Warner Losh [Tue, 1 Sep 2020 04:37:55 +0000 (04:37 +0000)]
Smaller crc for the boot loader.
Save 7k of text space by using simpler crc32 for standalone case. we
don't need all that fancy optimization in the boot loader, so use a
simplified version of the CRC function. We could save more by doing it
one bit at a time rather than 32, but this is the biggest savings at
the smallest performance hit.
With LUA and verfied exec, gptboot, gptzfsboot and friends are pushing
the ~530k limit and every little bit helps.
When SMP support for powerpc was added in r178628, the last callers of this
function were removed. All code that needs to manipulate the task priority
just does it directly instead.
Rick Macklem [Tue, 1 Sep 2020 01:10:16 +0000 (01:10 +0000)]
Add a check to test for the case of the "tls" option being used with "udp".
The KERN_TLS only supports TCP, so use of the "tls" option with "udp" will
not work. This patch adds a test for this case, so that the mount is not
attempted when both "tls" and "udp" are specified.
Warner Losh [Mon, 31 Aug 2020 23:31:16 +0000 (23:31 +0000)]
Warn for the non pccard attachments
These devices have non-pccard attachments. Warn for those as well. Both an and
wi don't do the modern cyrpto needed to use these cards on secure wifi networks.
an needs firmware from Cisco, which I don't think was ever produced. wi could
in theory do it with raw frames and on-host encryption, but nobody has written
that in the 15 years since WEP was cracked.
MFC After: 3 days
Noticed by: rgrimes
Differential Revision: https://reviews.freebsd.org/D26138
Warner Losh [Mon, 31 Aug 2020 21:04:00 +0000 (21:04 +0000)]
Add deprecation notice for apm BIOS
Add deprecation notice for apm bios, aka the apm(4) device. The apm(8)
command will remain, at least for a while, since ACPI emulates the apm
ioctl interface.
Discussed on: arch@
Relnotes: yes
MFC After: 3 days
Warner Losh [Mon, 31 Aug 2020 19:47:30 +0000 (19:47 +0000)]
gc pmtimer and apm
pmtimer was removed from base some time ago. apm hasn't been relevant
for these devices in a long time (and was commented out). Remove them
both from these config files.
PDDR (Port Diagnostics Database Register) is used to read the physical
layer debug database, which contains helpful troubleshooting information
regarding the state of the link.
PDDR register can only be queried when PCAM register reports it as
supported in its register mask. A new helper macro was added to
the MLX5_CAP_* infrastructure in order to access this mask.
Eric van Gyzen [Mon, 31 Aug 2020 16:17:28 +0000 (16:17 +0000)]
infiniband: Appease Coverty
Coverity claims the call to rdma_gid2ip in cma_igmp_send overwrites addr.
Use a consistent definition of sockaddr to prevent detections and code
changes in the future.
Mark Johnston [Mon, 31 Aug 2020 15:59:17 +0000 (15:59 +0000)]
ggated(8): Avoid doubly opening the requested disk device.
- Initialize the disk device fd field in connection_new().
- Close the disk device after handing the connection over
to a child worker.
- Avoid re-opening a disk device for each connection from
the same client, avoiding an fd leak.
Kyle Evans [Mon, 31 Aug 2020 15:07:15 +0000 (15:07 +0000)]
posixshm: fix setting of shm_flags
Noted in D24652, we currently set shmfd->shm_flags on every
shm_open()/shm_open2(). This wasn't properly thought out; one shouldn't be
able to specify incompatible flags on subsequent opens of non-anon shm.
Move setting of shm_flags explicitly to the two places shmfd are created, as
we do with seals, and validate when we're opening a pre-existing mapping
that we've either passed no flags or we've passed the exact same flags as
the first time.
Andrew Gallatin [Mon, 31 Aug 2020 13:53:14 +0000 (13:53 +0000)]
make m_getm2() resilient to zone_jumbop exhaustion
When the zone_jumbop is exhausted, most things using
using sosend* (like sshd) will eventually
fail or hang if allocations are limited to the
depleted jumbop zone. This makes it imossible to
communicate with a box which is under an attach which
exhausts the jumbop zone.
Rather than depending on the page size zone, also try cluster
allocations to satisfy larger requests. This allows me
to ssh to, and serve 100Gb/s of traffic from a server which
under attack and has had its page-sized zone exhausted.
Wei Hu [Mon, 31 Aug 2020 09:05:45 +0000 (09:05 +0000)]
Hyper-V: storvsc: Enhance srb_status code handling.
In hv_storvsc_io_request() when coring, prevent changing of the send channel
from the base channel to another one. storvsc_poll always probes on the base
channel.
Based upon conversations with Microsoft, changed the handling of srb_status
codes. Most we should never get, others yes. All are treated as retry-able
except for two. We should not get these statuses, but if we ever do, the I/O
state is not known.
Kyle Evans [Mon, 31 Aug 2020 01:45:48 +0000 (01:45 +0000)]
ipv6: quit dropping packets looping back on p2p interfaces
To paraphrase the below-referenced PR:
This logic originated in the KAME project, and was even controversial when
it was enabled there by default in 2001. No such equivalent logic exists in
the IPv4 stack, and it turns out that this leads to us dropping valid
traffic when the "point to point" interface is actually a 1:many tun
interface, e.g. with the wireguard userland stack.
Even in the case of true point-to-point links, this logic only avoids
transient looping of packets sent by misconfigured applications or
attackers, which can be subverted by proper route configuration rather than
hardcoded logic in the kernel to drop packets.
In the review, melifaro goes on to note that the kernel can't fix it, so it
perhaps shouldn't try to be 'smart' about it. Additionally, that TTL will
still kick in even with incorrect route configuration.
Rick Macklem [Sun, 30 Aug 2020 21:21:58 +0000 (21:21 +0000)]
Add support for the NFS over TLS exports to mountd.
Three new export flags are added to mountd that will restrict exported
file system mounts to use TLS. Without these flags, TLS is allowed, but not
required.
The exports(5) man page will be updated in a future commit.
Gleb Smirnoff [Sun, 30 Aug 2020 17:13:04 +0000 (17:13 +0000)]
Followup on r364922. Old comment said that the only reason to put
the hook at queue mode was that mn_rx_intr() doesn't run at splnet
level. In today's netgraph the only legitimate reason for queue mode
is recursion avoidance. So I see no reason for queue mode here.
Simon J. Gerraty [Sat, 29 Aug 2020 21:05:43 +0000 (21:05 +0000)]
zalloc_malloc:Free hexdump preceeding buffer when we detect overflow
Move hexdump from stand/common/misc.c to stand/libsa/hexdump.c
(svn cp)
Disable use of pager - causes linking issue for boot1
can be re-enabled by defining HEXDUMP_PAGER.
In Linux, ksize() gets the actual amount of memory allocated for a given
object. This commit adds malloc_usable_size() to FreeBSD KPI which does
the same. It also maps LinuxKPI ksize() to newly created function.
Glen Barber [Sat, 29 Aug 2020 15:30:21 +0000 (15:30 +0000)]
Avoid the build from falling over if devel/git is not installed
on the system. Set a null branch/hash in this case, to avoid
undefined GITREV/GITBRANCH variables from falling over in other
areas.
Reported by: many
Sponsored by: Rubicon Communications, LLC (netgate.com)
Warner Losh [Sat, 29 Aug 2020 04:30:12 +0000 (04:30 +0000)]
Move to using sbuf for some sysctl in newbus
Convert two different sysctl to using sbuf. First, for all the default
sysctls we implement for each device driver that's attached. This is a
pure sbuf conversion.
Second, convert sysctl_devices to fill its buffer with sbuf rather
than a hand-rolled crappy thing I wrote years ago.
Warner Losh [Sat, 29 Aug 2020 04:30:06 +0000 (04:30 +0000)]
Retire devctl_notify_f()
devctl_notify_f isn't needed, so retire it. The flags argument is now
unused, so rather than keep it around, retire it. Convert all old
users of it to devctl_notify(). This path no longer sleeps, so is safe
to call from any context. Since it doesn't sleep, it doesn't need to
know if it is OK to sleep or not.
Warner Losh [Sat, 29 Aug 2020 04:29:53 +0000 (04:29 +0000)]
devctl: move to using a uma zone
Convert the memory management of devctl. Rewrite if to make better
use of memory. This eliminates several mallocs (5? worse case) needed
to send a message. It's now possible to always send a message, though
if things are really backed up the oldest message will be dropped to
free up space for the newest.
Add a static bus_child_{location,pnpinfo}_sb to start migrating to
sbuf instead of buffer + length. Use it in the new code. Other code
will be converted later (bus_child_*_str is only used inside of
subr_bus.c, though implemented in ~100 places in the tree).
Move fib_rte_to_nh_flags() from net/route_var.h to net/route/nhop_ctl.c.
No functional changes.
Initially this function was created to perform runtime flag conversions
for the previous incarnation of fib lookup functions. As these functions
got deprecated, move the function to the file with the only remaining
caller. Lastly, rename it to convert_rt_to_nh_flags() to follow the
naming notation.
Move net/route/shared.h definitions to net/route/route_var.h.
No functional changes.
net/route/shared.h was created in the inital phases of nexthop conversion.
It was intended to serve the same purpose as route_var.h - share definitions
of functions and structures between the routing subsystem components. At
that time route_var.h was included by many files external to the routing
subsystem, which largerly defeats its purpose.
As currently this is not the case anymore and amount of route_var.h includes
is roughly the same as shared.h, retire the latter in favour of the former.
Further split nhop creation and rtable operations.
As nexthops are immutable, some operations such as route attribute changes
require nexthop fetching, forking, modification and route switching.
These operations are not atomic, so they may need to be retried multiple
times in presence of multiple speakers changing the same route.
This change introduces "synchronisation" primitive: route_update_conditional(),
simplifying logic for route changes and upcoming multipath operations.
This changeset introduces the new libnetmap library for writing
netmap applications.
Before libnetmap, applications could either use the kernel API
directly (e.g. NIOCREGIF/NIOCCTRL) or the simple header-only-library
netmap_user.h (e.g. nm_open(), nm_close(), nm_mmap() etc.)
The new library offers more functionalities than netmap_user.h:
- Support for complex netmap options, such as external memory
allocators or per-buffer offsets. This opens the way to future
extensions.
- More flexibility in the netmap port bind options, such as
non-numeric names for pipes, or the ability to specify the netmap
allocator that must be used for a given port.
- Automatic tracking of the netmap memory regions in use across the
open ports.
At the moment there is no man page, but the libnetmap.h header file
has in-depth documentation.
Eric van Gyzen [Fri, 28 Aug 2020 19:50:40 +0000 (19:50 +0000)]
memstat_kvm_uma: fix reading of uma_zone_domain structures
Coverity flagged the scaling by sizeof(uzd). That is the type
of the pointer, so the scaling was already done by pointer arithmetic.
However, this was also passing a stack frame pointer to kvm_read,
so it was doubly wrong.
Move ZDOM_GET into the !_KERNEL section and use it in libmemstat.
Emmanuel Vadot [Fri, 28 Aug 2020 18:25:45 +0000 (18:25 +0000)]
arm: allwinner: clk: Add printfs when we cannot set the correct freq
For some unknown reason this seems to fix this function when we printf
the best variable. This isn't a delay problem as doing a printf without
it doesn't solve this problem.
This is way above my pay grade so add some printf that shouldn't be printed
in 99% of the case anyway.
Fix booting on most Allwinner boards as the mmc IP uses a NM clock.
Reported by: Alexander Mishin <mishin@mh.net.ru>
MFC after: 3 days
X-MFC-With: 363887
Warner Losh [Fri, 28 Aug 2020 17:55:54 +0000 (17:55 +0000)]
Treat the boot loader as the same as the kernel for what's visible
The boot loader will be growing some (limited) support for some kernel
interfaces for some of the timekeeping routines to support zstd code.
Allow the declarations for them to be visible when compiling for the
boot loader, rather than treating it like a user-space environment
(which stand.h already provides to a limited degree).
Warner Losh [Fri, 28 Aug 2020 17:49:56 +0000 (17:49 +0000)]
Allow the pseudo-errnos to be returned as well in boot loader
Expose the pseudo-errno values in _STANDALONE is defined so that code
in the boot loader can make use of them. Nothing uses them today, but
the zstd support that's coming will need them.
Warner Losh [Fri, 28 Aug 2020 17:36:14 +0000 (17:36 +0000)]
Create CFLAGS_EARLY.file for boot loader.
Some external code requires a specific set of include paths to work
properly since it emulates the typical environment the code is used
in. Enable this by creating a CFLAGS_EARLY.file variable that can be
used to build this stack. Otherwise the include stack we build for
stand programs may get in the way. Code that uses this feature has to
tolerate the normal stack of inclues being last on the list (and
presumably unused), though.
Generally, it it should only be used for the specific include
directories. Defines and that sort of thing should be done in the
normal CFLAGS variable. There is a global CFLAGS_EARY hook as well for
everything in a Makefile.
Warner Losh [Fri, 28 Aug 2020 16:40:33 +0000 (16:40 +0000)]
Remove splclock(). It's not useful to keep.
splclock is used in one driver (spkr) to control access to
timer_spkr_* routines. However, nothing else does. So it shows no
useful locking info to someone that would want to lock spkr.
NOTE: I think there's races with timer_spkr_{acquire,release} since
there's no interlock in those routines, despite there being a spin
lock to protect the clock. Current other users appear to use no extra
locking protocol, though they themselves appear to be at least
attempting to make sure that only a single thread calls these
routines. I suspect the right answer is to update these routines to
take/release the clock spin lock since they are short and to the
point, but that's beyond the scope of this commit.
Jilles Tjoelker [Fri, 28 Aug 2020 15:35:45 +0000 (15:35 +0000)]
sh: Keep ignored SIGINT/SIGQUIT after set in a background job
If job control is not enabled, a background job (... &) ignores SIGINT and
SIGQUIT, but this can be reverted using the trap builtin in the same shell
environment.
Using the set builtin to change options would also revert SIGINT and SIGQUIT
to their previous dispositions.
This broke due to r317298. Calling setsignal() reverts the effect of
ignoresig().
Warner Losh [Fri, 28 Aug 2020 15:09:43 +0000 (15:09 +0000)]
remove splbio and splcam
splbio and splcan have been completely removed from the tree. We can
now remove their definitions here. They've been nops for a long time
and were only preserved to give hints on how to lock drivers. All
drivers have been deleted or converted, so they can be deleted now.
Rick Macklem [Thu, 27 Aug 2020 23:57:30 +0000 (23:57 +0000)]
Add flags to enable NFS over TLS to the NFS client and server.
An Internet Draft titled "Towards Remote Procedure Call Encryption By Default"
(soon to be an RFC I think) describes how Sun RPC is to use TLS with NFS
as a specific application case.
Various commits prepared the NFS code to use KERN_TLS, mainly enabling use
of ext_pgs mbufs for large RPC messages.
r364475 added TLS support to the kernel RPC.
This commit (which is the final one for kernel changes required to do
NFS over TLS) adds support for three export flags:
MNT_EXTLS - Requires a TLS connection.
MNT_EXTLSCERT - Requires a TLS connection where the client presents a valid
X.509 certificate during TLS handshake.
MNT_EXTLSCERTUSER - Requires a TLS connection where the client presents a
valid X.509 certificate with "user@domain" in the otherName
field of the SubjectAltName during TLS handshake.
Without these export options, clients are permitted, but not required, to
use TLS.
For the client, a new nmount(2) option called "tls" makes the client do
a STARTTLS Null RPC and TLS handshake for all TCP connections used for the
mount. The CLSET_TLS client control option is used to indicate to the kernel RPC
that this should be done.
Unless the above export flags or "tls" option is used, semantics should
not change for the NFS client nor server.
For NFS over TLS to work, the userspace daemons rpctlscd(8) { for client }
or rpctlssd(8) daemon { for server } must be running.
Mark Johnston [Thu, 27 Aug 2020 17:36:06 +0000 (17:36 +0000)]
Fix writing of the final block of encrypted, compressed kernel dumps.
Previously any residual data in the final block of a compressed kernel
dump would be written unencrypted. Note, such a configuration already
does not work properly when using AES-CBC since the compressed data is
typically not a multiple of the AES block length in size and EKCD does
not implement any padding scheme. However, EKCD more recently gained
support for using the ChaCha20 cipher, which being a stream cipher does
not have this problem.
Jamie Gritton [Thu, 27 Aug 2020 17:04:55 +0000 (17:04 +0000)]
Disregard jails in jail.conf that have bad parameters (parameter/variable
clash, or redefining name/jid). The current behvaior, of merely warning
and moving on, can lead to unexpected behavior when a jail is created
without the offending parameter defined at all.
Cy Schubert [Thu, 27 Aug 2020 14:33:46 +0000 (14:33 +0000)]
/etc/zfs/zpool.cache is the preferred (and new) location of zpool.cache.
Check for it first. Only use /boot/zfs/zpool.cache if the /etc/zfs
version is not found and good.