5a562339 kp April 7, 2021, 11:05 a.m.
tests/sys/netfil/pf/synproxy fails if inetd has been running
outside of the jail because pidfile_open() fails with EEXIST.
tests/sys/netfil/pf/nat has the same problem but the test succeeds
because whether inetd is running is not so important.

Fix the problem by changing the pidfile path from the default
location.

Reviewed by:	kp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D29622
cgit
86a52e26 khng April 7, 2021, 11:11 a.m.
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Reviewed by:	bcr
Approved by:	philip (mentor)
Differential Revision:	https://reviews.freebsd.org/D29408
cgit
2bca8aa7 arichardson April 7, 2021, 10:35 a.m.
libarchive: Apply upstream commit a1b7bf8013fb7a11a486794247daae592db6f5ae

This fixes the failing test_read_append_filter_wrong_program test in CI
which has been failing since 01-Dec-2020.

Commit message from https://github.com/libarchive/libarchive/commit/a1b7bf8013fb7a11a486794247daae592db6f5ae

    Silence stderr in test_read_append_filter_program

    When the FreeBSD testsuite runs the libarchive tests it checks that stderr
    is empty. Since #1382 this is no longer the case. This change restores
    the behaviour of silencing bunzip2 stderr but doesn't bring back the
    output text check.

    Partially reverts 2e7aa5d9

MFC after:	3 days
Differential Revision: https://reviews.freebsd.org/D29036
cgit
83532eb6 arichardson April 7, 2021, 9:34 a.m.
They have been failing for 1.5 months and the patch to fix them is stuck
in review so mark them as XFAIL for now to get Jenkins back to green.

To be reverted when https://reviews.freebsd.org/D28886 (or similar) is
commited.

Reviewed By:	kp
MFC after:	3 days
Differential Revision: https://reviews.freebsd.org/D29528
cgit
b8028f9d jmg April 6, 2021, 11:32 p.m.
ac503c19 mav April 6, 2021, 9:27 p.m.
With new ZFS prefetcher improvements it is no longer needed to fully
serialize reads to reach decent prediction hit rate.  Softer variant
only creates small time window to reduce races instead of completely
blocking following reads while previous is running.  It much less
hurts the performance in case of prediction miss.

MFC after:	1 month
cgit
13b3862e mjg April 6, 2021, 8:31 p.m.
Since symlink support it can get upgraded to CACHE_FPL_STATUS_DESTROYED.

Reported by:	bdrewery
cgit
11f47f17 rene April 6, 2021, 8:26 p.m.
Reviewed by:	gjb, imp, lwhsu, mat
Differential Revision:	https://reviews.freebsd.org/D29502
cgit
2425f5e9 markj April 6, 2021, 6:49 p.m.
Discussed with:	jamie
Approved by:	so
Security:	CVE-2020-25584
Security:	FreeBSD-SA-21:10.jail_mount
cgit
982693bb markj April 6, 2021, 6:49 p.m.
Reviewed by:	kib, rlibby
Discussed with:	alc
Approved by:	so
Security:	CVE-2021-29626
Security:	FreeBSD-SA-21:08.vm
cgit
afb6a168 nwhitehorn April 6, 2021, 5:43 p.m.
By default, makefs(8) has very few spare inodes in its output images,
which is fine for static filesystems, but not so great for VM images
where many more files will be added. Make makefs(8) use the same
default settings as newfs(8) when creating images with free space --
there isn't much point to leaving free space on the image if you
can't put files there. If no free space is requested, use current
behavior of a minimal number of available inodes.

Reviewed by:	manu
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D29492
cgit
9e6158d2 vangyzen April 6, 2021, 5:13 p.m.
Close the unused pipe file descriptors so the parent will notice if
the child exits prematurely.  Previously, the parent would block
forever on a read from the pipe.

    $ uefisign -c foo.cert -k foo.key -o loader.efi loader.efi.unsigned
    uefisign: section points inside the headers
    load: 0.06  cmd: uefisign 4502 [piperd] 7.25r 0.00u 0.00s 0% 5968k
    ... _sleep+0x1be pipe_read+0x3d6 kern_readv+0x8c sys_read+0x83 ...

Reviewed by:	trasz
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D29605
cgit
9857e00a mw April 6, 2021, 4:50 p.m.
Commit: f2f1ab39c040 ("pci_user: call bus_translate_resource before BAR mmap")
broke build for 32-bit platforms due to rman_res_t and vm_paddr_t
incompatible types. Fix that.
cgit
f2f1ab39 mw April 6, 2021, 3:15 p.m.
On some armv8 machines it is possible that the mapping between CPU
and PCI bus BAR base addresses is not 1:1. In case a BAR is allocated
in kernel using bus_alloc_resource_any this translation is handled in
ofw_pci_activate_resource.

Do the same in pci_user.c by calling bus_translate_resource devmethod.
This fixes mmaping BARs to userspace on Marvell SoCs (Armada 7k8k/CN913x)
and possibly many other platforms.

Submitted by: Kornel Duleba <mindal@semihalf.com>
Reviewed by: kib
Obtained from: Semihalf
Sponsored by: Marvell
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D29604
cgit
1c1ead9b mw April 6, 2021, 3 p.m.
Some architectures - armv7, armv8 and riscv use VM_MEMATTR_DEVICE
when mapping device registers in kernel. Do the same in pciconf.
On armada8k SoC all reads from BARs mapped with hitherto attribute
(VM_MEMATTR_UNCACHEABLE) return 0xff's.

Submitted by: Kornel Duleba <mindal@semihalf.com>
Reviewed by: kib
Obtained from: Semihalf
Sponsored by: Marvell
Differential revision: https://reviews.freebsd.org/D29603
cgit