dim [Thu, 20 Dec 2018 18:28:53 +0000 (18:28 +0000)]
Pull in r329671 from upstream clang trunk (by Akira Hatanaka):
[ExprConstant] Use an AST node and a version number as a key to
create an APValue and retrieve it from map Temporaries.
The version number is needed when a single AST node is visited
multiple times and is used to create APValues that are required to be
distinct from each other (for example, MaterializeTemporaryExprs in
default arguments and VarDecls in loops).
This should fix 'Assertion failed: (Result.isUninit() && "temporary
created multiple times"), function createTemporary' errors (if
assertions are enabled, otherwise the compiler internal state might go
bad), when building the graphics/rawtherapee port.
Direct commit to stable/11 and stable/12, since head already has clang
7.0.1, which includes this change.
dab [Thu, 20 Dec 2018 00:58:16 +0000 (00:58 +0000)]
MFC r341988
asmc: Add Support for Macbook Pro 8,1
PR: 217505
Submitted by: John O. Brickley <obryan.brickley@gmail.com>, updated by Maciej Pasternacki <maciej@pasternacki.net>
Reported by: John O. Brickley <obryan.brickley@gmail.com>
emaste [Wed, 19 Dec 2018 18:19:15 +0000 (18:19 +0000)]
MFC r342227: bootpd: validate hardware type
Due to insufficient validation of network-provided data it may have been
possible for a malicious actor to craft a bootp packet which could cause
a stack buffer overflow.
admbugs: 850
Reported by: Reno Robert
Reviewed by: markj
Approved by: so
Security: FreeBSD-SA-18:15.bootpd
Sponsored by: The FreeBSD Foundation
mav [Tue, 18 Dec 2018 23:22:37 +0000 (23:22 +0000)]
MFC r339909: Allow changing lagg(4) MTU.
Previously, changing the MTU would require destroying the lagg and
creating a new one. Now it is allowed to change the MTU of
the lagg interface and the MTU of the ports will be set to match.
If any port cannot set the new MTU, all ports are reverted to the original
MTU of the lagg. Additionally, when adding ports, the MTU of a port will be
automatically set to the MTU of the lagg. As always, the MTU of the lagg is
initially determined by the MTU of the first port added. If adding an
interface as a port for some reason fails, that interface is reverted to its
original MTU.
Submitted by: Ryan Moeller <ryan@freqlabs.com>
Relnotes: Yes
Sponsored by: iXsystems Inc.
brooks [Tue, 18 Dec 2018 09:16:04 +0000 (09:16 +0000)]
Partial MFC of r342125:
Fix bugs in plugable CC algorithm and siftr sysctls.
Use the sysctl_handle_int() handler to write out the old value and read
the new value into a temporary variable. Use the temporary variable
for any checks of values rather than using the CAST_PTR_INT() macro on
req->newptr. The prior usage read directly from userspace memory if the
sysctl() was called correctly. This is unsafe and doesn't work at all on
some architectures (at least i386.)
In some cases, the code could also be tricked into reading from kernel
memory and leaking limited information about the contents or crashing
the system. This was true for CDG, newreno, and siftr on all platforms
and true for i386 in all cases. The impact of this bug is largest in
VIMAGE jails which have been configured to allow writing to these
sysctls.
Per discussion with the security officer, we will not be issuing an
advisory for this issue as root access and a non-default config are
required to be impacted.
Changes to sys/netinet/cc/cc_newreno.c are not merged as the sysctl's
had not previously been merged.
Reviewed by: markj, bz
Discussed with: gordon (security officer)
Security: kernel information leak, local DoS (both require root)
Differential Revision: https://reviews.freebsd.org/D18443
ae [Mon, 17 Dec 2018 10:43:23 +0000 (10:43 +0000)]
MFC r341798:
Use correct size for IPv4 address in gethostbyaddr().
When u_long is 8 bytes, it returns EINVAL and 'ipfw -N show' doesn't work.
Reported by: Claudio Eichenberger <cei at yourshop.com>
MFC r341799:
Rework how protocol number is tracked in rule. Save it when O_PROTO
opcode will be printed. This should solve the problem, when protocol
name is not printed in `ipfw -N show`.
Reported by: Claudio Eichenberger <cei at yourshop.com>
mmel [Sat, 15 Dec 2018 06:34:13 +0000 (06:34 +0000)]
MFC r341738:
Implement R_AARCH64_TLS_DTPMOD64 and A_AARCH64_TLS_DTPREL64 relocations.
Although these are slightly obsolete in favor of R_AARCH64_TLSDESC, gcc
-mtls-dialect=trad still use them.
mmel [Fri, 14 Dec 2018 10:25:22 +0000 (10:25 +0000)]
MFC r341511,r341512,r341513:
r341511:
Fix style(9). Not a functional change.
r341512:
Implement arm64 version of __tls_get_addr().
r341513:
Tidy up arm64 reloc_jmpslots() implementation.
- don't relocate jump slots multiple times (if LD_BIND_NOW is defined).
- process only R_AARCH64_JUMP_SLOT here, other relocation types are
handled by reloc_plt().
kp [Thu, 13 Dec 2018 20:00:16 +0000 (20:00 +0000)]
pfsync: Performance improvement
pfsync code is called for every new state, state update and state
deletion in pf. While pf itself can operate on multiple states at the
same time (on different cores, assuming the states hash to a different
hashrow), pfsync only had a single lock.
This greatly reduced throughput on multicore systems.
Address this by splitting the pfsync queues into buckets, based on the
state id. This ensures that updates for a given connection always end up
in the same bucket, which allows pfsync to still collapse multiple
updates into one, while allowing multiple cores to proceed at the same
time.
The number of buckets is tunable, but defaults to 2 x number of cpus.
Benchmarking has shown improvement, depending on hardware and setup, from ~30%
to ~100%.
eugen [Thu, 13 Dec 2018 10:55:48 +0000 (10:55 +0000)]
MFC r340394: ipfw.8: Fix part of the SYNOPSIS documenting
LIST OF RULES AND PREPROCESSING that is still referred
as last section of the SYNOPSIS later but was erroneously situated
in the section IN-KERNEL NAT.
vmaffione [Thu, 13 Dec 2018 10:18:31 +0000 (10:18 +0000)]
MFC r341726
tools: netmap: pkt-gen: check packet length against interface MTU
Validate the value of the -l argument (packet length) against the MTU of the netmap port.
In case the netmap port does not refer to a physical interface (e.g. VALE port or pipe), then
the netmap buffer size is used as MTU.
This change also sets a better default value for the -M option, so that pkt-gen uses
the largest possible fragments in case of multi-slot packets.
Changelist:
- Replace netmap passthrough host support with a more general
mechanism to call TXSYNC/RXSYNC from an in-kernel event-loop.
No kernel threads are used to use this feature: the application
is required to spawn a thread (or a process) and issue a
SYNC_KLOOP_START (NIOCCTRL) command in the thread body. The
kernel loop is executed by the ioctl implementation, which returns
to userspace only when a different thread calls SYNC_KLOOP_STOP
or the netmap file descriptor is closed.
- Update the if_ptnet driver to cope with the new data structures,
and prune all the obsolete ptnetmap code.
- Add support for "null" netmap ports, useful to allocate netmap_if,
netmap_ring and netmap buffers to be used by specialized applications
(e.g. hypervisors). TXSYNC/RXSYNC on these ports have no effect.
- Various fixes and code refactoring.
Sponsored by: Sunny Valley Networks
Differential Revision: https://reviews.freebsd.org/D18015
gjb [Wed, 12 Dec 2018 18:18:34 +0000 (18:18 +0000)]
MFC r339873:
Set OPTIONS_UNSET in the argument list to env(1), and add
AVAHI to the list. This fixes the textproc/docproj build
seemingly following FLAVORS being added.
Specifically, the problem with the dependency chain here is:
- textproc/docproj depends on print/cups, which sets AVAHI=on
by default;
- net/avahi-app depends on devel/gobject-introspection, which
requires python3+;
- graphics/netpbm depends on graphics/mesa-libs, which can
only be built with python2.7;
- textproc/docproj depends on a number of graphics ports for
font rendering, etc.
hselasky [Wed, 12 Dec 2018 13:13:50 +0000 (13:13 +0000)]
MFC r341585:
mlx5en: Improve configuration of HW LRO.
In order to enable HW LRO, both the "hw_lro" sysctl in the mlx5en(4) config
space must be set, and the ifconfig(8) LRO capability must be set. Any other
settings will disable HW LRO.
hselasky [Wed, 12 Dec 2018 13:12:30 +0000 (13:12 +0000)]
MFC r341584:
mlx5en: Count all transmitted and received bytes.
Add counter for all transmitted and received bytes. Currently only all
transmitted and received packets were counted. Fix description of RX LRO
counters while at it.
hselasky [Wed, 12 Dec 2018 13:11:08 +0000 (13:11 +0000)]
MFC r341583:
mlx5en: Statically allocate and free the channel structure(s).
By allocating the worst case size channel structure array
at attach time we can eliminate various NULL checks in the
fast path. And also reduce the chance for use-after-free
issues in the transmit fast path.
This change is also a requirement for implementing
backpressure support.
hselasky [Wed, 12 Dec 2018 13:05:45 +0000 (13:05 +0000)]
MFC r341582:
mlx5en: Fix race in mlx5e_ethtool_debug_stats().
Writing to the debug stats variable must be locked,
else serialization will be lost which might cause
various kernel panics due to creating and destroying
sysctls out of order.
Make sure the sysctl context is initialized after freeing
the sysctl nodes, else they can be freed twice.
hselasky [Wed, 12 Dec 2018 13:00:56 +0000 (13:00 +0000)]
MFC r341579:
mlx5en: Fix for inlining issues in transmit path
1) Don't exceed the drivers own hardcoded TX inline limit.
The blueflame register size can be much greater than the hardcoded limit
for inlining. Make sure we don't exceed the drivers own limit, because this
also means that the maximum number of TX fragments becomes invalid and
then memory size assumptions in the TX path no longer hold up.
2) Make sure the mlx5_query_min_inline() function returns an error code.
3) Header inlining is required when using TSO.
4) Catch failure to compute inline header size for TSO.
5) Add support for UDP when computing inline header size.
6) Fix for inlining issues with regards to DSCP.
Make sure we inline 4 bytes beyond the ethernet and/or
VLAN header to workaround a hardware bug extracting
the DSCP field from the IPv4/v6 header.
hselasky [Wed, 12 Dec 2018 12:58:05 +0000 (12:58 +0000)]
MFC r341578 and r341655:
mlx5en: Remove the DRBR and associated logic in the transmit path.
The hardware queues are deep enough currently and using the DRBR and associated
callbacks only leads to more task switching in the TX path. The is also a race
setting the queue_state which can lead to hung TX rings.
hselasky [Wed, 12 Dec 2018 12:55:53 +0000 (12:55 +0000)]
MFC r341577:
mlx5en: Implement support for bandwidth limiting in by ratio, ETS.
Add support for setting the bandwidth limit as a ratio rather than in bits per
second. The ratio must be an integer number between 1 and 100 inclusivly.
Implement the needed firmware commands and SYSCTLs through mlx5en(4).
hselasky [Wed, 12 Dec 2018 12:34:35 +0000 (12:34 +0000)]
MFC r341570:
mlx5ib: Make sure the congestion work timer does not escape the drain procedure.
If the mlx5_ib_read_cong_stats() function was running when mlx5ib was unloaded,
because this function unconditionally restarts the timer, the timer can still
be pending after the delayed work has been cancelled. To fix this simply loop
on the delayed work cancel procedure as long as it returns non-zero.
hselasky [Wed, 12 Dec 2018 12:32:14 +0000 (12:32 +0000)]
MFC r341568:
mlx5ib: Fix sign extension in mlx5_ib_query_device
"fw_rev_min(dev->mdev)" with type "unsigned short" (16 bits, unsigned) is
promoted in "fw_rev_min(dev->mdev) << 16" to type "int" (32 bits, signed), then
sign-extended to type "unsigned long" (64 bits, unsigned). If
"fw_rev_min(dev->mdev) << 16" is greater than 0x7FFFFFFF, the upper bits of the
result will all be 1.
hselasky [Wed, 12 Dec 2018 12:29:28 +0000 (12:29 +0000)]
MFC r341566:
mlx5: Fixes to allow command polling mode to exist alongside event mode.
A command is either polling or event driven and the mode cannot change
during execution of a command. Make sure the event handler only handle
commands which are not polled. This is done by checking the command mode
in the command handler before completing commands.
This counter will represent transmitted packets which has more than
1518 octets.
The NIC has multiple hardware counters for counting transmitted
packets larger than 1518 octets. Each counter counts the packets
in specific range.
We accumulate those counters to have a single counter.
hselasky [Wed, 12 Dec 2018 12:22:40 +0000 (12:22 +0000)]
MFC r341560:
mlx5: Fix use-after-free in self-healing flow
When the mlx5 health mechanism detects a problem while the driver
is in the middle of init_one or remove_one, the driver needs to prevent
the health mechanism from scheduling future work; if future work
is scheduled, there is a problem with use-after-free: the system WQ
tries to run the work item (which has been freed) at the scheduled
future time.
Prevent this by disabling work item scheduling in the health mechanism
when the driver is in the middle of init_one() or remove_one().
All other mlx5_events report the port number as 1 based, which is how FW
reports it in the port event EQE. Reporting 0 for this event causes
mlx5_ib to not raise a fatal event notification to registered clients
due to a seemingly invalid port.
All switch cases in mlx5_ib_event that go through the port check are
supposed to set the port now, so just do it once at variable
declaration.
hselasky [Wed, 12 Dec 2018 11:57:27 +0000 (11:57 +0000)]
MFC r341552:
mlx4en: Optimise reception of small packets.
Copy small packets like TCP ACKs into a new mbuf
reusing the existing mbuf to receive a new ethernet
frame. This avoids wasting buffer space for
small sized packets.
hselasky [Wed, 12 Dec 2018 11:47:39 +0000 (11:47 +0000)]
MFC r341547:
mlx4en: Remove the DRBR and associated logic in the transmit path.
The hardware queues are deep enough currently and using the DRBR and associated
callbacks only leads to more task switching in the TX path. The is also a race
setting the queue_state which can lead to hung TX rings.
hselasky [Wed, 12 Dec 2018 11:43:49 +0000 (11:43 +0000)]
MFC r341545:
mlx4: Add board identifier and firmware version to sysctl
In last mlx4 update (r325841) we lost the sysctl to show the
firmware version for mlx4 devices.
Add both board identifier and firmware version under:
sys.device.mlx4_core0.hw sysctl node.
hselasky [Wed, 12 Dec 2018 11:35:00 +0000 (11:35 +0000)]
MFC r341538:
ipoib: Notify on modify QP failure only when relevant
Modify QP can fail and it can be acceptable, like when moving from RST to
ERR state, all the rest are not acceptable and a message to the log
should be printed.
The current code prints on all failures and many messages like:
"Failed to modify QP to ERROR state" appear, even when supported by the
state machine of the QP object.
hselasky [Wed, 12 Dec 2018 11:33:14 +0000 (11:33 +0000)]
MFC r341537:
ipoib: increase the non-cm queue length
When a packet needs fragmentation, it might generate more than 3 fragments.
With the queue length 3, all fragments are generated faster than the
queue is drained, which effectively drops fourth and later fragments on
the floor.
hselasky [Wed, 12 Dec 2018 11:31:54 +0000 (11:31 +0000)]
MFC r341536:
ipoib: Don't do a light flush when MTU is unchanged.
When changing the MTU of ibX network interfaces, check that the MTU was really
changed before requesting an update of the multicast rules. Else we might go
into an infinite loop joining and leaving ibX multicast groups towards the
opensm master interface.
hselasky [Wed, 12 Dec 2018 11:30:21 +0000 (11:30 +0000)]
MFC r341535:
ipoib: correct setting MTU from inside ipoib(4).
It is not enough to set ifnet->if_mtu to change the interface MTU.
System saves the MTU for route in the radix tree, and route cache keeps
the interface MTU as well. Since addition of the multicast group causes
recalculation of MTU, even bringing the interface up changes MTU from
4042 to 1500, which makes the system configuration inconsistent. Worse,
ip_output() prefers route MTU over interface MTU, so large packets are
not fragmented and dropped on floor.
Fix it for ipoib(4) using the same approach (or hack) as was applied
for it_tun/if_tap in r339012. Thanks to bz@ for giving the hint.
hselasky [Wed, 12 Dec 2018 11:29:21 +0000 (11:29 +0000)]
MFC r339012:
For changing the MTU on tun/tap devices, it should not matter whether it
is done via using ifconfig, which uses a SIOCSIFMTU ioctl() command, or
doing it using a TUNSIFINFO/TAPSIFINFO ioctl() command.
Without this patch, for IPv6 the new MTU is not used when creating routes.
Especially, when initiating TCP connections after increasing the MTU,
the old MTU is still used to compute the MSS.
Thanks to ae@ and bz@ for helping to improve the patch.
hselasky [Wed, 12 Dec 2018 11:16:32 +0000 (11:16 +0000)]
MFC r341534:
ibcore: Fix clearing of bound device interface.
Binding to a loopback device is not allowed. Make sure the destination
device address is global by clearing the bound device interface.
Only do this conditionally, else link local addresses won't work.
hselasky [Wed, 12 Dec 2018 10:56:53 +0000 (10:56 +0000)]
MFC r341530:
ibcore: Fix loopback with rdma-cm.
Trying to validate loopback fails because rtalloc1() resolves system
local addresses to the loopback network interface, lo0. Fix this by
explicitly checking for loopback during validation of the source
and destination network address. If the source address belongs to
a local network interface and is equal to the destination address,
there is no need to run the destination address through rtalloc1().
hselasky [Wed, 12 Dec 2018 10:29:48 +0000 (10:29 +0000)]
MFC r341526:
ibcore: Fix an array index check
The array ib_mad_mgmt_class_table.method_table has MAX_MGMT_CLASS
(80) elements. Hence compare the array index with that value instead
of with IB_MGMT_MAX_METHODS (128). This patch avoids that Coverity
reports the following:
Overrunning array class->method_table of 80 8-byte elements at element index 127
(byte offset 1016) using index convert_mgmt_class(mad_hdr->mgmt_class)
(which evaluates to 127).
hselasky [Wed, 12 Dec 2018 10:22:10 +0000 (10:22 +0000)]
MFC r341523:
ibcore: Don't access invalid port.
The port number in the listen_id_priv has been observed to be zero which
means no port has been selected. The current code lacks a check for invalid
port number.