Kyle Evans [Tue, 16 Jan 2024 02:55:59 +0000 (20:55 -0600)]
kern: pts: do not special case closed slave side
This would previously return 1 if the slave side of the pts was closed
to force an application to read() from it and observe the EOF, but it's
not clear why and this is inconsistent both with how we handle devices
with similar mechanics (like pipes) and also with other kernels, such as
OpenBSD/NetBSD and Linux.
Kyle Evans [Tue, 16 Jan 2024 02:55:59 +0000 (20:55 -0600)]
kern: tty: recanonicalize the buffer on ICANON/VEOF/VEOL changes
Before this change, we would canonicalize any partial input if the new
local mode is not ICANON, but that's about it. If we were switching
from -ICANON -> ICANON, or if VEOF/VEOL changes, then our internal canon
accounting would be wrong.
The main consequence of this is that in ICANON mode, we would
potentially hang a read(2) longer if the new VEOF/VEOL appears later in
the buffer, and FIONREAD would be similarly wrong as a result.
Kyle Evans [Tue, 16 Jan 2024 02:55:58 +0000 (20:55 -0600)]
kern: tty: fix EOF handling for canonical reads
If the read(2) buffer is one byte short of an EOF, then we'll end up
reading the line into the buffer, then re-entering and seeing an EOF at
the beginning of the inq, assuming it's a zero-length line.
Fix this corner-case by searching one more byte than we have available
for an EOF. If we found it, then we'll trim it here; otherwise, we'll
limit our read to just the space we have in the out buffer and the next
read(2) will (potentially) read the remainder of the line.
Fix FIONREAD while we're here to match what an application can expect
read(2) to return -- scan for the first break character in the part of
the input that's been canonicalized, we'll never return more than that.
Kyle Evans [Tue, 16 Jan 2024 02:55:58 +0000 (20:55 -0600)]
kern: tty: fix ttyinq_read_uio assertion
It's clear from later context that `rlen` was always expected to include
`flen`, as we'll trim `flen` bytes from the end of the read. Relax our
initial assertion to only require the total size less trimmed bytes to
lie within the out buffer size.
While we're here, I note that if we have to read more than one block and
we're trimming from the end then we'll do the wrong thing and omit
`flen` bytes from every block, rather than just the end. Add an
assertion to make sure we're not doing that, but the only caller that
specifies a non-zero `flen` today will only really be doing so if rlen
is entirely within a single buffer.
Warner Losh [Mon, 15 Jan 2024 21:48:01 +0000 (14:48 -0700)]
checkstyle9.pl: Soften the single line braces requirement
We inherited the error for single line statements needing braces from
the original script. Style(9) allow that, and could be read to encourage
that, but does not require that.
Mark Johnston [Mon, 15 Jan 2024 20:39:26 +0000 (15:39 -0500)]
crashinfo: Print stack traces for all on-CPU threads
Add a python script which implements the bulk of this functionality.
Over time, this would ideally evolve into a library of python routines
which can be used to inspect kernel data structures and automate some
debugging tasks, similar to jhb's out-of-tree scripts, but written in a
somewhat nicer language and with better integration into the kgdb
command prompt.
Note that kgdb currently won't auto-load scripts in this directory.
This should perhaps change in the future. It probably also makes more
sense to have a crashinfo.py which provides all the kgdb output that we
want to include in core.txt, rather than having crashinfo.sh pipe in
several commands.
Reviewed by: avg, imp
Discussed with: jhb
MFC after: 3 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33817
Mike Karels [Mon, 15 Jan 2024 21:14:54 +0000 (15:14 -0600)]
route: error on IPv4 network routes with incorrect destination
Route destinations like 10/8 are most likely intended as a shorthand
for 10.0.0.0/8, but instead it means 0.0.0.10/8, which includes
only bits in the host part of the mask, and hence adds a route to
0.0.0.0/8. In 12.x, there was code to "do what I mean", which was
removed as part of a cleanup of old network class remnants. Given
that we have gone this long without that code, do not restore that
behavior. Instead, detect the issue and produce an error.
Specifically, if there are no dots in a numeric IPv4 address, the
mask is specified with CIDR notation (using a slash), and there are
bits set in the host part, produce an error like this for 10/8:
route: malformed address, bits set after mask; 10 means 0.0.0.10
Ricardo Branco [Mon, 15 Jan 2024 18:35:27 +0000 (11:35 -0700)]
find: Allow '/' to be used with -perm for GNU compatibility
In 2005, Gnu find deprecated '+' as the leading character for the -perm
argument, instead preferring '/' with the same meaning. Implement that
behavior here, and document it in the man page.
Mohamed Akram [Mon, 15 Jan 2024 18:27:04 +0000 (11:27 -0700)]
man: avoid unportable use of utilities
echo -e is not portable. It can be replaced by printf %b (it works
only with the /bin/sh built-in echo, not /bin/echo anyway).
head -# is not portable, but head -n # is.
Mark Johnston [Mon, 15 Jan 2024 17:29:02 +0000 (12:29 -0500)]
condvar: Fix a user-after-free in _cv_wait() when ktrace is enabled
When a thread wakes up after sleeping on a CV, it must not dereference
the CV structure, as it may already have been freed. At least ZFS
relies on this invariant, see commit c636f94bd2ff15be5b904939872b4bce31456c18 for example.
Thus, when logging context-switch events, copy the wmesg into a stack
buffer while it is still safe to do so, and log that after waking up.
While here, move the initial ktrcsw() call later, after assertions and
the SCHEDULER_STOPPED_TD() condition are checked.
Mark Johnston [Mon, 15 Jan 2024 17:27:11 +0000 (12:27 -0500)]
condvar: Clean up condvar.h a bit
- Remove a typedef that has been unused for a long time.
- Remove a LOCORE guard. MI headers like condvar.h don't need such a
guard in general.
- Move a forward declaration into the _KERNEL block.
- Add a types.h include to make the file self-contained.
Mike Karels [Sun, 14 Jan 2024 17:01:19 +0000 (11:01 -0600)]
Increase the size of riscv GENERICSD images to 6 GB
The stable/13 snapshot this week failed to build the riscv GENERICSD
image because it ran out of space. Checking main and stable/14
snapshots, they are also low on space, around 100% or more of
capacity. Increase them all from 5 GB to 6 GB. Note, this is the
only riscv image configuration.
Florian Walpen [Mon, 15 Jan 2024 10:21:57 +0000 (10:21 +0000)]
snd_hdspe(4): One pcm device per physical ADAT port.
ADAT connections transport 8, 4 or 2 audio channels depending on the
sample rate. Instead of splitting each physical ADAT port into 4
(potentially unmapped) stereo pcm devices, create just one pcm
device of variable channel width for every ADAT port.
Depending on the sample rate and channel width selected, the pcm
channels may be only partially mapped to ADAT channels and vice versa.
Added flexibility of the new channel mapping is also prerequisite to
introduce more pcm device layouts in follow-up commits.
Warner Losh [Mon, 15 Jan 2024 02:23:02 +0000 (19:23 -0700)]
git-arc: Add -c flag to patch to commit the change
git arc patch -c D1234 will download differential D1234, try to apply it
to the tree, and if successful will ask phab for the title and
summary. It will construct a commit message with that, the reviewers,
and the differential revision. It also tries its best to deduce the
proper 'author' to use for the commit, and warn if it thinks it has made
a bad choice.
Warner Losh [Mon, 15 Jan 2024 02:22:04 +0000 (19:22 -0700)]
git-arc: Just strip escape sequences form arc log
Just strip escape sequences and Warning: lines from 'arc list' output. I
upgraded and they changed and git arc list broke. This restores its
functionality.
Note: jhb didn't like this, so if others object, I'll fix...
Warner Losh [Tue, 2 May 2023 20:51:09 +0000 (14:51 -0600)]
build: Use ls -i | cut rather than stat -f %i to extract inode
ls -i dates back to 5th edition Unix and is more portable than the stat
command, though %% is a newer shellism, it works on any shell that
FreeBSD builds with.
Vadim Ushakov [Sun, 14 Jan 2024 16:22:17 +0000 (09:22 -0700)]
sc: Use current console rather than first console for mouse input
When mouse reporting feature is turned on (control sequence ^[[?1000h),
syscons sends valid mouse coordinates only for ttyv0. Applications
running on other ttys always (erroneously) get mouse coordinates from
the first tty, not from tty they actually run.
Steps to reproduce:
1. On ttyv0, run any application that uses mouse reporting feature. Make
some clicks. The feature works properly.
2. Switch to another ttyv, run the application. The application receives
mouse click events, but mouse position reported by syscons to the
application does not match with the actual mouse position on the screen.
Expected result:
Reported mouse position should match with visible mouse position.
Marius Strobl [Fri, 12 Jan 2024 22:27:07 +0000 (23:27 +0100)]
uart(4): Honor hardware state of NS8250-class for tsw_busy
In 9750d9e5, I brought the equivalent of the TS_BUSY flag back in a
mostly hardware-agnostic way in order to fix tty_drain() and, thus,
TIOCDRAIN for UARTs with TX FIFOs. This proved to be sufficient for
fixing the regression reported. So in light of the release cycle of
FreeBSD 10.3, I decided that this change was be good enough for the
time being and opted to go with the smallest possible yet generic
(for all UARTs driven by uart(4)) solution addressing the problem at
hand.
However, at least for the NS8250-class the above isn't a complete
fix as these UARTs only trigger an interrupt when the TX FIFO became
empty. At this point, there still can be an outstanding character
left in the transmit shift register as indicated via the LSR. Thus,
this change adds the 3rd (besides the tty(4) and generic uart(4) bits)
part I had in my tree ever since, adding a uart_txbusy method to be
queried in addition for tsw_busy and hooking it up as appropriate
for the NS8250-class.
As it turns out, the exact equivalent of this 3rd part later on was
implemented for uftdi(4) in 9ad221a5.
While at it, explain the rational behind the deliberately missing
locking in uart_tty_busy() (also applying to the generic sc_txbusy
testing already present).
* VERSION (_MAKE_VERSION): 20240106
Merge with NetBSD make, pick up
o fix duplicate progname when reporting an unknown target
o unit tests for Cmd_Exec using temp file
* VERSION (_MAKE_VERSION): 20240105
Merge with NetBSD make, pick up
o main.c: Cmd_Exec write cmd to a file if too big
avoid blowing commandline/env limits
* VERSION (_MAKE_VERSION): 20240101
o util.c: flesh out more of strftime
* configure.in: add --with-bmake-strftime
it is not a full implementation but enough to pass all
the unit-tests.
* parse.c: LoadFile do not append \n to empty buffer.
* VERSION (_MAKE_VERSION): 20231230
Merge with NetBSD make, pick up
o simplify memory allocation for string buffers
o fix declared types of list nodes
o suff.c: clean up freeing of suffixes
o var.c: simplify debug message for the ':@var@...@' modifier
clean up variable handling
* VERSION (_MAKE_VERSION): 20231226
Merge with NetBSD make, pick up
o compat.c: ensure make's output is correctly ordered with that of
the target when not going to a tty
o main.c: check for shellPath whether to call Shell_Init()
* VERSION (_MAKE_VERSION): 20231224
Merge with NetBSD make, pick up
o compat.c: check for shellPath whether to call Shell_Init()
tweak the unit test to detect the bug thus fixed.
o make.1: do not claim .SHELL is only used by jobs mode.
* VERSION (_MAKE_VERSION): 20231220
Merge with NetBSD make, pick up
o str.c: speed up pattern matching in the ':M' modifier
o var.c: fix confusing debug logging when deleting a variable
use consistent debug messages style when ignoring variables
* VERSION (_MAKE_VERSION): 20231210
Merge with NetBSD make, pick up
o var.c: avoid segfault on empty :C match expression
explain in debug log why variable assignment is ignored.
* VERSION (_MAKE_VERSION): 20231208
Merge with NetBSD make, pick up
o var.c: ensure fromCmd is set correctly for variables set on
command line.
* VERSION (_MAKE_VERSION): 20231124
Merge with NetBSD make, pick up
o main.c: cleanup processing of -j
fix lint warning about strchr
o var.c: more accurate error message for invalid ':mtime' argument
cleanup :[...] modifier
avoid reading beyond substring when comparing
o unit-tests cover all cases of :mtime, test and explain exporting
of variables
o cleanup comments
* bsd.after-import.mk (ECHO_TAG): FreeBSD no longer uses
$FreeBSD$ tag, so avoid adding it.
Brooks Davis [Sat, 13 Jan 2024 00:00:24 +0000 (00:00 +0000)]
libc: stop exposing __fcntl_compat
It was exposed (under FBSDprivate_1.0) for forward compatability in
threading libraries in 2008 by commit cd7d66a21f1a. The last consumer
was removed in 2015 by commit 8495e8b1e9e1. I missed this among the _
and __sys_ symbols in commit e2417a21a025.
Mark Johnston [Tue, 10 Oct 2023 18:14:46 +0000 (14:14 -0400)]
sanitizers: Avoid building genassym.c and genoffset.c with sanitizers
Some, particularly KASAN, may insert redzones around global symbols,
resulting in incorrect offset definitions because genassym.sh (ab)uses
symbol sizes to assign semantic meaning.
(Ideally I would be able to define this pattern in one place, but I
haven't found a way to define a GENSYM_CFLAGS that actually works for
all of the consumers (kern.post.mk, kmod.mk, sys/conf/files*).)
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: Juniper Networks, Inc.
Mark Johnston [Fri, 12 Jan 2024 15:07:28 +0000 (10:07 -0500)]
systm: Relax __result_use_check annotations
When compiling with gcc, functions annotated this way can not have their
return values cast away, e.g., with `(void)copyout(...)`. clang permits
it but gcc does not. Since we have a number of such casts for calls
which copy data out of the kernel, and since failing to check for errors
when copying *in* is a much more severe bug, remove some of the
annotations in order to make the gcc build happy.
Reviewed by: kib
Reported by: Jenkins
Fixes: 8e36732e6eb5 ("systm: Annotate copyin() and related functions with __result_use_check")
Differential Revision: https://reviews.freebsd.org/D43418
Kyle Evans [Fri, 12 Jan 2024 19:57:53 +0000 (13:57 -0600)]
bhyveload(8): document some SECURITY CONSIDERATIONS
The situation is improved now that we're running in a sandbox, but there
is still some host machine access that could be concerning depending on
the context. These concerns may be somewhat mitigated by the fact that
the host machine usually provides the loader binary, even when the guest
image is providing the loader scripts -- they only bring the lua
scripts, and they have to be able to execute arbitrary syscalls rather
than the interfaces provided by libsa(3).
Warner Losh [Fri, 12 Jan 2024 19:07:28 +0000 (12:07 -0700)]
MAINTAINERS: Add myself for nvme entries, remove jimharris
Jim Harris no longer has a commit bit and has moved on from being the
FreeBSD nvme driver maintainer at Intel. I've been reviewing things
so I'll take that up.
Output a line as soon as it is possible to determine that it will have
to be output. For the basic case, this means output each line as it is
read unless it is identical to the previous one. For the -d case, it
means output the first instance as soon as the second is read, unless
the -c option was also given. The -D and -u cases were already fine.
Add test cases for interactive use with no options and with -d.
Cy Schubert [Fri, 12 Jan 2024 07:39:02 +0000 (23:39 -0800)]
Revert "kerberos: Fix numerous segfaults when using weak crypto"
This revision breaks Linux and MacOS cross builds because
TARGET_ENDIANNESS is not define during bootstrapping on these
platforms.
I think the correct approach would be to separate the new
fbsd_ossl_provider_load() and unload functions into their own
library (instead of libroken). This avoids the less desirable
option of including bsd.cpu.mk in secure/lib/Makefile.common,
which does build but could complicate future work.
Xin LI [Fri, 12 Jan 2024 05:38:04 +0000 (21:38 -0800)]
releng-gce: Advertise the availability of gVNIC support in GCE images.
This marks FreeBSD GCE images as gVNIC capable by adding the
--guest-os-features=GVNIC flag at creation time as suggested in GCE
documentation[1]. This allows Generation 3 and newer GCE instances
to leverage advanced networking capabilities and performance
enhancements provided by gVNIC. Users will benefit from these
improvements without needing to create custom images.
Commit cc760de2183f changed the internal interface between
the nfscommon and nfscl modules. As such, both need to be
rebuilt from sources. Therefore, bump __FreeBSD_version.
Rick Macklem [Fri, 12 Jan 2024 00:38:33 +0000 (16:38 -0800)]
nfscl: Only update atime for Copy when noatime is not specified
Commit 57ce37f9dcd0 modified the NFSv4.2 Copy operation so that
it will update atime on the infd file whenever possible.
This is done by adding a Setattr of TimeAccess for the
input file.
This patch disables this change for the case of an NFSv4.2
mount with the "noatime" mount option, which avoids the
additional Setattr of TimeAccess operation.
Mark Johnston [Thu, 11 Jan 2024 16:42:47 +0000 (11:42 -0500)]
conf: Do not set -fno-sanitize-memory-param-retval for old compilers
The option was introduced in LLVM 16.
Fixes: b6c653c97463 ("kmsan: Set -fno-sanitize-memory-param-retval for now")
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: Juniper Networks, Inc.
Brooks Davis [Thu, 11 Jan 2024 18:27:20 +0000 (18:27 +0000)]
libc: separate syscall and non-syscall symbols
Put declerations of _ and __sys_ prefixed stubs at the top and
everything else at the bottom. Sort the bottom list with sort(1).
This paves the way to generate the syscall symbol list.
Cy Schubert [Wed, 6 Dec 2023 15:30:05 +0000 (07:30 -0800)]
kerberos: Fix numerous segfaults when using weak crypto
Weak crypto is provided by the openssl legacy provider which is
not load by default. Load the legacy providers as needed.
When the legacy provider is loaded into the default context the default
provider will no longer be automatically loaded. Without the default
provider the various kerberos applicaions and functions will abort().
vnode_pager_generic_putpages(): correctly handle clean block at EOF
The loop 'skip clean blocks' checking for the clean blocks in the dirty
pages might end up setting the in_hole to true when exactly at EOF at
the middle of the block, without advancing the prev_offset value. Then
the next block is not dirty, and next_offset is clipped back to poffset
+ maxsize, equal to prev_offset, failing the assertion.
Instead of asserting prev_offset < next_offset, we must skip the write.
Gleb Smirnoff [Thu, 11 Jan 2024 04:51:53 +0000 (20:51 -0800)]
netlink: fix bug with socket buffer character counter underflow
Cover case when an nb that we are now reading in full had been partially
read by previous read(2) and now has positive offset. Throw couple
assertions that helped to catch that earlier.
Gleb Smirnoff [Thu, 11 Jan 2024 04:51:53 +0000 (20:51 -0800)]
netlink: avoid putting empty mbufs on the socket queue
When processing incoming Netlink messages in nl_process_nbuf() kernel
always allocates a writer with a buffer to put generated reply to.
However, certain messages aren't replied. That makes nlmsg_flush()
to put an empty buffer to the socket. Avoid doing that because avoiding
is much easier than dealing with empty buffers on the receiver side.
Gleb Smirnoff [Thu, 11 Jan 2024 04:51:53 +0000 (20:51 -0800)]
netlink: improve edge case when reading out truncated last nlmsg in nb
When there is not enough space for one full message we return it truncated.
This enters special block of code that previously may leave empty buffer
with offset == datalen in the queue. Avoid that, as dealing later with
empty buffers causes more pain than just avoiding them. While here add
missing msgrcv increment.
Warner Losh [Wed, 3 Jan 2024 23:18:23 +0000 (16:18 -0700)]
acpi/apm: Improve APM ioctl interface emulation
The apm(8) program documents certain states, but doesn't document the
'unknown' state. It reports things correctly for systems with a battery,
but incorrectly for systems without one. Emulate the old interface a
little better by saying ac power is online if we have no status (instead
of unknown), the battery has a high charge of 255% if there's no battery
(instead of -1). Programs, like emacs, expect to see only the documented
values and misbehave when they see something else.
This is closer to what would happen on old-school APM machines. Sadly
(or not) I have no access to old-school APM machines to 100% confirm
this, but reading the spec, old code and testing with emacs' mode line
with battery suggests these values are more correct. emacs has never
been converted to acpi_conf due to permissions issues with acpi devices.
Fixing the kernel is preferable to hacking apm(8) for these special
cases because other programs that use these interfaces will also be more
correct. The kernel also has more data with which to decide what to
return.
Domagoj Stolfa [Wed, 3 Jan 2024 14:58:01 +0000 (14:58 +0000)]
dtrace: Add the 'oformat' libdtrace option
This option can be used to specify a format to use in DTrace output.
The following formats are supported:
- json
- xml
- html
- none (default DTrace output)
This is implemented using libxo and integrated into libdtrace. Client
code only works with the following API:
- dtrace_oformat_setup(dtrace_hdl_t *) -- to be called when output is starting.
- dtrace_oformat_teardown(dtrace_hdl_t *) -- to be called when output is finished
- dtrace_oformat(dtrace_hdl_t *) -- check if oformat is enabled.
- dtrace_set_outfp(FILE *) -- sets the output file for oformat.
- Ensure that oformat is correctly checked in the drop handler and record
processing callbacks.
This commit also adds tests which check if the generated output is
valid (JSON, XML) and extends the dtrace(1) describing the structured output.
Reviewed by: markj
Discussed with: phil
MFC after: 2 months
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D41745
Emmanuel Vadot [Tue, 26 Dec 2023 17:58:15 +0000 (18:58 +0100)]
syscon: Move syscon code in dev/syscon
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Tue, 26 Dec 2023 17:56:52 +0000 (18:56 +0100)]
phy: Move phy code in dev/phy
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Tue, 26 Dec 2023 17:54:53 +0000 (18:54 +0100)]
regulator: Move regulator code in dev/regulator
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Tue, 26 Dec 2023 17:51:22 +0000 (18:51 +0100)]
nvmem: Move nvmem code in dev/nvmem
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Tue, 26 Dec 2023 17:49:19 +0000 (18:49 +0100)]
hwreset: Move reset code in dev/hwreset
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Tue, 26 Dec 2023 17:43:48 +0000 (18:43 +0100)]
clk: Move clock code in dev/clk
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Mon, 25 Dec 2023 19:01:52 +0000 (20:01 +0100)]
clk: Move allwinner driver into the common directory
No need to keep it under sys/arm/allwinner/clkng
It's easier to find which controller we support by looking under one directory.
It will also be shared with Allwinner RiscV SoC.