Kyle Evans [Wed, 10 Feb 2021 15:10:52 +0000 (09:10 -0600)]
fmtree: add a deprecation notice to the manpage
Note that this mtree(8) is actually installed as fmtree(8), while
mtree(8) is located in ^/contrib/mtree -- thus, the reference to
mtree(8) makes a lot more sense in the context in which folks would
actually notice it. Shout-out to Ravi for pointing out that this may
not be an obvious fact.
Kristof Provost [Mon, 8 Feb 2021 09:04:27 +0000 (10:04 +0100)]
Widen ifnet_detach_sxlock coverage
Widen the ifnet_detach_sxlock to cover the entire vnet sysuninit code.
This ensures that we can't end up having the vnet_sysuninit free the UDP
pcb while the detach code is running and trying to purge the UDP pcb.
The lookup for a IPv6 multicast addresses corresponding to
the destination address in the datagram is protected by the
NET_EPOCH section. Access to each PCB is protected by INP_RLOCK
during comparing. But access to socket's so_options field is
not protected. And in some cases it is possible, that PCB
pointer is still valid, but inp_socket is not. The patch wides
lock holding to protect access to inp_socket. It copies locking
strategy from IPv4 UDP handling.
Michael Chiu [Mon, 15 Feb 2021 00:38:26 +0000 (00:38 +0000)]
ifconfig: fix incorrect wg allowed-ips netmask
Currently when peer information is displayed with `ifconfig wgN peer ..`
or `ifconfig wgN peer-list`, the netmask of the first `allowed-ips` will
be used as the netmask of all CIDR in `allowed-ips`. For example, if
the list is `192.168.1.0/24, 172.16.0.0/16`, it will display as
`192.168.1.0/24, 172.16.0.0/24`. While this does not affect the actual
functionality, it is very confusing.
Submitted by: Michael Chiu <nyan -at- myuji.xyz>
Reviewed by: grehan
Differential Revision: https://reviews.freebsd.org/D28655
Approved by: re (gjb)
A BIOS bug may apparently cause the BSP to report that it does not
implement CMCI, with some APs reporting that they do. In this scenario,
avoid a NULL pointer dereference that occurs in cmci_monitor() because
cmc_state was not allocated by the BSP.
Michal Meloun [Thu, 21 Jan 2021 14:06:19 +0000 (15:06 +0100)]
dwmmc: Multiple busdma fixes.
- limit maximum segment size to 2048 bytes. Although dwmmc supports a buffer
fragment with a maximum length of 4095 bytes, use the nearest lower power
of two as the maximum fragment size. Otherwise, busdma create excessive
buffer fragments.
- fix off by one error in computation of the maximum data transfer length.
- in addition, reserve two DMA descriptors that can be used by busdma
bouncing. The beginning or end of the buffer can be misaligned.
- Don’t ignore errors passed to bus_dmamap_load() callback function.
- In theory, a DMA engine may be running at time when next dma descriptor is
constructed. Create a full DMA descriptor before OWN bit is set.
Mark Johnston [Wed, 10 Feb 2021 16:10:27 +0000 (11:10 -0500)]
vm: Honour the "noreuse" flag to vm_page_unwire_managed()
This flag indicates that the page should be enqueued near the head of
the inactive queue, skipping the LRU queue. It is used when unwiring
pages from the buffer cache following direct I/O or after I/O when
POSIX_FADV_NOREUSE or _DONTNEED advice was specified, or when
sendfile(SF_NOCACHE) completes. For the direct I/O and sendfile cases
we only enqueue the page if we decide not to free it, typically because
it's mapped.
Pass "noreuse" through to vm_page_release_toq() so that we actually
honour the desired LRU policy for these scenarios.
Mark Johnston [Mon, 8 Feb 2021 14:19:07 +0000 (09:19 -0500)]
armv8crypto: Fix some edge cases in the AES-GCM implementation
- We were only hashing up to the first 16 bytes of the AAD.
- When computing the digest during decryption, handle the case where
len == trailer, i.e., len < AES_BLOCK_LEN, properly.
While here:
- trailer is always smaller than AES_BLOCK_LEN, so remove a pair of
unnecessary modulus operations.
- Replace some byte-by-byte loops with memcpy() and memset() calls.
In particular, zero the full block before copying a partial block into
it since we do that elsewhere and it means that the memset() length is
known at compile time.
Approved by: re (gjb)
Reviewed by: jhb
Sponsored by: Ampere Computing
Submitted by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D28501
Kyle Evans [Thu, 11 Feb 2021 15:11:24 +0000 (09:11 -0600)]
grep: fix -A handling in conjunction with -m match limitation
The basic issue here is that grep, when given -m 1, would stop all
line processing once it hit the match count and exit immediately. The
problem with exiting immediately is that -A processing only happens when
subsequent lines are processed and do not match.
The fix here is relatively easy; when bsdgrep matches a line, it resets
the 'tail' of the matching context to the value supplied to -A and
dumps anything that's been queued up for -B. After the current line has
been printed and tail is reset, we check our mcount and do what's
needed. Therefore, at the time that we decide we're doing nothing, we
know that 'tail' of the context is correct and we can simply continue
on if there's still more to pick up.
With this change, we still bail out immediately if there's been no -A
flag. If -A was supplied, we signal that we should continue on. However,
subsequent lines will not even bothere to try and process the line. We
have reached the match count, so even if the next line would match then
we must process it if it hadn't. Thus, the loop in procfile() can
short-circuit and just process the line as a non-match until
procmatches() indicates that it's safe to stop.
A test has been added to reflect both that we should be picking up the
next line and that the next line should be considered a non-match even
if it should have been.
Kyle Evans [Thu, 11 Feb 2021 15:10:44 +0000 (09:10 -0600)]
grep: fix null pattern and empty pattern file behavior
The null pattern semantics were terrible because I tried to match gnugrep,
but I got it wrong. Let's unwind that:
- The null pattern should match every line if neither -w nor -x.
- The null pattern should match empty lines if -x.
- The null pattern should not match any lines if -w.
The first two will stop processing (shortcut) even if additional patterns
are specified. In any other case, we will continue processing other
patterns. If no other patterns are specified beside a null pattern, then
we match if neither -w nor -x or set and do not match if either of those
are specified.
The justification for -w is that it should match on a whole word, but the
null pattern does not have a whole word to match on.
Empty pattern files should never match anything, and more importantly, -v
should cause everything to be written.
Ed Maste [Tue, 2 Feb 2021 21:55:51 +0000 (16:55 -0500)]
Correct description for kern.proc.proc_td
kern.proc.proc_td returns the process table with an entry for each
thread. Previously the description included "no threads", presumably
a cut-and-pasteo in 2648efa621748.
Description suggested by PauAmma.
PR: 253146
Approved by: re (gjb)
Sponsored by: The FreeBSD Foundation
Brandon Bergren [Sun, 7 Feb 2021 22:05:41 +0000 (16:05 -0600)]
powerpc64: Fix boot on virtual-mode OF (PowerMac G5)
In 78599c32efed3247d165302a1fbe8d9203e38974, CFI endproc decoration was
added to locore64.S. However, it missed the subtle detail that
__restartkernel_virtual() falls through to __restartkernel(). This was
causing boot failure on PowerMac G5, as it tried to execute the
epilogue as code.
Fix this by branching to __restartkernel() instead of intentionally
running off the end of the function.
While here, add some additional notes on how the virtual mode restart
works.
The files README.md and .gitignore had been lost and are restored
by this commit.
A lot of files used for fuzzing had been moved to a new place and
still existed in their previous location. Delete the now obsolete
files from the old location.
Antonio Russo [Mon, 8 Feb 2021 17:15:05 +0000 (10:15 -0700)]
Set file mode during zfs_write
Apply https://github.com/openzfs/zfs/pull/11576
Direct commit from upstream openzfs. Full commit message below:
Set file mode during zfs_write
3d40b65 refactored zfs_vnops.c, which shared much code verbatim between
Linux and BSD. After a successful write, the suid/sgid bits are reset,
and the mode to be written is stored in newmode. On Linux, this was
propagated to both the in-memory inode and znode, which is then updated
with sa_update.
3d40b65 accidentally removed the initialization of newmode, which
happened to occur on the same line as the inode update (which has been
moved out of the function).
The uninitialized newmode can be saved to disk, leading to a crash on
stat() of that file, in addition to a merely incorrect file mode.
Reviewed-by: Ryan Moeller <ryan@ixsystems.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Antonio Russo <aerusso@aerusso.net>
Closes #11474
Closes #11576
Approved by: re (gdb)
Obtained from: openzfs/zfs@f8ce8aed0
Sponsored by: iXsystems, Inc.
John Baldwin [Wed, 3 Feb 2021 22:59:32 +0000 (14:59 -0800)]
serf: Fix the default return value of the BIO control method.
OpenSSL BIO classes provide an abstraction for dealing with I/O.
OpenSSL provides BIO classes for commonly used I/O primitives backed
by file descriptors, sockets, etc. as well as permitting consumers
of OpenSSL to define custom BIO classes.
One of the methods BIO classes implement is a control method invoked
by BIO_ctrl() for various ancilliary tasks somewhat analgous to
fcntl() and ioctl() on file descriptors. According to the BIO_ctrl(3)
manual page, control methods should return 0 for unknown control
requests.
KTLS support in OpenSSL adds new control requests. Two of those new
requests are queries to determine if KTLS is enabled for either
reading or writing. These control reuquest return 1 if KTLS is
enabled and 0 if it is not.
serf includes two custom BIO classes for wrapping I/O requests from
files and from a buffer in memory. These BIO classes both use a
custom control method. However, this custom control method was
returning 1 for unknown or unsupported control requests instead of 0.
As a result, OpenSSL with KTLS believed that these BIOs were using
KTLS and were thus adding headers and doing encryption/decryption in
the BIO. Correcting the return value removes this confusion.
John Baldwin [Fri, 29 Jan 2021 18:53:50 +0000 (10:53 -0800)]
Fix ldd to work with more ELF files.
- Use libelf to parse ELF data structures and remove code duplication
for ELF32.
- Don't require the OSABI field to be set to the FreeBSD OSABI for
shared libraries. Both AArch64 and RISC-V leave it set to "none"
and instead depend on the ABI tag note. For ldd, this means falling
back to walking the notes in PT_NOTE segments to find the ABI tag
note to determine if an ELF shared library without OSABI set in the
header file is a FreeBSD shared library.
Piotr Kubaj [Sat, 6 Feb 2021 02:21:55 +0000 (03:21 +0100)]
powerpc64le: readd COMPAT_FREEBSD11 and COMPAT_FREEBSD12
lang/rust needs COMPAT_FREEBSD11 to build, even though powerpc64le itself is
supported only since 13.0.
I also corrected a comment, because if we ever have lib32 for powerpc64le,
it will be for powerpcle.
Reviewed by: bdragon (on IRC)
Approved by: gjb (re)
Glen Barber [Fri, 5 Feb 2021 16:46:49 +0000 (11:46 -0500)]
release: disable the 'reldoc' target after the ASCIIDoctor switch
The 'reldoc' target includes release-related documentation on
installation medium. Since the switch from XML to ASCIIDoctor,
the file locations have moved, and it will take some time to sort
out how this target should work now.
Approved by: re (kib)
Sponsored by: Rubicon Communications, LLC ("Netgate")
John Baldwin [Thu, 4 Feb 2021 21:40:25 +0000 (13:40 -0800)]
Disable MK_OPENSSL_KTLS for stable/13.
Due to the pending release of 13.0 and the recent bug in serf exposed
by the KTLS changes, disable OpenSSL's KTLS by default. This keeps
crypto/openssl in sync with main while lowering the risk of introducing
instability into 13.0.
John Baldwin [Sat, 16 Jan 2021 00:17:31 +0000 (16:17 -0800)]
OpenSSL: Support for kernel TLS offload (KTLS)
This merges upstream patches from OpenSSL's master branch to add
KTLS infrastructure for TLS 1.0-1.3 including both RX and TX
offload and SSL_sendfile support on both Linux and FreeBSD.
Note that TLS 1.3 only supports TX offload.
A new WITH/WITHOUT_OPENSSL_KTLS determines if OpenSSL is built with
KTLS support. It defaults to enabled on amd64 and disabled on all
other architectures.
John Baldwin [Tue, 2 Feb 2021 01:09:33 +0000 (17:09 -0800)]
Bump shared library versions after ncurses bump in 13.
A few shared libraries in the base system link against ncurses. An
upgrade from a 12.x host to 13 results in ABI breakage for existing
binaries since the newer versions of these libraries link against the
newer ncurses while the binary itself links against the older ncurses.
For example, dialog4ports built on 12.x sometimes crashes on 13 since
it depends on libdialog which links against ncurses internally.
Jamie Gritton [Fri, 29 Jan 2021 05:51:09 +0000 (21:51 -0800)]
MFC jail: Handle a parent jail when a child is added to it
It's possible when adding a jail that its dying parent comes back to
life. Only allow that to happen when JAIL_DYING is specified. And if
it does happen, call PR_METHOD_CREATE on it.
Jamie Gritton [Fri, 22 Jan 2021 18:56:24 +0000 (10:56 -0800)]
MFC jail: fix dangling reference bug from 6754ae2572eb
The change to use refcounts for pr_uref was mishandled in
prison_proc_free, so killing a jail's last process could add
an extra reference, leaving it an unkillable zombie.
MFC 151ec796a230: Fix the design problem with delayed algorithm sync.
Currently, if the immutable algorithm like bsearch or radix_lockless
receives rtable update notification, it schedules algorithm rebuild.
This rebuild is executed by the callout after ~50 milliseconds.
It is possible that a script adding an interface address and than route
with the gateway bound to that address will fail. It can happen due
to the fact that fib is not updated by the time the route addition
request arrives.
Fix this by allowing synchronous algorithm rebuilds based on certain
conditions. By default, these conditions assume:
1) less than net.route.algo.fib_sync_limit=100 routes
2) routes without gateway.
* Move algo instance build entirely under rib WLOCK.
Rib lock is only used for control plane (except radix algo, but there
are no rebuilds).
* Add rib_walk_ext_locked() function to allow RIB iteration with
rib lock already held.
* Fix rare potential callout use-after-free for fds by binding fd
callout to the relevant rib rmlock. In that case, callout_stop()
under rib WLOCK guarantees no callout will be executed afterwards.
MFC dd9163003cb1: Add rib_subscribe_locked() and rib_unsubsribe_locked()
to support subscriptions during RIB modifications.
Add new subscriptions to the beginning of the lists instead of
the end. This fixes the situation when new subscription is created
int the callback for the existing subscription, leading to the
subscription notification handler pick it.
* Move per-prefix debug lines under LOG_DEBUG2
* Create fib instance counter to distingush log messages between
instances
* Add more messages on rebuild reason.
MFC cb984c62d705: Fix multipath support for rib_lookup_info().
The initial plan was to remove rib_lookup_info() before
FreeBSD 13. As several customers are still remaining,
fix rib_lookup_info() for the multipath use case.
D26436 introduced support for stacked vlans that changed the way vlans
are configured. In particular, this change broke setups that have
same-number vlans as subinterfaces.
Vlan support was initially created assuming "vlanX" semantics. In this paradigm,
automatic number assignment supported by cloning (ifconfig vlan create) was a
natural fit.
When "ifaceX.Y" support was added, allowing to have the same vlan number on
multiple devices, cloning code became more complex, as the is no
unified "vlan" namespace anymore. Such interfaces got the first spare
index from "vlan" cloner. This, in turn, led to the following problem:
ifconfig ix0.333 create -> index 1
ifconfig ix0.444 create -> index 2
ifconfig vlan2 create -> allocation failure
This change fixes such allocations by using cloning indexes only for
"vlanX" interfaces.
MFC eb0b1b33: Enable multipath routing by default.
ROUTE_MPATH was added to the GENERIC kernel in r368648.
According to the plan in D27428, it was enabled with `net.route.multipath` sysctl set to 0.
Given enough time has passed, this change enables route multipath by default.
The goal is to ship FreeBSD 13 with multipath turned on.
Toomas Soome [Thu, 4 Feb 2021 20:49:02 +0000 (22:49 +0200)]
loader.efi: There are systems without ConOut, also use ConOutDev
Conout does contian the default output device name.
ConOutDev does contain all possible output device names, so we can
use it as fallback, when there is no ConOut.
Doug Ambrisko [Thu, 28 Jan 2021 23:12:14 +0000 (15:12 -0800)]
VMD support for new devices.
Add support for some more Intel VMD controllers. Some of the
newer controller have a sparce bus space that can be figured
out by probing the HW. This gives the starting bus number.
When reading the PCI config. space behind the VMD controller,
the offset of the starting bus needs to be subtracted from
the bus being read.
Fixed a bug in which in which not all of the devices
directly attached to the VMD controller would be probed.
On my initial test HW, a switch was found at bus 0, slot 0
and function 0. All of the NVME drives were behind that
switch. Now scan for all slots and functions attached to
bus 0. If a something was found then run attach after the
scan. On detach also go through all slots and functions
on bus 0.
Navdeep Parhar [Mon, 1 Feb 2021 11:00:09 +0000 (03:00 -0800)]
cxgbe(4): Fixes to tx coalescing.
- The behavior implemented in r362905 resulted in delayed transmission
of packets in some cases, causing performance issues. Use a different
heuristic to predict tx requests.
- Add a tunable/sysctl (hw.cxgbe.tx_coalesce) to disable tx coalescing
entirely. It can be changed at any time. There is no change in
default behavior.
Martin Matuska [Mon, 1 Feb 2021 21:08:19 +0000 (22:08 +0100)]
zfs: update zfs_config.h to match OpenZFS gf11b09dec
Update zfs_config.h to match latest merge in FreeBSD
The version string is declared as 2.0.0-FreeBSD_gf11b09dec to provide
more information about the loaded module:
- the OpenZFS version in base is 2.0
- we are using the in tree-module ("FreeBSD")
- the last merged OpenZFS git revision ("gf11b09dec")
With future merges the git revision tag should be updated.
As we are merging from OpenZFS master branch and already include features
like dRAID, referencing patchlevel releases (2.0.1, 2.0.2) is pointless.
Submitted by: Andre Fernando da Silva <andre.silva@eldorado.org.br>
Reviewed by: luporl, alfredo, kadesai (on email)
Sponsored by: Eldorado Research Institute (eldorado.org.br)
Differential Revision: https://reviews.freebsd.org/D26531
Add endiannes conversions in order to support big-endian platforms
Submitted by: Andre Fernando da Silva <andre.silva@eldorado.org.br>
Reviewed by: luporl, alfredo, kadesai (on email)
Sponsored by: Eldorado Research Institute (eldorado.org.br)
Differential Revision: https://reviews.freebsd.org/D26531
Kyle Evans [Sat, 30 Jan 2021 06:09:10 +0000 (00:09 -0600)]
build: options: mention ports in the WITH_OPENLDAP description
There's a third party dependency on this option; currently,
net/openldap24-{,sasl-}client. At least mention that an openldap from ports
is needed for this option.
Kyle Evans [Sat, 30 Jan 2021 05:48:28 +0000 (23:48 -0600)]
ofed: fix the WITH_OFED_EXTRA build
This option was not tested when WARNS was globally lifted in the src tree up
to 6. Drop WARNS back down to unbreak the build; note that this is still
enabling more warnings than it had before the WARNS change, so the gcc build
may need to be independently evaluated at this level.
Roger Pau Monné [Wed, 27 Jan 2021 10:12:07 +0000 (11:12 +0100)]
stand/multiboot: adjust the protocol between loader and kernel
There's a currently ad-hoc protocol to hand off the FreeBSD kernel
payload between the loader and the kernel itself when Xen is in the
middle of the picture. Such protocol wasn't very resilient to changes
to the loader itself, because it relied on moving metadata around to
package it using a certain layout. This has proven to be fragile, so
replace it with a more robust version.
The new protocol requires using a xen_header structure that will be
used to pass data between the FreeBSD loader and the FreeBSD kernel
when booting in dom0 mode. At the moment the only data conveyed is the
offset of the start of the module metadata relative to the start of the
module itself.
This is a slightly disruptive change since it also requires a change
to the kernel which is contained in this patch. In order to update
with this change the kernel must be updated before updating the
loader, as described in the handbook. Note this is only required when
booting a FreeBSD/Xen dom0. This change doesn't affect the normal
FreeBSD boot protocol.
Kyle Evans [Sun, 31 Jan 2021 15:51:39 +0000 (09:51 -0600)]
lualoader: position hyphens at the beginning of character classes
According to the Lua 5.4 manual section 6.4.1 ("Patterns"), the interaction
between ranges and classes is not defined and hyphens must be specified at
either the beginning or the end of a set if they are not escaped.
Kyle Evans [Sun, 24 Jan 2021 01:32:38 +0000 (19:32 -0600)]
stand: lua: enhance lfs.dir() to speed up kernels_autodetect
This eliminates a lot of stat() calls that happen when lualoader renders the
menu with the default settings, and greatly speeds up rendering on my
laptop.
ftype is nil if loader/loader.efi hasn't been updated yet, falling back to
lfs.attributes() to test.
This is technically incompatible with lfs, but not in a particularly
terrible way.
MFC: mips: fix early kernel panic when setting up interrupt counters
Commit 248f0ca converted intrcnt and intrnames from u_long[]
and char[] to u_long* and char* respectively, but for non-INTRNG mips
these symbols were defined in .S file as a pre-allocated static arrays,
so the problem wasn't cought at compile time. Conversion from an array
to a pointer requires pointer initialization and it wasn't done
for MIPS, so whatever happenned to be in the begginning of intcnt[]
array was used as a pointer value.
Move intrcnt/intrnames to C code and allocate them dynamically
although with a fixed size at the moment.
Alexander Motin [Sun, 31 Jan 2021 17:46:57 +0000 (12:46 -0500)]
cxgb(4): Remove assumption of physically contiguous mbufs.
Investigation of iSCSI target data corruption reports brought me to
discovery that cxgb(4) expects mbufs to be physically contiguous, that
is not true after I've started using m_extaddref() in software iSCSI
for large zero-copy transmissions. In case of fragmented memory the
driver transmitted garbage from pages following the first one due to
simple use of pmap_kextract() for the first pointer instead of proper
bus_dmamap_load_mbuf_sg(). Seems like it was done as some optimization
many years ago, and at very least it is wrong in a world of IOMMUs.
This patch just removes that optimization, plus limits packet coalescing
for mbufs crossing page boundary, also depending on assumption of one
segment per packet.
Toomas Soome [Sun, 24 Jan 2021 18:59:36 +0000 (20:59 +0200)]
vt: panic while changing vt font
Set refcount for loader provided font to 1 to prevent this font
from being released (so we can reset to default).
As we get started with no memory allocator, we set up static font data
for font passed by loader (if there is any). At this time, we also must
set refcount 1, and refcount will get incremented in cnprobe() callback.
At some point the memory allocator will be available, and we will set up
properly allocated font data, but we should not disturb the refcount.
Marcin Wojtas [Tue, 26 Jan 2021 10:49:35 +0000 (11:49 +0100)]
marvell: ap806_clock: add missing frequency modes
In the driver init routine the CPU clock frequency
value is obtained from a dedicated register. Until now
only part of the values were handled by the mv_ap806_clock
driver. Fix that by adding missing cases.
Bjoern A. Zeeb [Thu, 28 Jan 2021 16:32:43 +0000 (16:32 +0000)]
LinuxKPI: implement devres() framework parts and two examples
This code implements a version of the devres framework found
working for various iwlwifi use cases and also providing functions
for ttm_page_alloc_dma.c from DRM.
Part of the framework replicates the consumed KPI, while others
are internal helper functions.
In addition the simple devm_k*malloc() consumers were implemented
and kvasprintf() was enhanced to also work for the devm_kasprintf()
case.
Addmittingly lkpi_devm_kmalloc_release() could be avoided but for
the overall understanding of the code and possible memory tracing
it may still be helpful.
Further devsres consumer are implemented for iwlwifi but will follow
later as the main reason for this change is to sort out overlap with
DRM.
Sponsored-by: The FreeBSD Foundation
Obtained-from: bz_iwlwifi
MFC After: 3 days
Reviewed-by: hselasky, manu
Differential Revision: https://reviews.freebsd.org/D28189