aboutsummaryrefslogtreecommitdiffstats
path: root/contrib
Commit message (Collapse)AuthorAgeFilesLines
* Add missing files to Debian DKMS packageDamiano Albani2023-05-251-2/+2
| | | | | | | | Reviewed-by: Tino Reichardt <[email protected]> Reviewed-by: Umer Saleem <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Damiano Albani <[email protected]> Closes #14887 Closes #14889
* pam: Fix "buffer overflow" in pam ZTS tests on F38Tony Hutter2023-05-091-9/+4
| | | | | | | | | | | | | The pam ZTS tests were reporting a buffer overflow on F38, possibly due to F38 now setting _FORTIFY_SOURCE=3 by default. gdb and valgrind narrowed this down to a snprintf() buffer overflow in zfs_key_config_modify_session_counter(). I'm not clear why this particular snprintf() was being flagged as an overflow, but when I replaced it with an asprintf(), the test passed reliably. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Tony Hutter <[email protected]> Closes #14802 Closes #14842
* PAM: support the authentication facilityVal Packett2023-04-271-14/+49
| | | | | | | | | | | | Implement the pam_sm_authenticate method, using the noop argument of lzc_load_key to do a passphrase check without actually loading the key. This allows using ZFS as the source of truth for user passwords, without storing any password hashes in /etc or using other PAM modules. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Felix Dörre <[email protected]> Signed-off-by: Val Packett <[email protected]> Closes #14789
* Work around Raspberry Pi kernel packaging odditiesRich Ercolani2023-04-171-2/+2
| | | | | | | | | | | | | | | | | | | | On Debian and Ubuntu and friends, you get something like "linux-image-$(uname -r)" and "linux-headers-$(uname -r)" you can put a Depends on. On Raspberry Pi OS, you get "raspberrypi-kernel" and "raspberrypi-kernel-headers", with version numbers like 20230411. There is not, as far as I can tell, a reasonable way to map that to a kernel version short of reaching out and digging around in the changelogs or Makefile, so just special-case it so the packages don't fail to install at install time. They still might not build if the versions don't match, but I don't see a way to do anything about that... Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Rich Ercolani <[email protected]> Closes #14745 Closes #14747
* initramfs: source user scripts from /e/z/initramfs-tools-load-key{,.d/*}наб2023-04-123-1/+37
| | | | | | | | | | | | | By dropping in a file in a directory (for packages) or by making a file (for local administrators), custom key loading methods may be provided for the rootfs and necessities. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Nicholas Morris <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Co-authored-by: Nicholas Morris <[email protected]> Supersedes: #14704 Closes: #13757 Closes #14733
* libzfs: add v2 iterator interfacesRob N2023-04-101-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | f6a0dac84 modified the zfs_iter_* functions to take a new "flags" parameter, and introduced a variety of flags to ask the kernel to limit the results in various ways, reducing the amount of work the caller needed to do to filter out things they didn't need. Unfortunately this change broke the ABI for existing clients (read: older versions of the `zfs` program), and was reverted 399b98198. dc95911d2 reintroduced the original patch, with the understanding that a backwards-compatible fix would be made before the 2.2 release branch was tagged. This commit is that fix. This introduces zfs_iter_*_v2 functions that have the new flags argument, and reverts the existing functions to not have the flags parameter, as they were before. The old functions are now reimplemented in terms of the new, with flags set to 0. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: George Wilson <[email protected]> Original-patch-by: George Wilson <[email protected]> Signed-off-by: Rob Norris <[email protected]> Sponsored-by: Klara, Inc. Closes #14597
* contrib: dracut: fix race with root=zfs:dset when necessities requiredнаб2023-03-318-68/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This had always worked in my testing, but a user on hardware reported this to happen 100%, and I reproduced it once with cold VM host caches. dracut-zfs-generator runs as a systemd generator, i.e. at Some Relatively Early Time; if root= is a fixed dataset, it tries to "solve [necessities] statically at generation time". If by that point zfs-import.target hasn't popped (because the import is taking a non-negligible amount of time for whatever reason), it'll see no children for the root datase, and as such generate no mounts. This has never had any right to work. No-one caught this earlier because it's just that much more convenient to have root=zfs:AUTO, which orders itself properly. To fix this, always run zfs-nonroot-necessities.service; this additionally simplifies the implementation by: * making BOOTFS from zfs-env-bootfs.service be the real, canonical, root dataset name, not just "whatever the first bootfs is", and only set it if we're ZFS-booting * zfs-{rollback,snapshot}-bootfs.service can use this instead of re-implementing it * having zfs-env-bootfs.service also set BOOTFSFLAGS * this means the sysroot.mount drop-in can be fixed text * zfs-nonroot-necessities.service can also be constant and always enabled, because it's conditioned on BOOTFS being set There is no longer any code generated at run-time (the sysroot.mount drop-in is an unavoidable gratuitous cp). The flow of BOOTFS{,FLAGS} from zfs-env-bootfs.service to sysroot.mount is not noted explicitly in dracut.zfs(7), because (a) at some point it's just visual noise and (b) it's already ordered via d-p-m.s from z-i.t. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Closes #14690
* Fix for mountpoint=legacyofthesun92023-03-141-2/+3
| | | | | | | | | We need to clear mountpoint only after checking it. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Richard Yao <[email protected]> Signed-off-by: ofthesun9 <[email protected]> Closes #14599 Closes #14604
* Better handling for future crypto parametersRob N2023-03-071-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The intent is that this is like ENOTSUP, but specifically for when something can't be done because we have no support for the requested crypto parameters; eg unlocking a dataset or receiving a stream encrypted with a suite we don't support. Its not intended to be recoverable without upgrading ZFS itself. If the request could be made to work by enabling a feature or modifying some other configuration item, then some other code should be used. load-key: In the future we might have more crypto suites (ie new values for the `encryption` property. Right now trying to load a key on such a future crypto suite will look up suite parameters off the end of the crypto table, resulting in misbehaviour and/or crashes (or, with debug enabled, trip the assertion in `zio_crypt_key_unwrap`). Instead, lets check the value we got from the dataset, and if we can't handle it, abort early. recv: When receiving a raw stream encrypted with an unknown crypto suite, `zfs recv` would report a generic `invalid backup stream` (EINVAL). While technically correct, its not super helpful, so lets ship a more specific error code and message. Reviewed-by: Tino Reichardt <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Richard Yao <[email protected]> Signed-off-by: Rob Norris <[email protected]> Closes #14577
* initramfs: fix zpool get argument orderq662023-03-061-3/+3
| | | | | | | | | | | | | | | When using the zfs initramfs scripts on my system, I get various errors at initramfs stage, such as: cannot open '-o': name must begin with a letter My zfs binaries are compiled with musl libc, which may be why this happens. In any case, fix the argument order to make the zpool binary happy, and to match its --help output. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Richard Yao <[email protected]> Signed-off-by: Daniel Kolesa <[email protected]> Closes #14572
* Fix github build failures because of vdevprops.7Tino Reichardt2023-02-281-0/+1
| | | | | | | | | | | This small fix adds the manpage vdevprops.7 to the file contrib/debian/openzfs-zfsutils.install and the github actions will work again. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: George Melikov <[email protected]> Reviewed-by: Brian Atkinson <[email protected]> Signed-off-by: Tino Reichardt <[email protected]> Closes #14553
* initramfs: Make mountpoint=none workRyan Moeller2023-02-061-1/+3
| | | | | | | | | In initramfs, mount.zfs fails to mount a dataset with mountpoint=none, but mount.zfs -o zfsutil works. Use -o zfsutil when mountpoint=none. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Richard Yao <[email protected]> Signed-off-by: Ryan Moeller <[email protected]> Closes #14455
* rootdelay on zfs should be adaptiveGeorge Wilson2023-02-021-19/+35
| | | | | | | | | | | | | | | | | | The 'rootdelay' boot option currently pauses the boot for a specified amount of time. The original intent was to ensure that slower configurations would have ample time to enumerate the devices to make importing the root pool successful. This, however, causes unnecessary boot delay for environments like Azure which set this parameter by default. This commit changes the initramfs logic to pause until it can successfully load the 'zfs' module. The timeout specified by 'rootdelay' now becomes the maximum amount of time that initramfs will wait before failing the boot. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Prakash Surya <[email protected]> Signed-off-by: George Wilson <[email protected]> Closes #14430
* contrib: dracut: Do not timeout waiting for pwClemens Lang2023-01-051-1/+1
| | | | | | | | | | | | | | systemd-ask-password has a default timeout of 90 seconds, which means that dracut will fall back to the rescue shell 4.5 minutes after boot if no password is entered. This is undesirable when combined with, for example, unlocking remotely using dracut-sshd and systemd-tty-ask-password-agent. See also https://github.com/gsauthof/dracut-sshd#timeout and https://bugzilla.redhat.com/show_bug.cgi?id=868421. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Clemens Lang <[email protected]> Closes #14341
* Documentation correctionsBrian Behlendorf2022-12-221-1/+1
| | | | | | | | | - Update the link to the OpenZFS Code of Conduct. - Remove extra "the" from contrib/initramfs/scripts/zfs Reviewed-by: George Melikov <[email protected]> Signed-off-by: Brian Behlendorf <[email protected]> Closes #14298 Closes #14307
* Add native-deb* targets to build native Debian packagesUmer Saleem2022-12-138-44/+7
| | | | | | | | | | | | | | | | | | | | | In continuation of previous #13451, this commits adds native-deb* targets for make to build native debian packages. Github workflows are updated to build and test native Debian packages. Native packages only build with pre-configured paths (see the dh_auto_configure section in contrib/debian/rules.in). While building native packages, paths should not be configured. Initial config flags e.g. '--enable-debug' are replaced in contrib/debian/rules.in. Additional packages on top of existing zfs packages required to build native packages include debhelper-compat, dh-python, dkms, po-debconf, python3-all-dev, python3-sphinx. Reviewed-by: George Melikov <[email protected]> Reviewed-by: Ryan Moeller <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Umer Saleem <[email protected]> Closes #14265
* zfs list: Allow more fields in ZFS_ITER_SIMPLE modeAllan Jude2022-12-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the fields to be listed and sorted by are constrained to those populated by dsl_dataset_fast_stat(), then zfs list is much faster, as it does not need to open each objset and reads its properties. A previous optimization by Pawel Dawidek (0cee24064a79f9c01fc4521543c37acea538405f) took advantage of this to make listing snapshot names sorted only by name much faster. However, it was limited to `-o name -s name`, this work extends this optimization to work with: - name - guid - createtxg - numclones - inconsistent - redacted - origin and could be further extended to any other properties supported by dsl_dataset_fast_stat() or similar, that do not require extra locking or reading from disk. This was committed before (9a9e2e343dfa2af28bf7910de77ae73aa006de62), but was reverted due to a regression when used with an older kernel. If the kernel does not populate zc->zc_objset_stats, we now fallback to getting the properties via the slower interface, to avoid problems with newer userland and older kernels. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Allan Jude <[email protected]> Closes #14110
* initramfs: Fix legacy mountpoint rootfsRyan Moeller2022-12-121-12/+8
| | | | | | | | | | Legacy mountpoint datasets should not pass `-o zfsutil` to `mount.zfs`. Fix the logic in `mount_fs()` to not forget we have a legacy mountpoint when checking for an `org.zol:mountpoint` userprop. Reviewed-by: Richard Yao <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ryan Moeller <[email protected]> Closes #14274
* Coverity Model UpdateRichard Yao2022-11-291-4/+6
| | | | | | | | | | | | | | | When reviewing Clang Static Analyzer reports against a branch that had experimental header changes based on the Coverity model file to inform it that KM_SLEEP allocations cannot return NULL, I found a report saying that a KM_PUSHPAGE allocation returned NULL. The actual implementation does not return NULL unless KM_NOSLEEP has been passed, so we backport the correction from the experimental header changes to the Coverity model. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Ryan Moeller <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #14210
* Ubuntu 22.04 integration: ShellCheckszubersk2022-11-184-21/+21
| | | | | | | | | | | | | | | | - Add new SC2312 global exclude. ``` Consider invoking this command separately to avoid masking its return value (or use '|| true' to ignore). [SC2312] ``` - Correct errors detected by new ShellCheck version. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Richard Yao <[email protected]> Reviewed-by: George Melikov <[email protected]> Signed-off-by: szubersk <[email protected]> Closes #14148
* include overrides for zfs snapshot/rollback bootfs.serviceVince van Oosten2022-11-011-0/+9
| | | | | | | Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Vince van Oosten <[email protected]> Closes #14075 Closes #14076
* include overrides for zfs-import.targetVince van Oosten2022-11-011-3/+12
| | | | | | | Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Vince van Oosten <[email protected]> Closes #14075 Closes #14076
* include systemd overrides to zfs-dracut moduleVince van Oosten2022-11-011-0/+10
| | | | | | | | | | | | | | | | | If a user that uses systemd and dracut wants to overide certain settings, they typically use `systemctl edit [unit]` or place a file in `/etc/systemd/system/[unit].d/override.conf` directly. The zfs-dracut module did not include those overrides however, so this did not have any effect at boot time. For zfs-import-scan.service and zfs-import-cache.service, overrides are now included in the dracut initramfs image. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Vince van Oosten <[email protected]> Closes #14075 Closes #14076
* Add native Debian Packaging for LinuxUmer Saleem2022-10-2754-0/+1162
| | | | | | | | | | | | | | | | | | | | | Currently, the Debian packages are generated from ALIEN that converts RPMs to Debian packages. This commit adds native Debian packaging for Debian based systems. This packaging is a fork of Debian zfs-linux 2.1.6-2 release. (source: https://salsa.debian.org/zfsonlinux-team/zfs) Some updates have been made to keep the footprint minimal that include removing the tests, translation files, patches directory etc. All credits go to Debian ZFS on Linux Packaging Team. For copyright information, please refer to contrib/debian/copyright. scripts/debian-packaging.sh can be used to invoke the build. Reviewed-by: Mo Zhou <[email protected]> Reviewed-by: Ryan Moeller <[email protected]> Signed-off-by: Umer Saleem <[email protected]> Closes #13451
* Coverity model file updateRichard Yao2022-10-181-48/+341
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upon review, it was found that the model for malloc() was incorrect. In addition, several general purpose memory allocation functions were missing models: * kmem_vasprintf() * kmem_asprintf() * kmem_strdup() * kmem_strfree() * spl_vmem_alloc() * spl_vmem_zalloc() * spl_vmem_free() * calloc() As an experiment to try to find more bugs, some less than general purpose memory allocation functions were also given models: * zfsvfs_create() * zfsvfs_free() * nvlist_alloc() * nvlist_dup() * nvlist_free() * nvlist_pack() * nvlist_unpack() Finally, the models were improved using additional coverity primitives: * __coverity_negative_sink__() * __coverity_writeall0__() * __coverity_mark_as_uninitialized_buffer__() * __coverity_mark_as_afm_allocated__() In addition, an attempt to inform coverity that certain modelled functions read entire buffers was used by adding the following to certain models: int first = buf[0]; int last = buf[buflen-1]; It was inspired by the QEMU model file. No additional false positives were found by this, but it is believed that the more accurate model file will help to catch false positives in the future. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #14048
* PAM: Fix unchecked return value from zfs_key_config_load()Richard Yao2022-10-051-1/+4
| | | | | | | | | | | | | | | 9a49c6b782443ba6e627f2261c45f082ad843094 was intended to fix this issue, but I had missed the case in pam_sm_open_session(). Clang's static analyzer had not reported it and I forgot to look for other cases. Interestingly, GCC gcc-12.1.1_p20220625's static analyzer had caught this as multiple double-free bugs, since another failure after the failure in zfs_key_config_load() will cause us to attempt to free the memory that zfs_key_config_load() was supposed to allocate, but had cleaned up upon failure. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #13978
* Reduce false positives from Static AnalyzersRichard Yao2022-09-301-92/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Both Clang's Static Analyzer and Synopsys' Coverity would ignore assertions. Following Clang's advice, we annotate our assertions: https://clang-analyzer.llvm.org/annotations.html#custom_assertions This makes both Clang's Static Analyzer and Coverity properly identify assertions. This change reduced Clang's reported defects from 246 to 180. It also reduced the false positives reported by Coverityi by 10, while enabling Coverity to find 9 more defects that previously were false negatives. A couple examples of this would be CID-1524417 and CID-1524423. After submitting a build to coverity with the modified assertions, CID-1524417 disappeared while the report for CID-1524423 no longer claimed that the assertion tripped. Coincidentally, it turns out that it is possible to more accurately annotate our headers than the Coverity modelling file permits in the case of format strings. Since we can do that and this patch annotates headers whenever `__coverity_panic__()` would have been used in the model file, we drop all models that use `__coverity_panic__()` from the model file. Upon seeing the success in eliminating false positives involving assertions, it occurred to me that we could also modify our headers to eliminate coverity's false positives involving byte swaps. We now have coverity specific byteswap macros, that do nothing, to disable Coverity's false positives when we do byte swaps. This allowed us to also drop the byteswap definitions from the model file. Lastly, a model file update has been done beyond the mentioned deletions: * The definitions of `umem_alloc_aligned()`, `umem_alloc()` andi `umem_zalloc()` were originally implemented in a way that was intended to inform coverity that when KM_SLEEP has been passed these functions, they do not return NULL. A small error in how this was done was found, so we correct it. * Definitions for umem_cache_alloc() and umem_cache_free() have been added. In practice, no false positives were avoided by making these changes, but in the interest of correctness from future coverity builds, we make them anyway. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Ryan Moeller <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #13902
* PAM: Fix uninitialized value readRichard Yao2022-09-271-1/+3
| | | | | | | | | | | Clang's static analyzer found that config.uid is uninitialized when zfs_key_config_load() returns an error. Oddly, this was not included in the unchecked return values that Coverity found. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #13957
* Fix unsafe string operationsRichard Yao2022-09-271-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Coverity caught unsafe use of `strcpy()` in `ztest_dmu_objset_own()`, `nfs_init_tmpfile()` and `dump_snapshot()`. It also caught an unsafe use of `strlcat()` in `nfs_init_tmpfile()`. Inspired by this, I did an audit of every single usage of `strcpy()` and `strcat()` in the code. If I could not prove that the usage was safe, I changed the code to use either `strlcpy()` or `strlcat()`, depending on which function was originally used. In some cases, `snprintf()` was used to replace multiple uses of `strcat` because it was cleaner. Whenever I changed a function, I preferred to use `sizeof(dst)` when the compiler is able to provide the string size via that. When it could not because the string was passed by a caller, I checked the entire call tree of the function to find out how big the buffer was and hard coded it. Hardcoding is less than ideal, but it is safe unless someone shrinks the buffer sizes being passed. Additionally, Coverity reported three more string related issues: * It caught a case where we do an overlapping memory copy in a call to `snprintf()`. We fix that via `kmem_strdup()` and `kmem_strfree()`. * It caught `sizeof (buf)` being used instead of `buflen` in `zdb_nicenum()`'s call to `zfs_nicenum()`, which is passed to `snprintf()`. We change that to pass `buflen`. * It caught a theoretical unterminated string passed to `strcmp()`. This one is likely a false positive, but we have the information needed to do this more safely, so we change this to silence the false positive not just in coverity, but potentially other static analysis tools too. We switch to `strncmp()`. * There was a false positive in tests/zfs-tests/cmd/dir_rd_update.c. We suppress it by switching to `snprintf()` since other static analysis tools might complain about it too. Interestingly, there is a possible real bug there too, since it assumes that the passed directory path ends with '/'. We add a '/' to fix that potential bug. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #13913
* Enforce "-F" flag on resuming recv of full/newfs on existing datasetJitendra Patidar2022-09-271-0/+1
| | | | | | | | | | | | | | | | | | | | | | When receiving full/newfs on existing dataset, then it should be done with "-F" flag. Its enforced for initial receive in checks done in zfs_receive_one function of libzfs. Similarly, on resuming full/newfs recv on existing dataset, it should be done with "-F" flag. When dataset doesn't exist, then full/new recv is done on newly created dataset and it's marked INCONSISTENT. But when receiving on existing dataset, recv is first done on %recv and its marked INCONSISTENT. Existing dataset is not marked INCONSISTENT. Resume of full/newfs receive with dataset not INCONSISTENT indicates that its resuming newfs on existing dataset. So, enforce "-F" flag in this case. Also return an error from dmu_recv_resume_begin_check() in zfs kernel, when its resuming full/newfs recv without force. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Chunwei Chen <[email protected]> Signed-off-by: Jitendra Patidar <[email protected]> Closes #13856 Closes #13857
* Fix userspace memory leaks found by Clang Static AnalzyerRichard Yao2022-09-261-1/+2
| | | | | | | | | | | | | | | | | | | | | Recently, I have been making a push to fix things that coverity found. However, I was curious what Clang's static analyzer reported, so I ran it and found things that coverity had missed. * contrib/pam_zfs_key/pam_zfs_key.c: If prop_mountpoint is passed more than once, we leak memory. * module/zfs/zcp_get.c: We leak memory on temporary properties in userspace. * tests/zfs-tests/cmd/draid.c: On error from vdev_draid_rand(), we leak memory if best_map had been allocated by a prior iteration. * tests/zfs-tests/cmd/mkfile.c: Memory used by the loop is not freed before program termination. Arguably, these are all minor issues, but if we ignore them, then they could obscure serious bugs, so we fix them. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #13955
* Fix null pointer dereferences in PAMRichard Yao2022-09-161-1/+4
| | | | | | | Coverity caught these. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #13889
* Update coverity modelRichard Yao2022-09-161-1/+16
| | | | | | | | | | | | `uu_panic()` needs to be modelled and the definition of `vpanic()` from the original coverity model was missing `__coverity_format_string_sink__()`. We also model `libspl_assertf()` as part of an attempt to eliminate false positives. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #13901
* Add coverity model to repositoryRichard Yao2022-09-151-0/+407
| | | | | | | | | | Other projects such as the python project include their coverity models in their repositories. This provides transparency, which is beneficial in open source projects. Therefore, it is a good idea to include the coverity model in our repository too. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes #13884
* contrib: dracut: zfs-snapshot-bootfs: exit status fixgregory-lee-bartholomew2022-08-121-1/+1
| | | | | | | | | | | | | | | When the zfs-snapshot-bootfs service attempts to create a snapshot that already exists, the exit status of the command is non-zero and the service reports failed to the systemd service manager. This is a common occurrence if bootfs.snapshot is left set on the kernel command line and it should not be considered a failure. This service was originally set to ignore this error by prefixing the command with - on the ExecStart line, but the leading - appears to have been dropped in #13359. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Gregory Bartholomew <[email protected]> Closes #13769
* Fix checkstyle warning: E275 missing whitespace after keywordTino Reichardt2022-08-011-1/+1
| | | | | | Reviewed-by: George Melikov <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Tino Reichardt <[email protected]> Closes #13710
* Implement a new type of zfs receive: corrective receive (-c)Alek P2022-07-285-0/+158
| | | | | | | | | | | | | | This type of recv is used to heal corrupted data when a replica of the data already exists (in the form of a send file for example). With the provided send stream, corrective receive will read from disk blocks described by the WRITE records. When any of the reads come back with ECKSUM we use the data from the corresponding WRITE record to rewrite the corrupted block. Reviewed-by: Paul Dagnelie <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Paul Zuchowski <[email protected]> Signed-off-by: Alek Pinchuk <[email protected]> Closes #9372
* dracut: fix boot on non-zfs-root systemsToyam Cox2022-06-301-5/+5
| | | | | | | | | | Simply prevent overwriting root until it needs to be overwritten. Dracut could change this value before this module is called, but won't change the kernel command line. Reviewed-by: Andrew J. Hesford <[email protected]> Signed-off-by: Toyam Cox <[email protected]> Closes #13592
* contrib: dracut: README.mdgregory-lee-bartholomew2022-06-301-1/+1
| | | | | | | | Change zfs-snapshot-bootfs.service to zfs-rollback-bootfs.service in cmdline point 4 of README.md. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Gregory Bartholomew <[email protected]> Closes #13609
* contrib: dracut: zfs-{rollback,snapshot}-bootfs: explicit snapname fixgregory-lee-bartholomew2022-06-292-2/+2
| | | | | | | | | | | Due to a missing semicolon on the ExecStart line, it wasn't possible to specify the snapshot name on the bootfs.{rollback,snapshot} kernel parameters if the boot dataset name was obtained from the root=zfs:... kernel parameter. Reviewed-by: Ahelenia Ziemiańska <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Gregory Bartholomew <[email protected]> Closes #13585
* dracut: fix typo in mount-zfs.sh.inBrian Behlendorf2022-06-291-1/+1
| | | | | | | | | Format the `zpool get` command correctly. The -o option must be followed by "all" or the requested field name. Reviewed-by: Ahelenia Ziemiańska <[email protected]> Reviewed-by: George Melikov <[email protected]> Signed-off-by: Brian Behlendorf <[email protected]> Closes #13602
* Remove install of zfs-load-module.service for dracutMatthew Thode2022-06-211-2/+1
| | | | | | | | The zfs-load-module.service service is not currently provided by the OpenZFS repository so we cannot safely assume it exists. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Matthew Thode <[email protected]> Closes #13574
* Add Linux namespace delegation supportWill Andrews2022-06-101-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows ZFS datasets to be delegated to a user/mount namespace Within that namespace, only the delegated datasets are visible Works very similarly to Zones/Jailes on other ZFS OSes As a user: ``` $ unshare -Um $ zfs list no datasets available $ echo $$ 1234 ``` As root: ``` # zfs list NAME ZONED MOUNTPOINT containers off /containers containers/host off /containers/host containers/host/child off /containers/host/child containers/host/child/gchild off /containers/host/child/gchild containers/unpriv on /unpriv containers/unpriv/child on /unpriv/child containers/unpriv/child/gchild on /unpriv/child/gchild # zfs zone /proc/1234/ns/user containers/unpriv ``` Back to the user namespace: ``` $ zfs list NAME USED AVAIL REFER MOUNTPOINT containers 129M 47.8G 24K /containers containers/unpriv 128M 47.8G 24K /unpriv containers/unpriv/child 128M 47.8G 128M /unpriv/child ``` Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Will Andrews <[email protected]> Signed-off-by: Allan Jude <[email protected]> Signed-off-by: Mateusz Piotrowski <[email protected]> Co-authored-by: Allan Jude <[email protected]> Co-authored-by: Mateusz Piotrowski <[email protected]> Sponsored-by: Buddy <https://buddy.works> Closes #12263
* Replace EXTRA_DIST with dist_noinst_DATABrian Behlendorf2022-05-265-7/+5
| | | | | | | | | | | | | | | The EXTRA_DIST variable is ignored when used in the FALSE conditional of a Makefile.am. This results in the `make dist` target omitting these files from the generated tarball unless CONFIG_USER is defined. This issue can be avoided by switching to use the dist_noinst_DATA variable which is handled as expected by autoconf. This change also adds support for --with-config=dist as an alias for --with-config=srpm and updates the GitHub workflows to use it. Reviewed-by: Ahelenia Ziemiańska <[email protected]> Signed-off-by: Brian Behlendorf <[email protected]> Closes #13459 Closes #13505
* Remove constrained path on cleanнаб2022-05-101-1/+2
| | | | | | Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Closes #13316
* contrib: bash_completion.d: install, fix distнаб2022-05-101-5/+6
| | | | | | | | | | | | | dist diff: -zfs-2.1.99/contrib/bash_completion.d/zfs install diff: +destdir/usr/local/etc/bash_completion.d +destdir/usr/local/etc/bash_completion.d/zfs Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Closes #13316
* autoconf: use include directives instead of recursing down contribнаб2022-05-1018-148/+106
| | | | | | | | | Also make the pyzfs build actually out-of-tree and quiet by default Reviewed-by: Brian Behlendorf <[email protected]> Co-authored-by: Rapptz <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Closes #13316
* autoconf: use include directives instead of recursing down cmdнаб2022-05-108-4/+17
| | | | | | | | | | | | | | | | | No installation diff, dist lost -zfs-2.1.99/cmd/fsck_zfs/fsck.zfs which was distributed erroneously, since it's generated Also clean gitrev on clean Also add -e 'any possible bashisms' to default checkbashisms flags, and fully parallelise it and shellcheck, and it works out-of-tree, too Also align the Release in the dist META file correctly Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Closes #13316
* autoconf: use include directives instead of recursing down libнаб2022-05-101-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As a bonus, this also adds zfs-mount-generator (previously undescended down) and libzstd (not included) to CppCheck As a bonus bonus, abigail rules work out-of-tree, too Against current trunk: $ diff -U0 ./destdir.listing ~/store/code/zfs/destdir.listing -destdir/usr/local/include/libspl/sscanf.h $ diff --color -U0 ./zfs-2.1.99.tar.gz.listing ../oot/zfs-2.1.99.tar.gz.listing | grep -v @@ | grep -v /Makefile -zfs-2.1.99/config/Abigail.am -zfs-2.1.99/lib/libspl/include/util/ -zfs-2.1.99/lib/libspl/include/util/sscanf.h $ diff --color -U0 ./zfs-2.1.99.tar.gz.listing ../oot/zfs-2.1.99.tar.gz.listing | grep -v @@ | grep /Makefile -zfs-2.1.99/lib/libavl/Makefile.in -zfs-2.1.99/lib/libefi/Makefile.in -zfs-2.1.99/lib/libicp/Makefile.in -zfs-2.1.99/lib/libnvpair/Makefile.in -zfs-2.1.99/lib/libshare/Makefile.in -zfs-2.1.99/lib/libspl/include/Makefile.in -zfs-2.1.99/lib/libspl/include/os/freebsd/Makefile.am -zfs-2.1.99/lib/libspl/include/os/freebsd/Makefile.in -zfs-2.1.99/lib/libspl/include/os/freebsd/sys/Makefile.am -zfs-2.1.99/lib/libspl/include/os/freebsd/sys/Makefile.in -zfs-2.1.99/lib/libspl/include/os/linux/Makefile.am -zfs-2.1.99/lib/libspl/include/os/linux/Makefile.in -zfs-2.1.99/lib/libspl/include/os/linux/sys/Makefile.am -zfs-2.1.99/lib/libspl/include/os/linux/sys/Makefile.in -zfs-2.1.99/lib/libspl/include/os/Makefile.am -zfs-2.1.99/lib/libspl/include/os/Makefile.in -zfs-2.1.99/lib/libspl/include/rpc/Makefile.am -zfs-2.1.99/lib/libspl/include/rpc/Makefile.in -zfs-2.1.99/lib/libspl/include/sys/dktp/Makefile.am -zfs-2.1.99/lib/libspl/include/sys/dktp/Makefile.in -zfs-2.1.99/lib/libspl/include/sys/Makefile.am -zfs-2.1.99/lib/libspl/include/sys/Makefile.in -zfs-2.1.99/lib/libspl/include/util/Makefile.am -zfs-2.1.99/lib/libspl/include/util/Makefile.in -zfs-2.1.99/lib/libspl/Makefile.in -zfs-2.1.99/lib/libtpool/Makefile.in -zfs-2.1.99/lib/libunicode/Makefile.in -zfs-2.1.99/lib/libuutil/Makefile.in -zfs-2.1.99/lib/libzfsbootenv/Makefile.in -zfs-2.1.99/lib/libzfs_core/Makefile.in -zfs-2.1.99/lib/libzfs/Makefile.in -zfs-2.1.99/lib/libzpool/Makefile.in -zfs-2.1.99/lib/libzstd/Makefile.in -zfs-2.1.99/lib/libzutil/Makefile.in -zfs-2.1.99/lib/Makefile.in Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Closes #13316
* contrib: dracut: remove getargbool polyfillнаб2022-04-201-14/+0
| | | | | | | | | It was originally released in dracut 008 in February 2011; we can probably drop it now Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Closes #13291