Kristof Provost [Thu, 2 Dec 2021 07:22:34 +0000 (08:22 +0100)]
if_pflog: fix packet length
There were two issues with the new pflog packet length.
The first is that the length is expected to be a multiple of
sizeof(long), but we'd assumed it had to be a multiple of
sizeof(uint32_t).
The second is that there's some broken software out there (such as
Wireshark) that makes incorrect assumptions about the amount of padding.
That is, Wireshark assumes there's always three bytes of padding, rather
than however much is needed to get to a multiple of sizeof(long).
Fix this by adding extra padding, and a fake field to maintain
Wireshark's assumption.
Rick Macklem [Sat, 27 Nov 2021 23:02:04 +0000 (15:02 -0800)]
nfscl: Sanity check the Sequence slotid in reply
The slotid in the Sequence reply must be the same as
in the request. Check that it is the same and log
a console message if it is not, plus set it to the
correct value.
Colin Percival [Tue, 23 Nov 2021 04:16:34 +0000 (20:16 -0800)]
EC2: Turn off IPv6 DAD
Disable Duplicate Address Detection in EC2 instances. The networking
configuration in EC2, with IPv6 addresses assigned by DHCPv6 and
host egress filtering, makes "duplicate addresses" impossible.
This speeds up the boot process in EC2 by 2 seconds.
Dimitry Andric [Sun, 5 Dec 2021 17:54:13 +0000 (18:54 +0100)]
Apply fix for clang crashing on invalid -Wa,-march= values
Merge commit df08b2fe8b35 from llvm git (by Dimitry Andric):
[AArch64] Avoid crashing on invalid -Wa,-march= values
As reported in https://bugs.freebsd.org/260078, the gnutls Makefiles
pass -Wa,-march=all to compile a number of assembly files. Clang does
not support this -march value, but because of a mistake in handling
the arguments, an unitialized Arg pointer is dereferenced, which can
cause a segfault.
Work around this by adding a check if the local WaMArch variable is
initialized, and if so, using its value in the diagnostic message.
Mitchell Horne [Mon, 6 Dec 2021 14:09:54 +0000 (10:09 -0400)]
ucom: s/sio/ucom/
Seems like a copy-paste error, or at least this made more sense when the
sio(4) driver still existed. This modifies the debug port name displayed
at boot, but otherwise has no functional change.
Reviewed by: hselasky
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D33278
Mitchell Horne [Sun, 5 Dec 2021 15:11:55 +0000 (11:11 -0400)]
x86: remove unused T_USER flag
It stopped being used in 3c256f5395aa, when trap() was reorganized to
have separate switch statements for user and kernel traps. Remove the
two leftover references and the flag itself.
Reviewed by: kib
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D33253
When no mask is supplied to the ioctl adding an Internet interface
address, revert to using the historical class mask rather than a
single default. Similarly for the NFS bootp code.
Mike Karels [Thu, 28 Oct 2021 23:39:43 +0000 (18:39 -0500)]
systat: clean up code assuming network classes
Similar to netstat, clean up code that uses inet_lnaof() to check for
binding to "host 0" (lowest host on network) as a "network" bind.
Such things don't happen, and current networks are seldom if ever
found in /etc/networks.
Mike Karels [Wed, 27 Oct 2021 03:12:24 +0000 (22:12 -0500)]
sockstat: change check for wildcard sockets to avoid historical classes
sockstat was checking whether a bound address was "host 0", the lowest
host on a network, using inet_lnaof(). This only works for class A/B/C.
However, it isn't useful to bind such an address unless it is really
the unspecified address INADDR_ANY. Change the check to to use that.
Mike Karels [Wed, 27 Oct 2021 03:39:10 +0000 (22:39 -0500)]
netstat: reduce use of historical Internet classes
When attempting to characterize bound addresses, netstat was checking
for host 0 on a (historical) net using inet_lnaof(). Such addresses
are not normally bound, as they would not work, with the exception
of the unspecified address, INADDR_ANY. Check for that explicitly.
Similarly, don't check bound addresses for a match to a network name.
Mike Karels [Wed, 27 Oct 2021 03:48:23 +0000 (22:48 -0500)]
mountd: deprecate exports to a network without mask
The exports file format allows export to a network using an explicit
mask or prefix length (CIDR). It also allows a network with just
a dotted address, in which case the historical mask was used.
Deprecate this usage, and warn when it is used. Document that this
is deprecated.
Mike Karels [Wed, 27 Oct 2021 03:25:09 +0000 (22:25 -0500)]
man pages: deprecate Internet Class A/B/C
Mark functions inet_netof(), inet_lnaof(), and inet_makeaddr() as
deprecated, as they assume Class A/B/C. inet_makeaddr() mostly works
when networks are a multiple of 8 bits, but warn for anything other
than historical classes. Reduce other mentions of network classes.
Mike Karels [Thu, 28 Oct 2021 14:32:31 +0000 (09:32 -0500)]
ifconfig: warn if setting an Internet address without mask
Add a postproc function for af_inet, and add interface flags as a
parameter. Check there if setting an address without a mask unless
the interface is loopback or point-to-point, where mask is not really
meaningful; warn if so. This will hopefully be an error in the future.
Mike Karels [Wed, 27 Oct 2021 03:01:09 +0000 (22:01 -0500)]
kernel: deprecate Internet Class A/B/C
Hide historical Class A/B/C macros unless IN_HISTORICAL_NETS is defined;
define it for user level. Define IN_MULTICAST separately from IN_CLASSD,
and use it in pf instead of IN_CLASSD. Stop using class for setting
default masks when not specified; instead, define new default mask
(24 bits). Warn when an Internet address is set without a mask.
Andriy Gapon [Fri, 19 Nov 2021 07:56:30 +0000 (09:56 +0200)]
iflib_stop: drain rx tasks to prevent any data races
iflib_stop modifies iflib data structures that are used by _task_fn_rx,
most prominently the free lists. So, iflib_stop has to ensure that the
rx task threads are not active.
This should help to fix a crash seen when iflib_if_ioctl (e.g.,
SIOCSIFCAP) is called while there is already traffic flowing.
The crash has been seen on VMWare guests with vmxnet3 driver.
My guess is that on physical hardware the couple of 1ms delays that
iflib_stop has after disabling interrupts are enough for the queued work
to be completed before any iflib state is touched.
But on busy hypervisors the guests might not get enough CPU time to
complete the work, thus there can be a race between the taskqueue
threads and the work done to handle an ioctl, specifically in iflib_stop
and iflib_init_locked.
Andriy Gapon [Fri, 26 Nov 2021 07:44:30 +0000 (09:44 +0200)]
twsi: unify error handling, explicitly handle more conditions
twsi_error() is a new function that stops the current transfer and sets
up softc when an error condition is detected.
TWSI_STATUS_DATA_WR_NACK, TWSI_STATUS_BUS_ERROR and
TWSI_STATUS_ARBITRATION_LOST are now handled explicitly rather than
via the catch-all unknown status.
Also, twsi_intr() now calls wakeup() in a single place when the
transfer is finished.
Andriy Gapon [Fri, 26 Nov 2021 07:25:01 +0000 (09:25 +0200)]
twsi: protect interaction between twsi_transfer and twsi_intr
All accesses to softc are now done under a mutex to prevent data races
between the open context and the interrupt handler.
Additionally, the wait time in twsi_transfer is bounded now.
Previously we could get stuck there forever if an interrupt got lost.
Michael Tuexen [Sat, 4 Dec 2021 14:00:05 +0000 (15:00 +0100)]
tcpdrop: allow TCP connections to be filtered by cc-algo
In addition to filtering by stack and state, allow filtering
by the congestion control module used. Choose the command line
options to be consistent with the ones of sockstat.
Michael Tuexen [Fri, 3 Dec 2021 20:28:47 +0000 (21:28 +0100)]
sctp: use the correct traffic class when sending SCTP/IPv6 packets
When sending packets the stcb was used to access the inp and then
access the endpoint specific IPv6 level options. This fails when
there exists an inp, but no stcb yet. This is the case for sending
an INIT-ACK in response to an INIT when no association already
exists. Fix this by just providing the inp instead of the stcb.
Michael Tuexen [Wed, 1 Dec 2021 15:20:17 +0000 (16:20 +0100)]
libc sctp: fix sctp_getladdrs() when reporting no addresses
Section 9.5 of RFC 6458 (SCTP Socket API) requires that
sctp_getladdrs() returns 0 in case the socket is unbound. This
is the cause of reporting 0 addresses. So don't indicate an
error, just report this case as required.
Michael Tuexen [Wed, 1 Dec 2021 09:13:20 +0000 (10:13 +0100)]
libc sctp: fix sctp_getladdrs() for 64-bit BE platforms
When calling getsockopt() with SCTP_GET_LOCAL_ADDR_SIZE, use a
pointer to a 32-bit variable, since this is what the kernel
expects.
While there, do some cleanups.
Rick Macklem [Fri, 26 Nov 2021 23:42:32 +0000 (15:42 -0800)]
nfsd: Add checks for layout errors in LayoutReturn
For a LayoutReturn when using the Flexible File Layout,
error reports may be provided in the request.
Sanity check the size of these error reports and
check that they exist before calling nfsrv_flexlayouterr().
Cy Schubert [Wed, 20 Oct 2021 03:11:40 +0000 (20:11 -0700)]
ipfilter: Avoid more null if-then-else blocks
As in 73db3b64f167, when WITHOUT_INET6 is selected, null if-then-else
blocks are generated because #if statements are incorrectly placed.
Moving the #if statements reduces unnecessary runtime comparisons or
compiler optimizations.
Cy Schubert [Tue, 5 Oct 2021 04:26:58 +0000 (21:26 -0700)]
ipfilter: Add DTrace SDT probe
Add an SDT probe, using the newly created DT5 macro, in similar vein
to DEBUG_PARSE printf for when FTP junk is anticipated and ok. This
will assist in debugging port (active) FTP proxy issues.
- Cluster flags without arguments together.
- Simplify the synopsis of the -a flag. There is no need to distinguish
between address and hostname there.
- Add a missing argument to the -a flag in the description section.
- Fix some typos.
Alexander Motin [Thu, 25 Nov 2021 04:03:20 +0000 (23:03 -0500)]
APEI: Fix Generic Error Data Entry revision 3.0 handling.
Since revision 3.0 this structure grown another field, breaking access
to the following data structures. This change fixes the PCIe errors
decoding on newer systems.
Mark Johnston [Wed, 24 Nov 2021 18:43:26 +0000 (13:43 -0500)]
vm_fault: Introduce a fault_status enum for internal return types
Rather than overloading the meanings of the Mach statuses, introduce a
new set for use internally in the fault code. This makes the control
flow easier to follow and provides some extra error checking when a
fault status variable is used in a switch statement.
vm_fault_lookup() and vm_fault_relookup() continue to use Mach statuses
for now, as there isn't much benefit to converting them and they
effectively pass through a status from vm_map_lookup().
Obtained from: jeff (object_concurrency patches)
Reviewed by: kib
Alexander Motin [Tue, 30 Nov 2021 01:14:13 +0000 (20:14 -0500)]
mpsutil: Fix data truncation by too short buffers.
Length of some string buffers was insufficient for cases of more that
99 targets per HBA or slots per enclosure. Some others are tuned just
for better alignment. While there also fix output formatting issues.
Alexander Motin [Sun, 21 Nov 2021 23:50:59 +0000 (18:50 -0500)]
GEOM: Switch g_io_deliver() locking from cp to pp.
Single provider may have multiple consumers, and locking one of consumers
is not sufficient to protect the provider. Though the only part of the
provider this locking protects now is its statistics.
Reported by: Arka Sharma <arka.sw1988@gmail.com>
MFC after: 2 weeks
Mitchell Horne [Thu, 25 Nov 2021 16:01:11 +0000 (12:01 -0400)]
Implement GET_STACK_USAGE on remaining archs
This definition enables callers to estimate remaining space on the
kstack, and take action on it. Notably, it enables optimizations in the
GEOM and netgraph subsystems to directly dispatch work items when there
is sufficient stack space, rather than queuing them for a worker thread.
Implement it for riscv, arm, and mips. Remove the #ifdefs, so it will
not go unimplemented elsewhere.
Mitchell Horne [Tue, 30 Nov 2021 15:15:44 +0000 (11:15 -0400)]
arm64, powerpc: fix calculation of 'used' in GET_STACK_USAGE
We do not consider the space reserved for the pcb to be part of the
total kstack size, so it should not be included in the calculation of
the used stack size.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Mitchell Horne [Thu, 25 Nov 2021 15:54:33 +0000 (11:54 -0400)]
i386: take pcb and fpu area into account in GET_STACK_USAGE
On this platform, the pcb and FPU save area are allocated from the top
of each kernel stack, so they should be excluded from the calculation of
the total and used stack sizes.
Reviewed by: kib
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32581
Alan Somers [Sun, 3 Oct 2021 17:51:14 +0000 (11:51 -0600)]
fusefs: Fix a bug during VOP_STRATEGY when the server changes file size
If the FUSE server tells the kernel that a file's size has changed, then
the kernel must invalidate any portion of that file in cache. But the
kernel can't do that during VOP_STRATEGY, because the file's buffers are
already locked. Instead, proceed with the write.
Alan Somers [Sat, 2 Oct 2021 18:17:36 +0000 (12:17 -0600)]
fusefs: fix a recurse-on-non-recursive lockmgr panic
fuse_vnop_bmap needs to know the file's size in order to calculate the
optimum amount of readahead. If the file's size is unknown, it must ask
the FUSE server. But if the file's data was previously cached and the
server reports that its size has shrunk, fusefs must invalidate the
cached data. That's not possible during VOP_BMAP because the buffer
object is already locked.
Fix the panic by not querying the FUSE server for the file's size during
VOP_BMAP if we don't need it. That's also a a slight performance
optimization.
Alan Somers [Sun, 3 Oct 2021 16:59:04 +0000 (10:59 -0600)]
fusefs: quiet some cache-related warnings
If the FUSE server does something that would make our cache incoherent,
we should print a warning to the user. However, we previously warned in
some situations when we shouldn't, such as if the file's size changed on
the server _after_ our own attribute cache had expired. This change
suppresses the warning in cases like that. It also moves the warning
logic to a single place within the code.
Jessica Clarke [Thu, 11 Nov 2021 18:28:24 +0000 (19:28 +0100)]
mips: Fix build of kernel.tramp.bin after upstream merge
Since the upstream merge we end up with the compiler generating calls to
memcpy (and it appears upstream LLVM does too, so this will probably
also be a problem upstream when the LLVM 13 import is finished). Like
the kernel we should just compile this file with -ffreestanding to avoid
such surprises.
Note that elf_trampoline.c does actually provide a memcpy, but it's
static. That's a bit weird, and means by the time the memcpy calls are
generated by the compiler the explicit ones have already been inlined
and the function itself GC'ed, but since using -ffreestanding is the
right thing to do for this kind of code anyway, that doesn't actually
matter.
Dimitry Andric [Wed, 10 Nov 2021 18:38:23 +0000 (19:38 +0100)]
Apply fix for LLVM PR51957 (Miscompilation in Botan's SHA3)
Merge commit e27a6db5298f from llvm git (by Jameson Nash):
Bad SLPVectorization shufflevector replacement, resulting in write to wrong memory location
We see that it might otherwise do:
%10 = getelementptr {}**, <2 x {}***> %9, <2 x i32> <i32 10, i32 4>
%11 = bitcast <2 x {}***> %10 to <2 x i64*>
...
%27 = extractelement <2 x i64*> %11, i32 0
%28 = bitcast i64* %27 to <2 x i64>*
store <2 x i64> %22, <2 x i64>* %28, align 4, !tbaa !2
Which is an out-of-bounds store (the extractelement got offset 10
instead of offset 4 as intended). With the fix, we correctly generate
extractelement for i32 1 and generate correct code.
Dimitry Andric [Tue, 2 Nov 2021 10:17:37 +0000 (11:17 +0100)]
Fix assertion when building devel/glog with new pass manager
Merge commit 029f1a534489 from llvm git (by Arthur Eubanks):
[LazyCallGraph] Skip blockaddresses
blockaddresses do not participate in the call graph since the only
instructions that use them must all return to someplace within the
current function. And passes cannot retrieve a function address from a
blockaddress.