; size_t i; /* copy the hash info into the clear buffer */ - if(clen + qstate->qinfo.qname_len < sizeof(clear)) { - memmove(clear+clen, qstate->qinfo.qname, - qstate->qinfo.qname_len); - clen += qstate->qinfo.qname_len; + if(clen + qinfo->qname_len < sizeof(clear)) { + memmove(clear+clen, qinfo->qname, qinfo->qname_len); + clen += qinfo->qname_len; } if(clen + 4 < sizeof(clear)) { - uint16_t t = htons(qstate->qinfo.qtype); - uint16_t c = htons(qstate->qinfo.qclass); + uint16_t t = htons(qinfo->qtype); + uint16_t c = htons(qinfo->qclass); memmove(clear+clen, &t, 2); memmove(clear+clen+2, &c, 2); clen += 4; @@ -645,7 +645,7 @@ cachedb_extcache_lookup(struct module_qstate* qstate, struct cachedb_env* ie, int* msg_expired) { char key[(CACHEDB_HASHSIZE/8)*2+1]; - calc_hash(qstate, key, sizeof(key)); + calc_hash(&qstate->qinfo, qstate->env, key, sizeof(key)); /* call backend to fetch data for key into scratch buffer */ if( !(*ie->backend->lookup)(qstate->env, ie, key, @@ -672,7 +672,7 @@ static void cachedb_extcache_store(struct module_qstate* qstate, struct cachedb_env* ie) { char key[(CACHEDB_HASHSIZE/8)*2+1]; - calc_hash(qstate, key, sizeof(key)); + calc_hash(&qstate->qinfo, qstate->env, key, sizeof(key)); /* prepare data in scratch buffer */ if(!prep_data(qstate, qstate->env->scratch_buffer)) @@ -745,6 +745,10 @@ cachedb_intcache_store(struct module_qstate* qstate, int msg_expired) * going to be now-3 seconds. Making it expired * in the cache. */ set_msg_ttl(qstate->return_msg, (time_t)-3); + /* The expired entry does not get checked by the validator + * and we need a validation value for it. */ + if(qstate->env->cfg->cachedb_check_when_serve_expired) + qstate->return_msg->rep->security = sec_status_insecure; } (void)dns_cache_store(qstate->env, &qstate->qinfo, qstate->return_msg->rep, 0, qstate->prefetch_leeway, 0, @@ -979,7 +983,7 @@ cachedb_get_mem(struct module_env* env, int id) */ static struct module_func_block cachedb_block = { "cachedb", - &cachedb_init, &cachedb_deinit, &cachedb_operate, + NULL, NULL, &cachedb_init, &cachedb_deinit, &cachedb_operate, &cachedb_inform_super, &cachedb_clear, &cachedb_get_mem }; @@ -1003,21 +1007,26 @@ cachedb_is_enabled(struct module_stack* mods, struct module_env* env) } void cachedb_msg_remove(struct module_qstate* qstate) +{ + cachedb_msg_remove_qinfo(qstate->env, &qstate->qinfo); +} + +void cachedb_msg_remove_qinfo(struct module_env* env, struct query_info* qinfo) { char key[(CACHEDB_HASHSIZE/8)*2+1]; - int id = modstack_find(qstate->env->modstack, "cachedb"); - struct cachedb_env* ie = (struct cachedb_env*)qstate->env->modinfo[id]; + int id = modstack_find(env->modstack, "cachedb"); + struct cachedb_env* ie = (struct cachedb_env*)env->modinfo[id]; - log_query_info(VERB_ALGO, "cachedb msg remove", &qstate->qinfo); - calc_hash(qstate, key, sizeof(key)); - sldns_buffer_clear(qstate->env->scratch_buffer); - sldns_buffer_write_u32(qstate->env->scratch_buffer, 0); - sldns_buffer_flip(qstate->env->scratch_buffer); + log_query_info(VERB_ALGO, "cachedb msg remove", qinfo); + calc_hash(qinfo, env, key, sizeof(key)); + sldns_buffer_clear(env->scratch_buffer); + sldns_buffer_write_u32(env->scratch_buffer, 0); + sldns_buffer_flip(env->scratch_buffer); /* call backend */ - (*ie->backend->store)(qstate->env, ie, key, - sldns_buffer_begin(qstate->env->scratch_buffer), - sldns_buffer_limit(qstate->env->scratch_buffer), + (*ie->backend->store)(env, ie, key, + sldns_buffer_begin(env->scratch_buffer), + sldns_buffer_limit(env->scratch_buffer), 0); } #endif /* USE_CACHEDB */ diff --git a/contrib/unbound/cachedb/cachedb.h b/contrib/unbound/cachedb/cachedb.h index 2da8b5c71feb..482c5db6c063 100644 --- a/contrib/unbound/cachedb/cachedb.h +++ b/contrib/unbound/cachedb/cachedb.h @@ -126,3 +126,11 @@ int cachedb_is_enabled(struct module_stack* mods, struct module_env* env); * @param qstate: query state. */ void cachedb_msg_remove(struct module_qstate* qstate); + +/** + * Remove message from the cachedb cache, by query info. + * @param env: module environment to look up cachedb state. + * @param qinfo: the message to remove. + */ +void cachedb_msg_remove_qinfo(struct module_env* env, + struct query_info* qinfo); diff --git a/contrib/unbound/config.guess b/contrib/unbound/config.guess index f6d217a49f8f..48a684601bd2 100755 --- a/contrib/unbound/config.guess +++ b/contrib/unbound/config.guess @@ -4,7 +4,7 @@ # shellcheck disable=SC2006,SC2268 # see below for rationale -timestamp='2024-01-01' +timestamp='2024-07-27' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -123,7 +123,7 @@ set_cc_for_build() { dummy=$tmp/dummy case ${CC_FOR_BUILD-},${HOST_CC-},${CC-} in ,,) echo "int x;" > "$dummy.c" - for driver in cc gcc c89 c99 ; do + for driver in cc gcc c17 c99 c89 ; do if ($driver -c -o "$dummy.o" "$dummy.c") >/dev/null 2>&1 ; then CC_FOR_BUILD=$driver break @@ -634,7 +634,8 @@ EOF sed 's/^ //' << EOF > "$dummy.c" #include - main() + int + main () { if (!__power_pc()) exit(1); @@ -718,7 +719,8 @@ EOF #include #include - int main () + int + main () { #if defined(_SC_KERNEL_BITS) long bits = sysconf(_SC_KERNEL_BITS); @@ -1621,6 +1623,7 @@ cat > "$dummy.c" < header file. */ #undef HAVE_ARPA_INET_H +/* Whether the C compiler accepts the "fallthrough" attribute */ +#undef HAVE_ATTR_FALLTHROUGH + /* Whether the C compiler accepts the "format" attribute */ #undef HAVE_ATTR_FORMAT @@ -406,6 +412,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_NET_IF_H +/* Define to 1 if you have the header file. */ +#undef HAVE_NET_PFVAR_H + /* Define this to use nghttp2 client. */ #undef HAVE_NGHTTP2 @@ -566,6 +575,9 @@ function. */ #undef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB +/* Define to 1 if you have the `SSL_CTX_set_tmp_ecdh' function. */ +#undef HAVE_SSL_CTX_SET_TMP_ECDH + /* Define to 1 if you have the `SSL_get0_alpn_selected' function. */ #undef HAVE_SSL_GET0_ALPN_SELECTED @@ -1484,6 +1496,7 @@ struct sockaddr_storage; # define calloc(n,s) unbound_stat_calloc_log(n, s, __FILE__, __LINE__, __func__) # define free(p) unbound_stat_free_log(p, __FILE__, __LINE__, __func__) # define realloc(p,s) unbound_stat_realloc_log(p, s, __FILE__, __LINE__, __func__) +# define strdup(s) unbound_stat_strdup_log(s, __FILE__, __LINE__, __func__) void *unbound_stat_malloc(size_t size); void *unbound_stat_calloc(size_t nmemb, size_t size); void unbound_stat_free(void *ptr); @@ -1496,6 +1509,8 @@ void unbound_stat_free_log(void *ptr, const char* file, int line, const char* func); void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file, int line, const char* func); +char *unbound_stat_strdup_log(const char *s, const char* file, int line, + const char* func); #elif defined(UNBOUND_ALLOC_LITE) # include "util/alloc.h" #endif /* UNBOUND_ALLOC_LITE and UNBOUND_ALLOC_STATS */ diff --git a/contrib/unbound/config.sub b/contrib/unbound/config.sub index 2c6a07ab3c34..4aaae46f6f74 100755 --- a/contrib/unbound/config.sub +++ b/contrib/unbound/config.sub @@ -2,9 +2,9 @@ # Configuration validation subroutine script. # Copyright 1992-2024 Free Software Foundation, Inc. -# shellcheck disable=SC2006,SC2268 # see below for rationale +# shellcheck disable=SC2006,SC2268,SC2162 # see below for rationale -timestamp='2024-01-01' +timestamp='2024-05-27' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -120,7 +120,6 @@ case $# in esac # Split fields of configuration type -# shellcheck disable=SC2162 saved_IFS=$IFS IFS="-" read field1 field2 field3 field4 < To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Cy Schubert Subject: git: 14b5a068c5e7 - stable/13 - unbound: Remove backup file List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 14b5a068c5e775b9db65e45b701c1e4d3d73ef7b Auto-Submitted: auto-generated The branch stable/13 has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=14b5a068c5e775b9db65e45b701c1e4d3d73ef7b commit 14b5a068c5e775b9db65e45b701c1e4d3d73ef7b Author: Cy Schubert AuthorDate: 2024-07-15 15:15:27 +0000 Commit: Cy Schubert CommitDate: 2024-08-23 19:30:49 +0000 unbound: Remove backup file Upstream unbound includes a backup configure file which is distributed in the upstream tarball. It must be created by their release process and not deleted prior to packaging the tarball. I've received two emails so far asking about it. Let's remove it so nobody else asks about it. (cherry picked from commit 51c8a9c1be57b6750e7c64e1379e8c33bd0f02c1) --- contrib/unbound/configure~ | 26616 ------------------------------------------- 1 file changed, 26616 deletions(-) diff --git a/contrib/unbound/configure~ b/contrib/unbound/configure~ deleted file mode 100755 index d4a394eb9540..000000000000 --- a/contrib/unbound/configure~ +++ /dev/null @@ -1,26616 +0,0 @@ -#! /bin/sh -# Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.71 for unbound 1.20.0. -# -# Report bugs to . -# -# -# Copyright (C) 1992-1996, 1998-2017, 2020-2021 Free Software Foundation, -# Inc. -# -# -# This configure script is free software; the Free Software Foundation -# gives unlimited permission to copy, distribute and modify it. -## -------------------- ## -## M4sh Initialization. ## -## -------------------- ## - -# Be more Bourne compatible -DUALCASE=1; export DUALCASE # for MKS sh -as_nop=: -if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 -then : - emulate sh - NULLCMD=: - # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else $as_nop - case `(set -o) 2>/dev/null` in #( - *posix*) : - set -o posix ;; #( - *) : - ;; -esac -fi - - - -# Reset variables that may have inherited troublesome values from -# the environment. - -# IFS needs to be set, to space, tab, and newline, in precisely that order. -# (If _AS_PATH_WALK were called with IFS unset, it would have the -# side effect of setting IFS to empty, thus disabling word splitting.) -# Quoting is to prevent editors from complaining about space-tab. -as_nl=' -' -export as_nl -IFS=" "" $as_nl" - -PS1='$ ' -PS2='> ' -PS4='+ ' - -# Ensure predictable behavior from utilities with locale-dependent output. -LC_ALL=C -export LC_ALL -LANGUAGE=C -export LANGUAGE - -# We cannot yet rely on "unset" to work, but we need these variables -# to be unset--not just set to an empty or harmless value--now, to -# avoid bugs in old shells (e.g. pre-3.0 UWIN ksh). This construct -# also avoids known problems related to "unset" and subshell syntax -# in other old shells (e.g. bash 2.01 and pdksh 5.2.14). -for as_var in BASH_ENV ENV MAIL MAILPATH CDPATH -do eval test \${$as_var+y} \ - && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : -done - -# Ensure that fds 0, 1, and 2 are open. -if (exec 3>&0) 2>/dev/null; then :; else exec 0&1) 2>/dev/null; then :; else exec 1>/dev/null; fi -if (exec 3>&2) ; then :; else exec 2>/dev/null; fi - -# The user is always right. -if ${PATH_SEPARATOR+false} :; then - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { - (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || - PATH_SEPARATOR=';' - } -fi - - -# Find who we are. Look in the path if we contain no directory separator. -as_myself= -case $0 in #(( - *[\\/]* ) as_myself=$0 ;; - *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - case $as_dir in #((( - '') as_dir=./ ;; - */) ;; - *) as_dir=$as_dir/ ;; - esac - test -r "$as_dir$0" && as_myself=$as_dir$0 && break - done -IFS=$as_save_IFS - - ;; -esac -# We did not find ourselves, most probably we were run as `sh COMMAND' -# in which case we are not to be found in the path. -if test "x$as_myself" = x; then - as_myself=$0 -fi -if test ! -f "$as_myself"; then - printf "%s\n" "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - exit 1 -fi - - -# Use a proper internal environment variable to ensure we don't fall - # into an infinite loop, continuously re-executing ourselves. - if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then - _as_can_reexec=no; export _as_can_reexec; - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 -exit 255 - fi - # We don't want this to propagate to other subprocesses. - { _as_can_reexec=; unset _as_can_reexec;} -if test "x$CONFIG_SHELL" = x; then - as_bourne_compatible="as_nop=: -if test \${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 -then : - emulate sh - NULLCMD=: - # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which - # is contrary to our usage. Disable this feature. - alias -g '\${1+\"\$@\"}'='\"\$@\"' - setopt NO_GLOB_SUBST -else \$as_nop - case \`(set -o) 2>/dev/null\` in #( - *posix*) : - set -o posix ;; #( - *) : - ;; -esac -fi -" - as_required="as_fn_return () { (exit \$1); } -as_fn_success () { as_fn_return 0; } -as_fn_failure () { as_fn_return 1; } -as_fn_ret_success () { return 0; } -as_fn_ret_failure () { return 1; } - -exitcode=0 -as_fn_success || { exitcode=1; echo as_fn_success failed.; } -as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } -as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } -as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } -if ( set x; as_fn_ret_success y && test x = \"\$1\" ) -then : - -else \$as_nop - exitcode=1; echo positional parameters were not saved. -fi -test x\$exitcode = x0 || exit 1 -blah=\$(echo \$(echo blah)) -test x\"\$blah\" = xblah || exit 1 -test -x / || exit 1" - as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO - as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO - eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && - test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 -test \$(( 1 + 1 )) = 2 || exit 1 - - test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || ( - ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' - ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO - ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO - PATH=/empty FPATH=/empty; export PATH FPATH - test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\ - || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1" - if (eval "$as_required") 2>/dev/null -then : - as_have_required=yes -else $as_nop - as_have_required=no -fi - if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null -then : - -else $as_nop - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -as_found=false -for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH -do - IFS=$as_save_IFS - case $as_dir in #((( - '') as_dir=./ ;; - */) ;; - *) as_dir=$as_dir/ ;; - esac - as_found=: - case $as_dir in #( - /*) - for as_base in sh bash ksh sh5; do - # Try only shells that exist, to save several forks. - as_shell=$as_dir$as_base - if { test -f "$as_shell" || test -f "$as_shell.exe"; } && - as_run=a "$as_shell" -c "$as_bourne_compatible""$as_required" 2>/dev/null -then : - CONFIG_SHELL=$as_shell as_have_required=yes - if as_run=a "$as_shell" -c "$as_bourne_compatible""$as_suggested" 2>/dev/null -then : - break 2 -fi -fi - done;; - esac - as_found=false -done -IFS=$as_save_IFS -if $as_found -then : - -else $as_nop - if { test -f "$SHELL" || test -f "$SHELL.exe"; } && - as_run=a "$SHELL" -c "$as_bourne_compatible""$as_required" 2>/dev/null -then : - CONFIG_SHELL=$SHELL as_have_required=yes -fi -fi - - - if test "x$CONFIG_SHELL" != x -then : - export CONFIG_SHELL - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 -exit 255 -fi - - if test x$as_have_required = xno -then : - printf "%s\n" "$0: This script requires a shell more modern than all" - printf "%s\n" "$0: the shells that I found on your system." - if test ${ZSH_VERSION+y} ; then - printf "%s\n" "$0: In particular, zsh $ZSH_VERSION has bugs and should" - printf "%s\n" "$0: be upgraded to zsh 4.3.4 or later." - else - printf "%s\n" "$0: Please tell bug-autoconf@gnu.org and -$0: unbound-bugs@nlnetlabs.nl or -$0: https://github.com/NLnetLabs/unbound/issues about your -$0: system, including any error possibly output before this -$0: message. Then install a modern shell, or manually run -$0: the script under such a shell if you do have one." - fi - exit 1 -fi -fi -fi -SHELL=${CONFIG_SHELL-/bin/sh} -export SHELL -# Unset more variables known to interfere with behavior of common tools. -CLICOLOR_FORCE= GREP_OPTIONS= -unset CLICOLOR_FORCE GREP_OPTIONS - -## --------------------- ## -## M4sh Shell Functions. ## -## --------------------- ## -# as_fn_unset VAR -# --------------- -# Portably unset VAR. -as_fn_unset () -{ - { eval $1=; unset $1;} -} -as_unset=as_fn_unset - - -# as_fn_set_status STATUS -# ----------------------- -# Set $? to STATUS, without forking. -as_fn_set_status () -{ - return $1 -} # as_fn_set_status - -# as_fn_exit STATUS -# ----------------- -# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. -as_fn_exit () -{ - set +e - as_fn_set_status $1 - exit $1 -} # as_fn_exit -# as_fn_nop -# --------- -# Do nothing but, unlike ":", preserve the value of $?. -as_fn_nop () -{ - return $? -} -as_nop=as_fn_nop - -# as_fn_mkdir_p -# ------------- -# Create "$as_dir" as a directory, including parents if necessary. -as_fn_mkdir_p () -{ - - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || eval $as_mkdir_p || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`printf "%s\n" "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -printf "%s\n" X"$as_dir" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" - - -} # as_fn_mkdir_p - -# as_fn_executable_p FILE -# ----------------------- -# Test if FILE is an executable regular file. -as_fn_executable_p () -{ - test -f "$1" && test -x "$1" -} # as_fn_executable_p -# as_fn_append VAR VALUE -# ---------------------- -# Append the text in VALUE to the end of the definition contained in VAR. Take -# advantage of any shell optimizations that allow amortized linear growth over -# repeated appends, instead of the typical quadratic growth present in naive -# implementations. -if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null -then : - eval 'as_fn_append () - { - eval $1+=\$2 - }' -else $as_nop - as_fn_append () - { - eval $1=\$$1\$2 - } -fi # as_fn_append - -# as_fn_arith ARG... -# ------------------ -# Perform arithmetic evaluation on the ARGs, and store the result in the -# global $as_val. Take advantage of shells that can avoid forks. The arguments -# must be portable across $(()) and expr. -if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null -then : - eval 'as_fn_arith () - { - as_val=$(( $* )) - }' -else $as_nop - as_fn_arith () - { - as_val=`expr "$@" || test $? -eq 1` - } -fi # as_fn_arith - -# as_fn_nop -# --------- -# Do nothing but, unlike ":", preserve the value of $?. -as_fn_nop () -{ - return $? -} -as_nop=as_fn_nop - -# as_fn_error STATUS ERROR [LINENO LOG_FD] -# ---------------------------------------- -# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are -# provided, also output the error to LOG_FD, referencing LINENO. Then exit the -# script with STATUS, using 1 if that was 0. -as_fn_error () -{ - as_status=$1; test $as_status -eq 0 && as_status=1 - if test "$4"; then - as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 - fi - printf "%s\n" "$as_me: error: $2" >&2 - as_fn_exit $as_status -} # as_fn_error - -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then - as_basename=basename -else - as_basename=false -fi - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - -as_me=`$as_basename -- "$0" || -$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -printf "%s\n" X/"$0" | - sed '/^.*\/\([^/][^/]*\)\/*$/{ - s//\1/ - q - } - /^X\/\(\/\/\)$/{ - s//\1/ - q - } - /^X\/\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - - - as_lineno_1=$LINENO as_lineno_1a=$LINENO - as_lineno_2=$LINENO as_lineno_2a=$LINENO - eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && - test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { - # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) - sed -n ' - p - /[$]LINENO/= - ' <$as_myself | - sed ' - s/[$]LINENO.*/&-/ - t lineno - b - :lineno - N - :loop - s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ - t loop - s/-\n.*// - ' >$as_me.lineno && - chmod +x "$as_me.lineno" || - { printf "%s\n" "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } - - # If we had to re-execute with $CONFIG_SHELL, we're ensured to have - # already done that, so ensure we don't try to do so again and fall - # in an infinite loop. This has already happened in practice. - _as_can_reexec=no; export _as_can_reexec - # Don't try to exec as it changes $[0], causing all sort of problems - # (the dirname of $[0] is not the place where we might find the - # original and so on. Autoconf is especially sensitive to this). - . "./$as_me.lineno" - # Exit status is that of the last command. - exit -} - - -# Determine whether it's possible to make 'echo' print without a newline. -# These variables are no longer used directly by Autoconf, but are AC_SUBSTed -# for compatibility with existing Makefiles. -ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in #((((( --n*) - case `echo 'xy\c'` in - *c*) ECHO_T=' ';; # ECHO_T is single tab character. - xy) ECHO_C='\c';; - *) echo `echo ksh88 bug on AIX 6.1` > /dev/null - ECHO_T=' ';; - esac;; -*) - ECHO_N='-n';; -esac - -# For backward compatibility with old third-party macros, we provide -# the shell variables $as_echo and $as_echo_n. New code should use -# AS_ECHO(["message"]) and AS_ECHO_N(["message"]), respectively. -as_echo='printf %s\n' -as_echo_n='printf %s' - - -rm -f conf$$ conf$$.exe conf$$.file -if test -d conf$$.dir; then - rm -f conf$$.dir/conf$$.file -else - rm -f conf$$.dir - mkdir conf$$.dir 2>/dev/null -fi -if (echo >conf$$.file) 2>/dev/null; then - if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -pR' - elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln - else - as_ln_s='cp -pR' - fi -else - as_ln_s='cp -pR' -fi -rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file -rmdir conf$$.dir 2>/dev/null - -if mkdir -p . 2>/dev/null; then - as_mkdir_p='mkdir -p "$as_dir"' -else - test -d ./-p && rmdir ./-p - as_mkdir_p=false -fi - -as_test_x='test -x' -as_executable_p=as_fn_executable_p - -# Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" - -# Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - -SHELL=${CONFIG_SHELL-/bin/sh} - - -test -n "$DJDIR" || exec 7<&0 &1 - -# Name of the host. -# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, -# so uname gets run too. -ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` - -# -# Initializations. -# -ac_default_prefix=/usr/local -ac_clean_files= -ac_config_libobj_dir=. -LIBOBJS= -cross_compiling=no -subdirs= -MFLAGS= -MAKEFLAGS= - -# Identity of this package. -PACKAGE_NAME='unbound' -PACKAGE_TARNAME='unbound' -PACKAGE_VERSION='1.20.0' -PACKAGE_STRING='unbound 1.20.0' -PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues' -PACKAGE_URL='' - -# Factoring default headers for most tests. -ac_includes_default="\ -#include -#ifdef HAVE_STDIO_H -# include -#endif -#ifdef HAVE_STDLIB_H -# include -#endif -#ifdef HAVE_STRING_H -# include -#endif -#ifdef HAVE_INTTYPES_H -# include -#endif -#ifdef HAVE_STDINT_H -# include -#endif -#ifdef HAVE_STRINGS_H -# include -#endif -#ifdef HAVE_SYS_TYPES_H -# include -#endif -#ifdef HAVE_SYS_STAT_H -# include -#endif -#ifdef HAVE_UNISTD_H -# include -#endif" - -ac_header_c_list= -ac_func_c_list= -ac_subst_vars='LTLIBOBJS -date -version -INSTALLTARGET -ALLTARGET -SOURCEFILE -SOURCEDETERMINE -IPSET_OBJ -IPSET_SRC -IPSECMOD_HEADER -IPSECMOD_OBJ -CACHEDB_OBJ -CACHEDB_SRC -DNSCRYPT_OBJ -DNSCRYPT_SRC -ENABLE_DNSCRYPT -ENABLE_DNSCRYPT_XCHACHA20 -DNSTAP_OBJ -DNSTAP_SRC -DNSTAP_SOCKET_TESTBIN -DNSTAP_SOCKET_PATH -opt_dnstap_socket_path -ENABLE_DNSTAP -PROTOBUFC_LIBS -PROTOBUFC_CFLAGS -PROTOC_C -UBSYMS -EXTRALINK -COMMON_OBJ_ALL_SYMBOLS -LIBOBJ_WITHOUT_CTIME -LIBOBJ_WITHOUT_CTIMEARC4 -WIN_CHECKCONF_OBJ_LINK -WIN_CONTROL_OBJ_LINK -WIN_UBANCHOR_OBJ_LINK -WIN_HOST_OBJ_LINK -WIN_DAEMON_OBJ_LINK -WIN_DAEMON_OBJ -WIN_DAEMON_SRC -WINAPPS -WINDRES -CHECKLOCK_OBJ -staticexe -PC_LIBEVENT_DEPENDENCY -UNBOUND_EVENT_UNINSTALL -UNBOUND_EVENT_INSTALL -SUBNET_HEADER -SUBNET_OBJ -PC_LIBBSD_DEPENDENCY -SSLLIB -HAVE_SSL -PC_CRYPTO_DEPENDENCY -CONFIG_DATE -GCC_DOCKER_LINTFLAGS -NETBSD_LINTFLAGS -PYUNBOUND_UNINSTALL -PYUNBOUND_INSTALL -PYUNBOUND_TARGET -PYUNBOUND_OBJ -WITH_PYUNBOUND -PYTHONMOD_UNINSTALL -PYTHONMOD_INSTALL -PYTHONMOD_HEADER -PYTHONMOD_OBJ -WITH_PYTHONMODULE -swig -SWIG_LIB -SWIG -PC_PY_DEPENDENCY -PYTHON_LIBS -PY_MAJOR_VERSION -PYTHON_SITE_PKG -PYTHON_LDFLAGS -PYTHON_CPPFLAGS -PYTHON -PYTHON_VERSION -DYNLIBMOD_EXTRALIBS -DYNLIBMOD_HEADER -DYNLIBMOD_OBJ -WITH_DYNLIBMODULE -PTHREAD_CFLAGS_ONLY -PTHREAD_CFLAGS -PTHREAD_LIBS -PTHREAD_CXX -PTHREAD_CC -ax_pthread_config -ASYNCLOOK_ALLOCCHECK_EXTRA_OBJ -SLDNS_ALLOCCHECK_EXTRA_OBJ -USE_SYSTEMD_FALSE -USE_SYSTEMD_TRUE -SYSTEMD_DAEMON_LIBS -SYSTEMD_DAEMON_CFLAGS -SYSTEMD_LIBS -SYSTEMD_CFLAGS -RUNTIME_PATH -LIBOBJS -CPP -PKG_CONFIG_LIBDIR -PKG_CONFIG_PATH -PKG_CONFIG -LT_SYS_LIBRARY_PATH -OTOOL64 -OTOOL -LIPO -NMEDIT -DSYMUTIL -MANIFEST_TOOL -AWK -RANLIB -ac_ct_AR -DLLTOOL -OBJDUMP -LN_S -NM -ac_ct_DUMPBIN -DUMPBIN -LD -FGREP -EGREP -SED -LIBTOOL -AR -host_os -host_vendor -host_cpu -host -build_os -build_vendor -build_cpu -build -libtool -STRIP -doxygen -YFLAGS -YACC -LEXLIB -LEX_OUTPUT_ROOT -LEX -debug_enabled -DEPFLAG -GREP -UNBOUND_USERNAME -UNBOUND_ROOTCERT_FILE -UNBOUND_ROOTKEY_FILE -UNBOUND_PIDFILE -UNBOUND_SHARE_DIR -UNBOUND_CHROOT_DIR -UNBOUND_RUN_DIR -ub_conf_dir -ub_conf_file -UNBOUND_LOCALSTATE_DIR -UNBOUND_SYSCONF_DIR -UNBOUND_SBIN_DIR -OBJEXT -EXEEXT -ac_ct_CC -CPPFLAGS -LDFLAGS -CFLAGS -CC -LIBUNBOUND_AGE -LIBUNBOUND_REVISION -LIBUNBOUND_CURRENT -UNBOUND_VERSION_MICRO -UNBOUND_VERSION_MINOR -UNBOUND_VERSION_MAJOR -target_alias -host_alias -build_alias -LIBS -ECHO_T -ECHO_N -ECHO_C -DEFS -mandir -localedir -libdir -psdir -pdfdir -dvidir -htmldir -infodir -docdir -oldincludedir -includedir -runstatedir -localstatedir -sharedstatedir -sysconfdir -datadir -datarootdir -libexecdir -sbindir -bindir -program_transform_name -prefix -exec_prefix -PACKAGE_URL -PACKAGE_BUGREPORT -PACKAGE_STRING -PACKAGE_VERSION -PACKAGE_TARNAME -PACKAGE_NAME -PATH_SEPARATOR -SHELL' -ac_subst_files='' -ac_user_opts=' -enable_option_checking -with_conf_file -with_run_dir -with_chroot_dir -with_share_dir -with_pidfile -with_rootkey_file -with_rootcert_file -with_username -enable_checking -enable_debug -enable_flto -enable_pie -enable_relro_now -enable_shared -enable_static -with_pic -enable_fast_install -with_aix_soname -with_gnu_ld -with_sysroot -enable_libtool_lock -enable_rpath -enable_largefile -enable_systemd -enable_alloc_checks -enable_alloc_lite -enable_alloc_nonregional -with_pthreads -with_solaris_threads -with_syslog_facility -with_dynlibmodule -with_pyunbound -with_pythonmodule -enable_swig_version_check -with_nss -with_nettle -with_ssl -with_libbsd -enable_sha1 -enable_sha2 -enable_subnet -enable_gost -enable_ecdsa -enable_dsa -with_deprecate_rsa_1024 -enable_ed25519 -enable_ed448 -enable_event_api -enable_tfo_client -enable_tfo_server -with_libevent -with_libexpat -with_libhiredis -with_libnghttp2 -enable_static_exe -enable_fully_static -enable_lock_checks -enable_allsymbols -enable_dnstap -with_dnstap_socket_path -with_protobuf_c -enable_dnscrypt -with_libsodium -enable_cachedb -enable_ipsecmod -enable_ipset -with_libmnl -enable_explicit_port_randomisation -enable_linux_ip_local_port_range -with_libunbound_only -' - ac_precious_vars='build_alias -host_alias -target_alias -CC -CFLAGS -LDFLAGS -LIBS -CPPFLAGS -YACC -YFLAGS -LT_SYS_LIBRARY_PATH -PKG_CONFIG -PKG_CONFIG_PATH -PKG_CONFIG_LIBDIR -CPP -SYSTEMD_CFLAGS -SYSTEMD_LIBS -SYSTEMD_DAEMON_CFLAGS *** 25658 LINES SKIPPED *** From nobody Fri Aug 23 19:31:19 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wr9D76VkVz5TnmN; Fri, 23 Aug 2024 19:31:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wr9D74ddBz4RNl; Fri, 23 Aug 2024 19:31:19 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724441479; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zZTxWJwT57LcHR4cIVIaoBvLhXEJ73u4h96wT+bBdqQ=; b=jXAO1AvqRmatv/HACks95IXT+pN1GuNPJ6xHIm0R8nqyhuKwoZg51gMTNI+SknZ3yYfL9V kN377UJvGLRANDMtKyQKWN+eWtxqPOvWzkIrNW22KpL9oQ60w81i0TY8fAYHcqAbf5JIHH PCC5AooVP6hTh9S/QFOsJOi7LP0xlPjz5SLzLEoYktkSbVprZ8kz/BlwIYJH0ysihHfSIn brpOz71J54DotRRCsNiOAPFlGBQE7y0iJ6YPCkG8vd07+gmQLk3JyfPbXHaheYiAlKLlgz Ki0yDBWQATWJjNERsdTcxmcZ2z8k2K5E8Sf8xvCGW3W+CIF2rkGEb+avLl8okQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724441479; a=rsa-sha256; cv=none; b=IvNf1XSG62prSbv5gGth9fr24u9QRc9T2ooTFICi1dDRGTC2KKPM6Id50hkZcLPjYko8p6 /v2GcpSnL5ejNjVri9EWsjfM8Ql3EoHB0u1AUqdcL0iSmJjqoPNst+uaE6Ha815k3PMWTQ 1a33nTjPznS2vFd11t0unwMc8FNG+iRjXnitbhvEmePyZZkHT5NqTNr2eiRpjRx5ugS3NE C56DCgDgQC/190ohNSvCGaabWRlkDmAP/scHKKY12z8940AASGQbsCGByA0hfEXWRVfjX0 45A2/NeMHBRF1c78PbYq2AuUgJzzD2mVBGts3lhCMmZBChWAsZqJyC2EpgaYNg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724441479; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zZTxWJwT57LcHR4cIVIaoBvLhXEJ73u4h96wT+bBdqQ=; b=ncMRF0lk9JO21AK2QAlM6DPZbYEWPDsjjNF7Rsd3+cJnDWUzlUohtPwqsZwiAsIhGgnfbH Q3ioCPhiliP81+atNfleSBeNHVYGcuN7rXhS6njf0fN4LyswufMku6uZw1lyBN58i20NzH x8HEBGk4H9mLKDL8WqOS1AXvPNEof6Y3Lh2BbEleb0koVQj94FbO8QDHUlrwdeqIGFGWzW CnTw5xJf9DFzMH4siJKukNGwr0K2xFuWPSkYgjDMvsBdNyBYDxU/u4QccfOwmeLENNTM5j a2clV3njmfWAXTN1uoBWgcFVpQnqwd0OlY5RFZBg3fAMUX+alBYD4ALE5Ed45w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wr9D74FDVzP5n; Fri, 23 Aug 2024 19:31:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47NJVJfb066132; Fri, 23 Aug 2024 19:31:19 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47NJVJTm066129; Fri, 23 Aug 2024 19:31:19 GMT (envelope-from git) Date: Fri, 23 Aug 2024 19:31:19 GMT Message-Id: <202408231931.47NJVJTm066129@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Cy Schubert Subject: git: 7217d74d1085 - stable/13 - unbound: Vendor import 1.21.0 List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 7217d74d1085ff5ab02687e74d5b172bc67b378d Auto-Submitted: auto-generated The branch stable/13 has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=7217d74d1085ff5ab02687e74d5b172bc67b378d commit 7217d74d1085ff5ab02687e74d5b172bc67b378d Author: Cy Schubert AuthorDate: 2024-08-16 16:45:39 +0000 Commit: Cy Schubert CommitDate: 2024-08-23 19:30:49 +0000 unbound: Vendor import 1.21.0 Release notes at https://nlnetlabs.nl/news/2024/Aug/15/unbound-1.21.0-released/ Merge commit '96ef46e5cff01648c80c09c4364d10bc6f58119d' (cherry picked from commit 5685098846d7f11ad642d9804d94dc7429a7b212) --- contrib/unbound/Makefile.in | 5 +- contrib/unbound/acx_python.m4 | 2 +- contrib/unbound/cachedb/cachedb.c | 55 +- contrib/unbound/cachedb/cachedb.h | 8 + contrib/unbound/config.guess | 11 +- contrib/unbound/config.h.in | 15 + contrib/unbound/config.sub | 729 ++- contrib/unbound/configure | 290 +- contrib/unbound/configure.ac | 96 +- contrib/unbound/contrib/unbound.service.in | 4 +- .../unbound/contrib/unbound_portable.service.in | 4 +- contrib/unbound/daemon/daemon.c | 43 +- contrib/unbound/daemon/daemon.h | 14 + contrib/unbound/daemon/remote.c | 540 +- contrib/unbound/daemon/stats.c | 9 +- contrib/unbound/daemon/unbound.c | 6 +- contrib/unbound/daemon/worker.c | 11 +- contrib/unbound/dns64/dns64.c | 5 +- contrib/unbound/dnstap/dnstap.c | 45 + contrib/unbound/dnstap/dnstap.h | 8 + contrib/unbound/dnstap/dnstap.m4 | 59 +- contrib/unbound/dnstap/dtstream.c | 53 +- contrib/unbound/dnstap/unbound-dnstap-socket.c | 285 +- contrib/unbound/doc/Changelog | 267 +- contrib/unbound/doc/README | 2 +- contrib/unbound/doc/example.conf.in | 14 +- contrib/unbound/doc/libunbound.3.in | 4 +- contrib/unbound/doc/unbound-anchor.8.in | 2 +- contrib/unbound/doc/unbound-checkconf.8.in | 2 +- contrib/unbound/doc/unbound-control.8.in | 66 +- contrib/unbound/doc/unbound-host.1.in | 2 +- contrib/unbound/doc/unbound.8.in | 4 +- contrib/unbound/doc/unbound.conf.5.in | 59 +- contrib/unbound/dynlibmod/dynlibmod.c | 4 +- contrib/unbound/edns-subnet/subnetmod.c | 3 +- contrib/unbound/ipsecmod/ipsecmod.c | 2 +- contrib/unbound/ipset/ipset.c | 209 +- contrib/unbound/ipset/ipset.h | 6 +- contrib/unbound/iterator/iter_scrub.c | 82 + contrib/unbound/iterator/iter_utils.c | 3 +- contrib/unbound/iterator/iterator.c | 124 +- contrib/unbound/iterator/iterator.h | 6 + contrib/unbound/libunbound/context.c | 4 +- contrib/unbound/libunbound/libunbound.c | 19 +- contrib/unbound/libunbound/libworker.c | 1 + contrib/unbound/respip/respip.c | 4 +- contrib/unbound/services/authzone.c | 48 +- contrib/unbound/services/cache/dns.c | 33 +- contrib/unbound/services/cache/infra.c | 27 +- contrib/unbound/services/cache/infra.h | 2 +- contrib/unbound/services/listen_dnsport.c | 2 +- contrib/unbound/services/localzone.c | 71 +- contrib/unbound/services/localzone.h | 19 + contrib/unbound/services/mesh.c | 41 +- contrib/unbound/services/modstack.c | 78 +- contrib/unbound/services/modstack.h | 38 +- contrib/unbound/services/outside_network.c | 20 +- contrib/unbound/services/rpz.c | 41 +- contrib/unbound/sldns/parse.h | 6 +- contrib/unbound/sldns/parseutil.c | 9 + contrib/unbound/sldns/rrdef.h | 5 + contrib/unbound/sldns/wire2str.c | 6 + contrib/unbound/smallapp/unbound-anchor.c | 10 +- contrib/unbound/smallapp/unbound-checkconf.c | 9 +- .../unbound/smallapp/unbound-control-setup.sh.in | 4 + contrib/unbound/smallapp/unbound-control.c | 29 +- contrib/unbound/systemd.m4 | 14 +- .../09-unbound-control.tdir/view_local_data | 4 + .../09-unbound-control.tdir/view_local_data_remove | 4 + .../testdata/acl_interface.tdir/rpz-nx.zone | 3 + .../testdata/acl_interface.tdir/rpz-one.zone | 3 + .../testdata/acl_interface.tdir/rpz-two.zone | 3 + contrib/unbound/testdata/cachedb_val_expired.crpl | 327 + .../testdata/cookie_file.tdir/cookie_file.conf | 19 + .../testdata/cookie_file.tdir/cookie_file.dsc | 16 + .../testdata/cookie_file.tdir/cookie_file.pre | 24 + .../testdata/cookie_file.tdir/cookie_file.test | 248 + contrib/unbound/testdata/fwd_name_lookup.rpl | 152 + contrib/unbound/testdata/rpz_cname_tag.rpl | 281 + contrib/unbound/testdata/val_dname_twice.rpl | 226 + contrib/unbound/testdata/val_failure_dnskey.rpl | 348 ++ contrib/unbound/util/alloc.c | 21 + contrib/unbound/util/config_file.c | 82 +- contrib/unbound/util/config_file.h | 4 + contrib/unbound/util/configlexer.c | 6453 ++++++++++---------- contrib/unbound/util/configlexer.lex | 2 + contrib/unbound/util/configparser.c | 4701 +++++++------- contrib/unbound/util/configparser.h | 666 +- contrib/unbound/util/configparser.y | 133 +- contrib/unbound/util/data/dname.h | 2 +- contrib/unbound/util/data/msgparse.c | 50 +- contrib/unbound/util/data/msgparse.h | 5 +- contrib/unbound/util/edns.c | 186 + contrib/unbound/util/edns.h | 85 + contrib/unbound/util/fptr_wlist.c | 26 +- contrib/unbound/util/fptr_wlist.h | 16 + contrib/unbound/util/module.h | 30 +- contrib/unbound/util/net_help.c | 56 +- contrib/unbound/util/net_help.h | 17 + contrib/unbound/util/netevent.c | 21 +- contrib/unbound/util/netevent.h | 3 + contrib/unbound/util/proxy_protocol.c | 1 + contrib/unbound/util/siphash.c | 6 + contrib/unbound/util/storage/lookup3.c | 227 +- contrib/unbound/validator/autotrust.c | 3 +- contrib/unbound/validator/val_nsec.c | 12 +- contrib/unbound/validator/val_nsec.h | 4 +- contrib/unbound/validator/val_nsec3.c | 9 +- contrib/unbound/validator/val_nsec3.h | 4 +- contrib/unbound/validator/val_secalgo.c | 8 +- contrib/unbound/validator/val_sigcrypt.c | 19 +- contrib/unbound/validator/val_sigcrypt.h | 12 +- contrib/unbound/validator/val_utils.c | 82 +- contrib/unbound/validator/val_utils.h | 26 +- contrib/unbound/validator/validator.c | 129 +- usr.sbin/unbound/config.h | 15 +- 116 files changed, 11672 insertions(+), 6800 deletions(-) diff --git a/contrib/unbound/Makefile.in b/contrib/unbound/Makefile.in index f30ca81a84f8..672435e01e9f 100644 --- a/contrib/unbound/Makefile.in +++ b/contrib/unbound/Makefile.in @@ -439,7 +439,8 @@ unbound-control-setup: smallapp/unbound-control-setup.sh dnstap.lo dnstap.o: $(srcdir)/dnstap/dnstap.c config.h dnstap/dnstap_config.h \ dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h $(srcdir)/dnstap/dnstap.h \ $(srcdir)/util/config_file.h $(srcdir)/util/log.h \ - $(srcdir)/util/netevent.h $(srcdir)/util/net_help.h + $(srcdir)/util/netevent.h $(srcdir)/util/net_help.h \ + $(srcdir)/util/locks.h dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h: $(srcdir)/dnstap/dnstap.proto @-if test ! -d dnstap; then $(INSTALL) -d dnstap; fi @@ -1297,7 +1298,7 @@ remote.lo remote.o: $(srcdir)/daemon/remote.c config.h $(srcdir)/daemon/remote.h $(srcdir)/validator/val_anchor.h $(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h \ $(srcdir)/iterator/iter_fwd.h $(srcdir)/iterator/iter_hints.h $(srcdir)/iterator/iter_delegpt.h \ $(srcdir)/services/outside_network.h $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/parseutil.h \ - $(srcdir)/sldns/wire2str.h + $(srcdir)/sldns/wire2str.h $(srcdir)/util/edns.h stats.lo stats.o: $(srcdir)/daemon/stats.c config.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h \ $(srcdir)/libunbound/unbound.h $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/sldns/sbuffer.h \ $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ diff --git a/contrib/unbound/acx_python.m4 b/contrib/unbound/acx_python.m4 index c945d6c8989e..4ed298cf9ebd 100644 --- a/contrib/unbound/acx_python.m4 +++ b/contrib/unbound/acx_python.m4 @@ -9,7 +9,7 @@ AC_DEFUN([AC_PYTHON_DEVEL],[ AC_PATH_PROG([PYTHON],[python[$PYTHON_VERSION]]) if test -z "$PYTHON"; then - AC_MSG_ERROR([Cannot find python$PYTHON_VERSION in your system path]) + AC_MSG_ERROR([Cannot find 'python$PYTHON_VERSION' in your system path. You can use the environment variable 'PYTHON_VERSION=version_number' for an explicit version.]) PYTHON_VERSION="" fi diff --git a/contrib/unbound/cachedb/cachedb.c b/contrib/unbound/cachedb/cachedb.c index 95ac28904693..7a07b9976967 100644 --- a/contrib/unbound/cachedb/cachedb.c +++ b/contrib/unbound/cachedb/cachedb.c @@ -322,30 +322,30 @@ error_response(struct module_qstate* qstate, int id, int rcode) /** * Hash the query name, type, class and dbacess-secret into lookup buffer. - * @param qstate: query state with query info - * and env->cfg with secret. + * @param qinfo: query info + * @param env: with env->cfg with secret. * @param buf: returned buffer with hash to lookup * @param len: length of the buffer. */ static void -calc_hash(struct module_qstate* qstate, char* buf, size_t len) +calc_hash(struct query_info* qinfo, struct module_env* env, char* buf, + size_t len) { uint8_t clear[1024]; size_t clen = 0; uint8_t hash[CACHEDB_HASHSIZE/8]; const char* hex = "0123456789ABCDEF"; - const char* secret = qstate->env->cfg->cachedb_secret; + const char* secret = env->cfg->cachedb_secret; size_t i; /* copy the hash info into the clear buffer */ - if(clen + qstate->qinfo.qname_len < sizeof(clear)) { - memmove(clear+clen, qstate->qinfo.qname, - qstate->qinfo.qname_len); - clen += qstate->qinfo.qname_len; + if(clen + qinfo->qname_len < sizeof(clear)) { + memmove(clear+clen, qinfo->qname, qinfo->qname_len); + clen += qinfo->qname_len; } if(clen + 4 < sizeof(clear)) { - uint16_t t = htons(qstate->qinfo.qtype); - uint16_t c = htons(qstate->qinfo.qclass); + uint16_t t = htons(qinfo->qtype); + uint16_t c = htons(qinfo->qclass); memmove(clear+clen, &t, 2); memmove(clear+clen+2, &c, 2); clen += 4; @@ -645,7 +645,7 @@ cachedb_extcache_lookup(struct module_qstate* qstate, struct cachedb_env* ie, int* msg_expired) { char key[(CACHEDB_HASHSIZE/8)*2+1]; - calc_hash(qstate, key, sizeof(key)); + calc_hash(&qstate->qinfo, qstate->env, key, sizeof(key)); /* call backend to fetch data for key into scratch buffer */ if( !(*ie->backend->lookup)(qstate->env, ie, key, @@ -672,7 +672,7 @@ static void cachedb_extcache_store(struct module_qstate* qstate, struct cachedb_env* ie) { char key[(CACHEDB_HASHSIZE/8)*2+1]; - calc_hash(qstate, key, sizeof(key)); + calc_hash(&qstate->qinfo, qstate->env, key, sizeof(key)); /* prepare data in scratch buffer */ if(!prep_data(qstate, qstate->env->scratch_buffer)) @@ -745,6 +745,10 @@ cachedb_intcache_store(struct module_qstate* qstate, int msg_expired) * going to be now-3 seconds. Making it expired * in the cache. */ set_msg_ttl(qstate->return_msg, (time_t)-3); + /* The expired entry does not get checked by the validator + * and we need a validation value for it. */ + if(qstate->env->cfg->cachedb_check_when_serve_expired) + qstate->return_msg->rep->security = sec_status_insecure; } (void)dns_cache_store(qstate->env, &qstate->qinfo, qstate->return_msg->rep, 0, qstate->prefetch_leeway, 0, @@ -979,7 +983,7 @@ cachedb_get_mem(struct module_env* env, int id) */ static struct module_func_block cachedb_block = { "cachedb", - &cachedb_init, &cachedb_deinit, &cachedb_operate, + NULL, NULL, &cachedb_init, &cachedb_deinit, &cachedb_operate, &cachedb_inform_super, &cachedb_clear, &cachedb_get_mem }; @@ -1003,21 +1007,26 @@ cachedb_is_enabled(struct module_stack* mods, struct module_env* env) } void cachedb_msg_remove(struct module_qstate* qstate) +{ + cachedb_msg_remove_qinfo(qstate->env, &qstate->qinfo); +} + +void cachedb_msg_remove_qinfo(struct module_env* env, struct query_info* qinfo) { char key[(CACHEDB_HASHSIZE/8)*2+1]; - int id = modstack_find(qstate->env->modstack, "cachedb"); - struct cachedb_env* ie = (struct cachedb_env*)qstate->env->modinfo[id]; + int id = modstack_find(env->modstack, "cachedb"); + struct cachedb_env* ie = (struct cachedb_env*)env->modinfo[id]; - log_query_info(VERB_ALGO, "cachedb msg remove", &qstate->qinfo); - calc_hash(qstate, key, sizeof(key)); - sldns_buffer_clear(qstate->env->scratch_buffer); - sldns_buffer_write_u32(qstate->env->scratch_buffer, 0); - sldns_buffer_flip(qstate->env->scratch_buffer); + log_query_info(VERB_ALGO, "cachedb msg remove", qinfo); + calc_hash(qinfo, env, key, sizeof(key)); + sldns_buffer_clear(env->scratch_buffer); + sldns_buffer_write_u32(env->scratch_buffer, 0); + sldns_buffer_flip(env->scratch_buffer); /* call backend */ - (*ie->backend->store)(qstate->env, ie, key, - sldns_buffer_begin(qstate->env->scratch_buffer), - sldns_buffer_limit(qstate->env->scratch_buffer), + (*ie->backend->store)(env, ie, key, + sldns_buffer_begin(env->scratch_buffer), + sldns_buffer_limit(env->scratch_buffer), 0); } #endif /* USE_CACHEDB */ diff --git a/contrib/unbound/cachedb/cachedb.h b/contrib/unbound/cachedb/cachedb.h index 2da8b5c71feb..482c5db6c063 100644 --- a/contrib/unbound/cachedb/cachedb.h +++ b/contrib/unbound/cachedb/cachedb.h @@ -126,3 +126,11 @@ int cachedb_is_enabled(struct module_stack* mods, struct module_env* env); * @param qstate: query state. */ void cachedb_msg_remove(struct module_qstate* qstate); + +/** + * Remove message from the cachedb cache, by query info. + * @param env: module environment to look up cachedb state. + * @param qinfo: the message to remove. + */ +void cachedb_msg_remove_qinfo(struct module_env* env, + struct query_info* qinfo); diff --git a/contrib/unbound/config.guess b/contrib/unbound/config.guess index f6d217a49f8f..48a684601bd2 100755 --- a/contrib/unbound/config.guess +++ b/contrib/unbound/config.guess @@ -4,7 +4,7 @@ # shellcheck disable=SC2006,SC2268 # see below for rationale -timestamp='2024-01-01' +timestamp='2024-07-27' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -123,7 +123,7 @@ set_cc_for_build() { dummy=$tmp/dummy case ${CC_FOR_BUILD-},${HOST_CC-},${CC-} in ,,) echo "int x;" > "$dummy.c" - for driver in cc gcc c89 c99 ; do + for driver in cc gcc c17 c99 c89 ; do if ($driver -c -o "$dummy.o" "$dummy.c") >/dev/null 2>&1 ; then CC_FOR_BUILD=$driver break @@ -634,7 +634,8 @@ EOF sed 's/^ //' << EOF > "$dummy.c" #include - main() + int + main () { if (!__power_pc()) exit(1); @@ -718,7 +719,8 @@ EOF #include #include - int main () + int + main () { #if defined(_SC_KERNEL_BITS) long bits = sysconf(_SC_KERNEL_BITS); @@ -1621,6 +1623,7 @@ cat > "$dummy.c" < header file. */ #undef HAVE_ARPA_INET_H +/* Whether the C compiler accepts the "fallthrough" attribute */ +#undef HAVE_ATTR_FALLTHROUGH + /* Whether the C compiler accepts the "format" attribute */ #undef HAVE_ATTR_FORMAT @@ -406,6 +412,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_NET_IF_H +/* Define to 1 if you have the header file. */ +#undef HAVE_NET_PFVAR_H + /* Define this to use nghttp2 client. */ #undef HAVE_NGHTTP2 @@ -566,6 +575,9 @@ function. */ #undef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB +/* Define to 1 if you have the `SSL_CTX_set_tmp_ecdh' function. */ +#undef HAVE_SSL_CTX_SET_TMP_ECDH + /* Define to 1 if you have the `SSL_get0_alpn_selected' function. */ #undef HAVE_SSL_GET0_ALPN_SELECTED @@ -1484,6 +1496,7 @@ struct sockaddr_storage; # define calloc(n,s) unbound_stat_calloc_log(n, s, __FILE__, __LINE__, __func__) # define free(p) unbound_stat_free_log(p, __FILE__, __LINE__, __func__) # define realloc(p,s) unbound_stat_realloc_log(p, s, __FILE__, __LINE__, __func__) +# define strdup(s) unbound_stat_strdup_log(s, __FILE__, __LINE__, __func__) void *unbound_stat_malloc(size_t size); void *unbound_stat_calloc(size_t nmemb, size_t size); void unbound_stat_free(void *ptr); @@ -1496,6 +1509,8 @@ void unbound_stat_free_log(void *ptr, const char* file, int line, const char* func); void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file, int line, const char* func); +char *unbound_stat_strdup_log(const char *s, const char* file, int line, + const char* func); #elif defined(UNBOUND_ALLOC_LITE) # include "util/alloc.h" #endif /* UNBOUND_ALLOC_LITE and UNBOUND_ALLOC_STATS */ diff --git a/contrib/unbound/config.sub b/contrib/unbound/config.sub index 2c6a07ab3c34..4aaae46f6f74 100755 --- a/contrib/unbound/config.sub +++ b/contrib/unbound/config.sub @@ -2,9 +2,9 @@ # Configuration validation subroutine script. # Copyright 1992-2024 Free Software Foundation, Inc. -# shellcheck disable=SC2006,SC2268 # see below for rationale +# shellcheck disable=SC2006,SC2268,SC2162 # see below for rationale -timestamp='2024-01-01' +timestamp='2024-05-27' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -120,7 +120,6 @@ case $# in esac # Split fields of configuration type -# shellcheck disable=SC2162 saved_IFS=$IFS IFS="-" read field1 field2 field3 field4 < To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Maxim Konovalov Subject: git: 2545829e1c2c - stable/14 - pam_xdg.8: the module option name corrected List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: maxim X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 2545829e1c2c6a46b50f00ca47d61de9b5674007 Auto-Submitted: auto-generated The branch stable/14 has been updated by maxim: URL: https://cgit.FreeBSD.org/src/commit/?id=2545829e1c2c6a46b50f00ca47d61de9b5674007 commit 2545829e1c2c6a46b50f00ca47d61de9b5674007 Author: Maxim Konovalov AuthorDate: 2024-08-22 21:03:59 +0000 Commit: Maxim Konovalov CommitDate: 2024-08-25 04:12:44 +0000 pam_xdg.8: the module option name corrected PR: 280994 (cherry picked from commit 6aee1dc48006445b6e062db86c5c3697b04b98f6) --- lib/libpam/modules/pam_xdg/pam_xdg.8 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/libpam/modules/pam_xdg/pam_xdg.8 b/lib/libpam/modules/pam_xdg/pam_xdg.8 index 1a8b53def051..9b97d3626531 100644 --- a/lib/libpam/modules/pam_xdg/pam_xdg.8 +++ b/lib/libpam/modules/pam_xdg/pam_xdg.8 @@ -22,7 +22,7 @@ .\" * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" * SUCH DAMAGE. -.Dd February 21, 2024 +.Dd August 22, 2024 .Dt PAM_XDG 8 .Os .Sh NAME @@ -42,8 +42,8 @@ By default the directory is created under .Pa /var/run/xdg/ . .Pp The following option may be passed to the authentication module: -.Bl -tag -width ".Cm runtime_dir" -.It Cm runtime_dir Ns = Ns Ar directory +.Bl -tag -width ".Cm runtime_dir_prefix" +.It Cm runtime_dir_prefix Ns = Ns Ar directory Use an alternate base directory .El .Sh SEE ALSO From nobody Sun Aug 25 06:36:11 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ws3wq6VZpz5VQyT; Sun, 25 Aug 2024 06:36:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ws3wq5nD0z4kCQ; Sun, 25 Aug 2024 06:36:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724567771; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6oMDf7gs8JnUiXxJ5Br6RakATYsMX+GMzfTmA2XOEuU=; b=nDOkyWMICJspQKBvZudOpxwLfWR7OhMH7GvVy5KV/JpK5pQUc95Jdb8YaR7uwYjoDIJO9+ xTppB8dAQB9CRglHBvHFMBTPcZJ0i/8pgPA4XzXJZ/yadb3dDXvuoVHWvbFxwxKIJqFyXP pphLRxRssbYbTmQN+R3IcBV43rxMQdk7Ezv0RGUjli1ytSfygctRhlhoyy54ye6E8yAMuy NgejhbnjAmwPFBk1+/aWRZR0/U+PpMkf0dphTe0seDSsDe4Uxvn1HB7pJWHLAoS833cNCh XP/idY50QYT+AeqcZVwhpVy/YYHgnssdz49inZg84bHeabVIZo5NA0DbGCQHQg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724567771; a=rsa-sha256; cv=none; b=uecgv4a7+vDuVuYh8Kk2/KPO5Qp+yonxT2kle9obX/FFd0BQwPe6Z7e3D0wAG3kHvPkLJS DhxKgBqnRDYsgsPKKPIGCbbqvFjD0Z1YTaFlbWbumpbYrzxZsXNuuhHzH4jdG0DU5Dl/FP SjVlZPuX/Sb+Ryha1NKKsCayri79/kuQLLLN7HZO30eVAwFG53MX8ZW7cFTONpY6oBBSWa l6tqyxFDZyVv8BcBGtgPRb6eNFVd9jSwOffJ0c+D9Y8u590FQLNH1tkfjrNMVlC67T0m0v qENdV0gwE8JprBN1yeJDihMyqy1MUKuNax5DXvP9zeiHfbMCGzqCcsU4UX5laQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724567771; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6oMDf7gs8JnUiXxJ5Br6RakATYsMX+GMzfTmA2XOEuU=; b=S7R9fcOzFbvw6QGtLh+Nq02uLUXSI5GYGmBaB5312N3oLamXI2r/oOIiNHUDjMS0OipAVl HUIHDv3KOcsWzfrzq8MOqwm14bDOl7jr/o/9IeABHx/ktt4mVpwboIfHHqYd/OxPs++zok F+ZwjCElzPGdAiGx6nOPJNL0Trp/kt2575DdYt9YpqJxQlZczu92He12W5+PS3XdaMGBS1 YDqIQ/WCAbKvYX0lmCSiNit6Y069MHAkCHHL2JKkzCITQfNAkRBI4qjniPwmSSKkGpIdyG 4wYhXJzD0pxHX2c76uvRk2hHScSeN/YgWtUBiDdaOWZuM7Z0q1/IgJ6cna7/UA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Ws3wq5MlDz1R6j; Sun, 25 Aug 2024 06:36:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47P6aBhX026740; Sun, 25 Aug 2024 06:36:11 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47P6aBvO026737; Sun, 25 Aug 2024 06:36:11 GMT (envelope-from git) Date: Sun, 25 Aug 2024 06:36:11 GMT Message-Id: <202408250636.47P6aBvO026737@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Eugene Grosbein Subject: git: 244118026550 - stable/14 - libalias: fix subtle racy problem in outside-inside forwarding List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: eugen X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 2441180265509a7efe8c20ee72585757e7bb9d1c Auto-Submitted: auto-generated The branch stable/14 has been updated by eugen: URL: https://cgit.FreeBSD.org/src/commit/?id=2441180265509a7efe8c20ee72585757e7bb9d1c commit 2441180265509a7efe8c20ee72585757e7bb9d1c Author: Eugene Grosbein AuthorDate: 2024-08-19 03:34:37 +0000 Commit: Eugene Grosbein CommitDate: 2024-08-25 06:31:24 +0000 libalias: fix subtle racy problem in outside-inside forwarding sys/netinet/libalias/alias_db.c has internal static function UseLink() that passes a link to CleanupLink() to verify if the link has expired. If so, UseLink() may return NULL. _FindLinkIn()'s usage of UseLink() is not quite correct. Assume there is "redirect_port udp" configured to forward incoming traffic for specific port to some internal address. Such a rule creates partially specified permanent link. After first such incoming packet libalias creates new fully specifiled temporary LINK_UDP with default timeout of 60 seconds. Also, in case of low traffic libalias may assign "timestamp" for this new temporary link way in the past because LibAliasTime is updated seldom and can keep old value for tens of seconds, and it will be used for the temporary link. It may happen that next incoming packet for redirected port passed to _FindLinkIn() results in a call to UseLink() that returns NULL due to detected expiration. Immediate return of NULL results in broken translation: either a packet is dropped (deny_incoming mode) or delivered to original destination address instead of internal one. Fix it with additional check for NULL to proceed with a search for original partially specified link. In case of UDP, it also recreates temporary fully specified link with a call to ReLink(). Practical examples are "redirect_port udp" rules for unidirectional SYSLOG protocol (port 514) or some low volume VPN encapsulated in UDP. Thanks to Peter Much for initial analysis and first version of a patch. Reported by: Peter Much PR: 269770 (cherry picked from commit 8132e959099f0c533f698d8fbc17386f9144432f) (cherry picked from commit e5b85380836378c9e321a4e6d300591e6faf622a) --- sys/netinet/libalias/alias_db.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c index 167201fa1b8f..4bb95549aaaf 100644 --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -868,8 +868,18 @@ _FindLinkIn(struct libalias *la, struct in_addr dst_addr, case 0: LIST_FOREACH(lnk, &grp->full, all.in) { if (lnk->dst_addr.s_addr == dst_addr.s_addr && - lnk->dst_port == dst_port) - return (UseLink(la, lnk)); + lnk->dst_port == dst_port) { + struct alias_link *found; + + found = UseLink(la, lnk); + if (found != NULL) + return (found); + /* link expired */ + grp = StartPointIn(la, alias_addr, alias_port, link_type, 0); + if (grp == NULL) + return (NULL); + break; + } } break; case LINK_UNKNOWN_DEST_PORT: From nobody Sun Aug 25 06:45:19 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ws47M6VcBz5VRQG; Sun, 25 Aug 2024 06:45:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ws47M5v6lz4kp9; Sun, 25 Aug 2024 06:45:19 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724568319; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Gz5ISccCYwrwvlhk+aeXnxwECW+ag/ekkg15tx65GWk=; b=bgR1XKpvLxQulqej1IjT7e1rt0penC74b9EF4LUpspWQDTA814a4qW3W4pvzkzyNn/EOem YgSy4pEMa0xVIs/qd1Rxza4Es2SQN+mnUFTcbPY0A9utv2tMElYToPvG7NNTmyG3/85Tw7 gFKk91ZWLLr/BKotQqLZ+F1oiPBh0MWfOdXMszJzujcdB3bAA+aJO556H1qHsLWTr459fA h6JRQs5659qOVW98+YGnbZums9GadVcl18oTqupg/kM6iesZk+5GhO+Vn8sC5O5+7s5ahg FtnwRJanU3gSc773VC41d7dSjYoapFb+OOu/YFBqJUSO0KU6LPs59ITcC34GmA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724568319; a=rsa-sha256; cv=none; b=MDvUiQGHpxxXXdjQETHQDWQckRONg8ILOHuXCOZWl3rIccaU+EdysdccUoFOJQVDGFPPdS KUnLstQw3vAacf0gb+9WSWqFfPE4M8eyDxjETWphx9QmI10HSgweb0gPKt2XWDv445Rwv9 s8KyGsxHIzCq6P7755duddR2Mq5CroXIjTKql14kqGYuKRRbIJoNWa1+etd3lXLTHAlKUG O2UeljsR0IAQO1MGDBcTg7m2rQcezAzEcEmtCZuMvtnnyodUHsSrn1WqbffpXaxAD994LI Z38fA1DGxeZAOS6xD+y/xLyfa7KUnjVwlQVWrIEJ3yDbDt6IKrImCqLx2mMQuw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724568319; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Gz5ISccCYwrwvlhk+aeXnxwECW+ag/ekkg15tx65GWk=; b=lRJgVDI3L7t3qeZkfgEAn1MIRcdEtBeeABVAAfAvQRhBIRypyWUDs4lwxmEPr2Ao5GRxkn g20nbCQ6nmmz7D9EcMjSQXIYzIrTQqNRHyoVGUO83iEzL7u4rXUQgy/NGvsiKnMTqMuXbi 8K2VTwx9UzmxigGz2k2QcRXFI+jAmJnqo/GhK+qAiVKZkq2NePSS9/zRvUsfRUJkR1pNQE Mz24R40+T99IxUFIe55h3S/u6fsrtobAw7wdIe8lyUQ4qn/8JwrB2mBlJc4bhvV8V296i2 AQYntdjt41rYrD9nlX07G3niTBJIj29LDgvGxosBpq0Hg9RZ8hITU9PpsC9Rxw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Ws47M5Mn5z1Rfw; Sun, 25 Aug 2024 06:45:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47P6jJia042946; Sun, 25 Aug 2024 06:45:19 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47P6jJ8F042943; Sun, 25 Aug 2024 06:45:19 GMT (envelope-from git) Date: Sun, 25 Aug 2024 06:45:19 GMT Message-Id: <202408250645.47P6jJ8F042943@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Eugene Grosbein Subject: git: f20a1805f7da - stable/13 - libalias: fix subtle racy problem in outside-inside forwarding List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: eugen X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: f20a1805f7dace1e4fcfe25e26e552a9ec7ede74 Auto-Submitted: auto-generated The branch stable/13 has been updated by eugen: URL: https://cgit.FreeBSD.org/src/commit/?id=f20a1805f7dace1e4fcfe25e26e552a9ec7ede74 commit f20a1805f7dace1e4fcfe25e26e552a9ec7ede74 Author: Eugene Grosbein AuthorDate: 2024-08-19 03:34:37 +0000 Commit: Eugene Grosbein CommitDate: 2024-08-25 06:42:12 +0000 libalias: fix subtle racy problem in outside-inside forwarding sys/netinet/libalias/alias_db.c has internal static function UseLink() that passes a link to CleanupLink() to verify if the link has expired. If so, UseLink() may return NULL. _FindLinkIn()'s usage of UseLink() is not quite correct. Assume there is "redirect_port udp" configured to forward incoming traffic for specific port to some internal address. Such a rule creates partially specified permanent link. After first such incoming packet libalias creates new fully specified temporary LINK_UDP with default timeout of 60 seconds. Also, in case of low traffic libalias may assign "timestamp" for this new temporary link way in the past because LibAliasTime is updated seldom and can keep old value for tens of seconds, and it will be used for the temporary link. It may happen that next incoming packet for redirected port passed to _FindLinkIn() results in a call to UseLink() that returns NULL due to detected expiration. Immediate return of NULL results in broken translation: either a packet is dropped (deny_incoming mode) or delivered to original destination address instead of internal one. Fix it with additional check for NULL to proceed with a search for original partially specified link. In case of UDP, it also recreates temporary fully specified link with a call to ReLink(). Practical examples are "redirect_port udp" rules for unidirectional SYSLOG protocol (port 514) or some low volume VPN encapsulated in UDP. Thanks to Peter Much for initial analysis and first version of a patch. Reported by: Peter Much PR: 269770 (cherry picked from commit 8132e959099f0c533f698d8fbc17386f9144432f) (cherry picked from commit e5b85380836378c9e321a4e6d300591e6faf622a) --- sys/netinet/libalias/alias_db.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c index ba0117ff090d..1209348bed5c 100644 --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -868,8 +868,18 @@ _FindLinkIn(struct libalias *la, struct in_addr dst_addr, case 0: LIST_FOREACH(lnk, &grp->full, all.in) { if (lnk->dst_addr.s_addr == dst_addr.s_addr && - lnk->dst_port == dst_port) - return (UseLink(la, lnk)); + lnk->dst_port == dst_port) { + struct alias_link *found; + + found = UseLink(la, lnk); + if (found != NULL) + return (found); + /* link expired */ + grp = StartPointIn(la, alias_addr, alias_port, link_type, 0); + if (grp == NULL) + return (NULL); + break; + } } break; case LINK_UNKNOWN_DEST_PORT: From nobody Sun Aug 25 06:49:21 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ws4D12wgrz5VS7w; Sun, 25 Aug 2024 06:49:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ws4D12RBBz4l3m; Sun, 25 Aug 2024 06:49:21 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724568561; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jOVrFKFT5OPAZuUHdDSDg+y8rUUt85XhZrecLsJfMnQ=; b=vPsWkNsntBKjQ+TE+L5KtCxNPEXy4egjNw3E8LyMvRoWzwplclnbZARG2QiB2jw1ptQm4f qKGr3WD4XK6FL4KsebKWv7CAUg6FWLauFEbjIqPqJvhq84zoVtyh7oFeNUKPx1RkxFdp3a HLCyu3pugvdAu/gAxze8JJwbzOLC/mTq3n2QIImDUNOTQXrPxsg5apld9u3pPUviq1qv51 OekKtnX3WSkP8lXe9ZGxomepgQfBUWYZgatretrLF1oba7hz2OnD8tUveb0hjcL2Wwyjra LBK5DFQsjhlQbXXwxYtZcwfMu1jn/V6q6/z4rDEHoZMiPS3aKrJZla4MPnORkQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724568561; a=rsa-sha256; cv=none; b=b5DDUTYqUJRSOki5mMTwyIWLw5qKVmIBfxrxdF5jDF1ZSsLg97NOkAXvS1V3YhYT1knUWW 3rO0q0TcBx8rgVnCpf557fAh4u3GwahWFA6mhwIrMYIpuP4uyjvdVG9U9xxj44wJC6SBku ibUxnD/wDEpODI4Dxh2QasfPGTeGUTktrPgSccOhueI1NaQeTjlyOnjFFfOwmRygwY3Xsx MxFbO8730vhLY4EVxf9gYEWH0nOe1U0rWkeEtVNSFNKyB8zCZUU7USlBcmeOYINcOrByuB REKADfBXBUw4t0QcY+DcMDRkJWdOWySg/ltVQj4gWXtP7FJ1GolQJy6hgJ4uEg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724568561; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jOVrFKFT5OPAZuUHdDSDg+y8rUUt85XhZrecLsJfMnQ=; b=OTbOcJ0iotDyw1nmr3Fvv3P9zL9o5ElR0JPs7ZM001j7WxfCQx4tu/L5o9PbciKUHNlTkk RljhIOcB0kxyG+ZJgdb2l4170mN0Uj/sHKZvBHXcwSXOqtMp9+rUlIYEeAnIUeufxy1+L/ V86gStVK2Oja2LZbfFvMx+VR0M0eHaURjcdGi2XOKTlbss7wgTgD4lgO4PQn+N6vD/7u+K zRBwZtbF0D/joQ6CyjGukxxkNFuKEHF/KYgLaqnvTHmYEtQRqm//01Sj0OHEGHl/KD620k BpEWh7jbJw3/mNJ/f4o9i34U0UHzbdXlxsb26AfdW7sNKcoIR1vuatRMWeThYA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Ws4D11ybtz1RbP; Sun, 25 Aug 2024 06:49:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47P6nLIS043698; Sun, 25 Aug 2024 06:49:21 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47P6nLTq043695; Sun, 25 Aug 2024 06:49:21 GMT (envelope-from git) Date: Sun, 25 Aug 2024 06:49:21 GMT Message-Id: <202408250649.47P6nLTq043695@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Eugene Grosbein Subject: git: 41efd8eef313 - stable/12 - libalias: fix subtle racy problem in outside-inside forwarding List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: eugen X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 41efd8eef313448f63125dd96dfa393f5492edbd Auto-Submitted: auto-generated The branch stable/12 has been updated by eugen: URL: https://cgit.FreeBSD.org/src/commit/?id=41efd8eef313448f63125dd96dfa393f5492edbd commit 41efd8eef313448f63125dd96dfa393f5492edbd Author: Eugene Grosbein AuthorDate: 2024-08-19 03:34:37 +0000 Commit: Eugene Grosbein CommitDate: 2024-08-25 06:47:32 +0000 libalias: fix subtle racy problem in outside-inside forwarding sys/netinet/libalias/alias_db.c has internal static function UseLink() that passes a link to CleanupLink() to verify if the link has expired. If so, UseLink() may return NULL. _FindLinkIn()'s usage of UseLink() is not quite correct. Assume there is "redirect_port udp" configured to forward incoming traffic for specific port to some internal address. Such a rule creates partially specified permanent link. After first such incoming packet libalias creates new fully specified temporary LINK_UDP with default timeout of 60 seconds. Also, in case of low traffic libalias may assign "timestamp" for this new temporary link way in the past because LibAliasTime is updated seldom and can keep old value for tens of seconds, and it will be used for the temporary link. It may happen that next incoming packet for redirected port passed to _FindLinkIn() results in a call to UseLink() that returns NULL due to detected expiration. Immediate return of NULL results in broken translation: either a packet is dropped (deny_incoming mode) or delivered to original destination address instead of internal one. Fix it with additional check for NULL to proceed with a search for original partially specified link. In case of UDP, it also recreates temporary fully specified link with a call to ReLink(). Practical examples are "redirect_port udp" rules for unidirectional SYSLOG protocol (port 514) or some low volume VPN encapsulated in UDP. Thanks to Peter Much for initial analysis and first version of a patch. Reported by: Peter Much PR: 269770 (cherry picked from commit 8132e959099f0c533f698d8fbc17386f9144432f) (cherry picked from commit e5b85380836378c9e321a4e6d300591e6faf622a) --- sys/netinet/libalias/alias_db.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c index ed222c4133d4..e38186d2d696 100644 --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -870,8 +870,18 @@ _FindLinkIn(struct libalias *la, struct in_addr dst_addr, case 0: LIST_FOREACH(lnk, &grp->full, all.in) { if (lnk->dst_addr.s_addr == dst_addr.s_addr && - lnk->dst_port == dst_port) - return (UseLink(la, lnk)); + lnk->dst_port == dst_port) { + struct alias_link *found; + + found = UseLink(la, lnk); + if (found != NULL) + return (found); + /* link expired */ + grp = StartPointIn(la, alias_addr, alias_port, link_type, 0); + if (grp == NULL) + return (NULL); + break; + } } break; case LINK_UNKNOWN_DEST_PORT: