Bjoern A. Zeeb [Thu, 11 May 2023 22:19:57 +0000 (22:19 +0000)]
LinuxKPI: add dummy hash.h and kernel_connect()
Add crypto/hash.h and a dummy kernel_connect() needed to compile
the ath11k wireless driver. While I hope we will not actually need
the hash.h fallbacks, kernel_connect() we will have to deal with once
we sort out more QMI bits.
Fix the sizing of IEEE80211_TX_INFO_DRIVER_DATA_SIZE so that it
also works on 32bit platforms. Otherwise it triggers a compile-time
assertion in ath10k for i386.
Move a KASSERT out of a function and make it a CTASSERT with
appropriate comments.
Skeleton implement two tkip functions, still left TODO, initializing
variables with dummy values to quiten compiler warnings. It is
unclear to me if we should still ever properly implement TKIP
compat code at this point. If so the current code gives a good
idea what needs to be done in addition to allocating references
to real state along with keyconf.
Bjoern A. Zeeb [Fri, 31 Mar 2023 19:52:19 +0000 (19:52 +0000)]
LinuxKPI: 802.11: adjust locking
Split up the lhw lock and the scan lock. The latter is a mtx
while the former changes from mtx to sx as mac80211 downcalls may
sleep (and the ic lock is not usable in that case either and a larger
project to fix).
This will also enforce some lookups under lock (mostly scan) as well
as general protection for more compat code and avoid a possible
deadlock with one of the upcoming callbacks from driver into the
compat code.
Bjoern A. Zeeb [Tue, 16 May 2023 16:03:17 +0000 (16:03 +0000)]
net80211: Radiotap: update for newer standards (add EHT, U-SIG)
iwlwifi already uses suggested EHT and U-SIG bits as well as some
more TLV bits. Update radiotap to know of those even if they might
get updated again in the future in order to get newer versions of
the driver to compile.
ath1xk drivers require further HE defines. Some of those we had
already predicted as comments in the past.
Bjoern A. Zeeb [Sat, 13 May 2023 15:17:47 +0000 (15:17 +0000)]
LinuxKPI: fix WRITE_ONCE()
Fix a gcc warning: "to be safe all intermediate pointers in cast from
'...' to '...' must be 'const' qualified [-Wcast-qual]".
Doing what is essentially a __DECONST() adding the uintptr_t gets
rid of the massive amount of warnings we get in LinuxKPI and lets
us see the actual problems a lot better.
This is a follow-up to 74e908b3c63b28de1d590dc42502fbe959a6da2e which
fixed READ_ONCE().
Sponsored by: The FreeBSD Foundation
Suggested by: jhb
Reviewed by: hselasky
Differential Revision: https://reviews.freebsd.org/D40084
Rather than using ACCESS_ONCE() in READ_ONCE() add a missing cast
to const in order to satisfy -Wcast-equal by gcc.
Sadly we cannot do the same to WRITE_ONCE() which still is very
noisy.
Sponsored by: The FreeBSD Foundation
Reviewed by: hselasky
Differential Revision: https://reviews.freebsd.org/D39706
Harmonize sk_buff_head and sk_buff further and fix -Warray-bounds
warnings reports by gcc. At the same time simplify some code by
re-using other functions or factoring some code out.
Quieten some more (valid) gcc warnings and disable dead code.
There are more warnings, some probably a compiler problem, the
other related to firmware structs which I do not want to adjust
just locally. Leave a comment to revisit after a next driver
update.
Bjoern A. Zeeb [Wed, 17 May 2023 20:40:47 +0000 (20:40 +0000)]
ifconfig: improve trimming off interface number at end
When trying to auto-load a module, we trim the interface number off
the end. Currently we stop at the first digit. For interfaces which
have numbers in the driver name this does not work well.
In the current example ifconfig ath10k0 would load ath(4) instead of
ath10k(4). For module/interface names like rtw88[0] we never guess
correctly.
To improve for the case we can, start trimming off digits from the
end rather than the front.
Sponsored by: The FreeBSD Foundation
Reported by: thierry
Reviewed by: melifaro, thierry
Differential Revision: https://reviews.freebsd.org/D40137
network.subr: adjust regex for wlans_xxxxx rc.conf entries
Drivers like ath1[012]k will not match the current wlans_*-regex as
they have digits followed by letters. Adjust the regex to allow
this combination in order to be able to configure interfaces with
names like wlans_ath11k0="..."
Bjoern A. Zeeb [Thu, 23 Mar 2023 22:37:12 +0000 (22:37 +0000)]
rc/WPA: driver_bsd.c: backout upstream IFF_ change and add logging
This reverts the state to our old supplicant logic setting or clearing
IFF_UP if needed. In addition this adds logging for the cases in which
we do (not) change the interface state.
Depending on testing this seems to help bringing WiFi up or not log
any needed changes (which would be the expected wpa_supplicant logic
now). People should look out for ``(changed)`` log entries (at least
if debugging the issue; this way we will at least have data points).
There is a hypothesis still pondered that the entire IFF_UP toggling
only exploits a race in net80211 (see further discssussions for more
debugging and alternative solutions see D38508 and D38753).
That may also explain why the changes to the rc startup script [1]
only helped partially for some people to no longer see the
continuous CTRL-EVENT-SCAN-FAILED.
It is highly likely that we will want further changes and until
we know for sure that people are seeing ''(changed)'' events
this should stay local. Should we need to upstream this we'll
likely need #ifdef __FreeBSD__ around this code.
Remove ifconfig down/up workaround (bfb202c4554a) in
rc.d/wpa_supplicant as it is no longer needed.
Bjoern A. Zeeb [Tue, 21 Mar 2023 21:25:28 +0000 (21:25 +0000)]
ifconfig: ifieee80211: print bssid name
In certain setups (e.g., autonomous APs) it is extremly helpful to have
a way to map the BSSIDs to names for both normal status output as well
as the scan list. This often allows a quicker overview than remembering
(or manually looking up) BSSIDs.
Call ether_ntohost() on the bssid and consult /etc/ethers
and print "(name)" after the bssid for the status output and "(name)"
at the end of the line after the IE list.
Bjoern A. Zeeb [Tue, 14 Mar 2023 21:00:48 +0000 (21:00 +0000)]
net80211: define mask for ss_flags rather than using hardcoded 0xfff
scan state ss_flags in two places cut off the "internal" GOTPICK
options. Replace the hardcoded 0xfff with a defined mask.
Note that "internal" flags is confusing as we also supplement the
the 16bit by another 16bit of "internal flags" passed around but
comaparing to GOTPICK never stored to my understanding.
No functional change.
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D38832
Bjoern A. Zeeb [Tue, 14 Mar 2023 21:01:19 +0000 (21:01 +0000)]
net80211: make ieee80211_scan_dump_channels private
ieee80211_scan_dump_channels() is only used locally and only when
IEEE80211_DEBUG is compiled. Stop exporting it, make it file local
and hide under the #ifdef to reduce the footprint for production
kernels a tiny bit.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38833
Bjoern A. Zeeb [Tue, 14 Feb 2023 15:53:13 +0000 (15:53 +0000)]
dpaa2: add console support for FDT based systems
Add DPAA2 console support for MC and AIOP (latter untested) for FDT
systems. ACPI systems are prepared but need some proper bus function
in order to get the address from MC (and likely a file splitup then).
This will come at a later stage once other ACPI/FDT bus parts are
cleared up.
The work was originally done in July 2022 and finally switched to
bus_space[1] lately to be ready for main.
Suggested by: andrew [1]
Reviewed by: dsl
Differential Revision: https://reviews.freebsd.org/D38592
Eugene Grosbein [Mon, 19 Jun 2023 07:49:35 +0000 (14:49 +0700)]
motd: MFC: unbreak for source upgrade
In case of source upgrade path from 12.x proper merge of new /etc
installs /etc/motd.template. Becase of that, the system is left
without symlink /etc/motd -> /var/run/motd but with stale /etc/motd contents.
Fix it creating symlink despite of presence of /etc/motd.template.
Michael Tuexen [Sun, 30 Apr 2023 09:39:32 +0000 (11:39 +0200)]
sctp: improve handling of stale cookie error causes
* If a measure of staleness of 0 is reported, use the RTT instead.
* Ensure that we always send a cookie preservative parameter by
rounding up during the calculation.
* If allowed, perform a round trip time measurement.
* Clear the overall error counter, since the error cause also
acts like an ACK.
Michael Tuexen [Thu, 16 Mar 2023 09:45:13 +0000 (10:45 +0100)]
sctp: don't do RTT measurements with cookies
When receiving a cookie, the receiver does not know whether the
peer retransmitted the COOKIE-ECHO chunk or not. Therefore, don't
do an RTT measurement. It might be much too long.
To overcome this limitation, one could do at least two things:
1. Bundle the INIT-ACK chunk with a HEARTBEAT chunk for doing the
RTT measurement. But this is not allowed.
2. Add a flag to the COOKIE-ECHO chunk, which indicates that it
is the initial transmission, and not a retransmission. But
this requires an RFC.
Michael Tuexen [Wed, 21 Jun 2023 07:03:30 +0000 (09:03 +0200)]
sctp: fix man page for socket option controlling delayed acks
The SCTP_DELAYED_ACK_TIME socket option was replaced by the
SCTP_DELAYED_SACK in the socket API specification in
draft-ietf-tsvwg-sctpsocket-14.
The code was updated in r170056, but the man page was not.
Certain internet service providers transmit vlan 0 priority tagged
EAPOL frames from the ONT towards the residential gateway. VID 0
should be ignored, and the frame processed according to the priority
set in the 802.1P bits and the encapsulated EtherType (i.e. EAPOL).
The pcap filter utilized by l2_packet is inadquate for this use case.
Here we modify the pcap filter to accept both unencapsulated and
encapsulated (with VLAN 0) EAPOL EtherTypes. This preserves the
original filter behavior while also matching on encapsulated EAPOL.
Mark Johnston [Thu, 15 Jun 2023 16:10:44 +0000 (12:10 -0400)]
arm64: Remove struct arm64_frame
It was used in one place and was added specifically to support dtrace
stack unwinding code. Write an equivalent expression using struct
unwind_state instead. No functional change intended.
Reviewed by: andrew
MFC after: 1 week
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D40538
Mark Johnston [Tue, 23 May 2023 14:14:06 +0000 (10:14 -0400)]
md: Get rid of the pbuf zone
The zone is used solely to provide KVA for mapping BIOs so that we can
pass mapped buffers to VOP_READ and VOP_WRITE. Currently we preallocate
nswbuf/10 bufs for this purpose during boot.
The intent was to limit KVA usage on 32-bit systems, but the
preallocation means that we in fact consumed more KVA than needed unless
one has more than nswbuf/10 (typically 25) vnode-backed MD devices
in existence, which I would argue is the uncommon case.
Meanwhile, all I/O to an MD is handled by a dedicated thread, so we can
instead simply preallocate the KVA region at MD device creation time.
kern_ntptime: Fix undefined behavior of the shift operator
L_LINT macro is used with negative numbers [i.e.
L_LINT(time_freq, -MAXFREQ)], it could cause undefined
behavior. It should be similar to the L_RSHIFT(v, n) macro.
Brad Smith [Fri, 9 Jun 2023 20:01:35 +0000 (22:01 +0200)]
msun: Correct FreeBSD version in sincos() man page
The sincos() man page notes the function was added to msun in FreeBSD
9.0 which must have been an oversight in the review as it was commited
to 12.0 and then backported to the 11 branch.
So I have provided a diff to correct this to the first FreeBSD version
it did ship with which was 11.2.
Colin Percival [Wed, 7 Jun 2023 22:17:12 +0000 (15:17 -0700)]
EC2: Default to "uefi-preferred" boot mode
In EC2, UEFI boots faster than BIOS, but not all amd64 instance types
support UEFI. AMIs need to have their boot mode designated, which
created a dilemma: Faster boots, or wider compatibility?
The recently added "uefi-preferred" option solves this: AMIs can be
marked to use UEFI where it's available, but fall back to BIOS on
instance types which do not support UEFI.
This uses bsdec2-image-upload 1.4.6, which recently landed in the
ports tree.
Cy Schubert [Wed, 31 May 2023 19:20:27 +0000 (12:20 -0700)]
pam_krb5: Fix spoofing vulnerability
An adversary on the network can log in via ssh as any user by spoofing
the KDC. When the machine has a keytab installed the keytab is used to
verify the service ticket. However, without a keytab there is no way
for pam_krb5 to verify the KDC's response and get a TGT with the
password.
If both the password _and_ the KDC are controlled by an adversary, the
adversary can provide a password that the adversary's spoofed KDC will
return a valid tgt for. Currently, without a keytab, pam_krb5 is
vulnerable to this attack.
Reported by: Taylor R Campbell <riastradh@netbsd.org> via emaste@
Reviewed by: so
Approved by: so
Security: FreeBSD-SA-23:04.pam_krb5
Security: CVE-2023-3326
Kyle Evans [Sun, 28 May 2023 17:52:51 +0000 (12:52 -0500)]
libc: locale: fix collation file size validation
At a minimum, we need enough for the colllation format version string +
locale definition version string and a full collate_info definition,
rather than just the first two and a pointer.
Kyle Evans [Mon, 15 May 2023 17:21:45 +0000 (12:21 -0500)]
arm64: gicv3: setup PPIs on all APs after they're online
For all PPIs setup earlier than SI_SUB_SMP, PIC_INIT_SECONDARY ends up
cleaning these up for each AP as it comes online. Once they're online,
we don't currently do anything to make sure they're configured for other
APs. Fix it by using smp_rendezvous for the meaty bits of configuring a
PPI, which will just do single-thread behavior before APs are online but
do the right thing for other CPUs after.
While we're here, make sure redistributor config is correct for other
APs as they come online in gic_v3_init_secondary.
Kyle Evans [Tue, 9 May 2023 03:45:12 +0000 (22:45 -0500)]
acl(3): improve discoverability of acl_get_perm_np(3)
- Mention it in acl(3) as an available function, xref
- Mention it in acl_get_permset(3), as acl_get_perm_np(3) is a natural
follow-up to acl_get_permset(3)
Mark Johnston [Mon, 12 Jun 2023 16:09:34 +0000 (12:09 -0400)]
opencrypto: Handle end-of-cursor conditions in crypto_cursor_segment()
Some consumers, e.g., swcr_encdec(), may call crypto_cursor_segment()
after having advanced the cursor to the end of the buffer. In this case
I believe the right behaviour is to return NULL and a length of 0.
When this occurs with a CRYPTO_BUF_VMPAGE buffer, the cc_vmpage pointer
will point past the end of the page pointer array, so
crypto_cursor_segment() ends up dereferencing a random pointer before
the function returns a length of 0. The uio-backed cursor has
a similar problem.
Address this by keeping track of the residual buffer length and
returning immediately once the length is zero.
PR: 271766
Reported by: Andrew "RhodiumToad" Gierth <andrew@tao11.riddles.org.uk>
Reviewed by: jhb
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40428
Martin Matuska [Sat, 17 Jun 2023 07:14:08 +0000 (09:14 +0200)]
zfs: merge openzfs/zfs@86783d7d9 (zfs-2.1-release) into stable/13
OpenZFS release 2.1.12
Notable upstream pull requeset merges:
#14145 Storage device expansion "silently" fails on degraded vdev
#14358 Wait for txg sync if the last DRR_FREEOBJECTS might result in
a hole
#14410 Improve resilver ETAs
#14428 Resilver performance tuning
#14501 FreeBSD: don't verify recycled vnode for zfs control directory
#14524 Ignore too large stack in case of dsl_deadlist_merge
#14659 Allow MMP to bypass waiting for other threads
#14722 Fix "Detach spare vdev in case if resilvering does not happen"
#14774 FreeBSD .zfs fixups
#14776 FreeBSD: make zfs_vfs_held() definition consistent with
declaration
#14788 FreeBSD: add missing vop_fplookup assignments
#14794 zpool import -m also removing spare and cache when log device
is missing
#14795 Fix positive ABD size assertion in abd_verify()
#14798 Mark TX_COMMIT transaction with TXG_NOTHROTTLE
#14811 Refine special_small_blocks property validation
#14816 Fix two abd_gang_add_gang() issues
#14819 Add dmu_tx_hold_append() interface
#14823 Remove single parent assertion from zio_nowait()
#14853 zil: Don't expect zio_shrink() to succeed
#14861 Probe vdevs before marking removed
#14873 Add the ability to uninitialize a zpool
#14892 Fix concurrent resilvers initiated at same time
#14903 Fix NULL pointer dereference when doing concurrent 'send'
operations
#14910 ZIL: Allow to replay blocks of any size
Mitchell Horne [Mon, 12 Jun 2023 13:51:16 +0000 (10:51 -0300)]
linuxkpi: #ifdef guard fpu_kern(9) usage
The recent revert of 8ca78eb03fd4 removed the guards around these calls.
As a result, LINT builds for architectures which do not implement this
API on the branch are failing -- armv7, powerpc, powerpc64, riscv.
4aeb63826e0f got it almost correct (we can't use strcmp() here as
current argument isn't guaranteed to be NUL-terminated), but we also
need to check that current argument length is equal to that of eofstr.
ctags: Support writing to stdout instead of a file.
* Understand "-" to mean stdout as per convention.
* Check that the output is a regular file and ignore -u if not, otherwise we might try to rm /dev/stdout.
* As a bonus, if -u was specified but the output file does not exist, proceed as if -u had not been specified instead of erroring out.
Mitchell Horne [Thu, 25 May 2023 17:07:49 +0000 (14:07 -0300)]
riscv timer: use stimecmp CSR when available
The Sstc extension defines a new stimecmp CSR, allowing supervisor
software to set the timer, rather than just read it. When supported,
using this avoids the frequent trips through the SBI every time the
CPU's timer expires.
Reviewed by: jhb
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40241
Mitchell Horne [Mon, 22 May 2023 23:54:36 +0000 (20:54 -0300)]
riscv: Print less CPU info
Change the reporting strategy to more closely follow what arm64
implements:
- Always print the one-line CPU summary when a core comes online
- Only print the additional fields (e.g. ISA) when they differ from the
CPU before it
In the common case of identical CPUs this results in informative but
non-repetitive output. For example, in QEMU:
CPU 0 : Vendor=Unspecified Core=Unknown (Hart 0)
marchid=0x80032, mimpid=0x80032
MMU: 0x7<Sv39,Sv48,Sv57>
ISA: 0x112d<Atomic,Compressed,Double,Float,Mult/Div>
real memory = 8589934592 (8192 MB)
avail memory = 8332300288 (7946 MB)
FreeBSD/SMP: Multiprocessor System Detected: 6 CPUs
CPU 1 : Vendor=Unspecified Core=Unknown (Hart 1)
CPU 2 : Vendor=Unspecified Core=Unknown (Hart 2)
CPU 3 : Vendor=Unspecified Core=Unknown (Hart 3)
Reviewed by: markj
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40024
Mitchell Horne [Mon, 22 May 2023 23:53:43 +0000 (20:53 -0300)]
riscv: MMU detection
Detect and report the supported MMU for each CPU. Export the
capabilities to the rest of the kernel and use it in pmap_bootstrap() to
check for Sv48 support.
Reviewed by: markj
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39814
Mitchell Horne [Mon, 22 May 2023 23:51:44 +0000 (20:51 -0300)]
riscv: Rework CPU identification (second part)
Modify when and how we perform parsing and reporting. Most notably,
everything now executes on CPU 0.
The de-facto standard way to enumerate CPU features (ISA extensions) on
RISC-V is by parsing each CPU's ISA string. We currently obtain this
information from the device tree, and in the future will be able to pull
it from ACPI tables.
Eliminate the SYSINIT from identcpu.c. We still need to walk the /cpus
list in the device tree, but now do this one CPU at a time, as a step in
the identify_cpu() procedure. This is slightly less error prone, and
allows us to parse ISA features for CPU 0 much earlier.
Make use of the SMP hooks cpu_mp_start() and cpu_mp_announce() to
identify and print secondary CPU info, respectively. This causes
secondary processor identification to be printed much earlier in boot;
everything is done by SI_SUB_CPU, SI_ORDER_THIRD. Adjust some other
printf() calls so that we get enough useful info to debug under
bootverbose.
Reviewed by: markj (slightly earlier version)
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39811
Mitchell Horne [Mon, 22 May 2023 23:50:09 +0000 (20:50 -0300)]
riscv: Call identify_cpu() earlier for CPU 0
It is advantageous to have knowledge of ISA features as early as
possible. For example, the presence of newer virtual memory extensions
may be useful to pmap_bootstrap().
To achieve this, split out the printf() parts of identify_cpu() into a
separate function, printcpuinfo(). This latter function will be called
later in boot after the console has been initialized.
Reviewed by: markj
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39810
Mitchell Horne [Mon, 22 May 2023 23:48:41 +0000 (20:48 -0300)]
riscv: Rework CPU identification (first part)
Make better use of the RISC-V identification CSRs: mvendorid, marchid,
and mimpid. This code was written before these registers were
well-specified, or even available to the kernel. It currently fails to
recognize any CPU or platform.
Per the privileged specification, mvendorid contains the JEDEC vendor ID,
or zero.
The marchid register denotes the CPU microarchitecture. This is either
one of the globally allocated open-source implementation IDs, or the
field has a custom encoding. Therefore, for known vendors (SiFive) we
can also maintain a list of known marchid values. If we can not give a
name to the CPU but marchid is non-zero, then just print its value in
the report.
The mimpid (implementation ID) could be used in the future to more
uniquely identify the micro-architecture, but it really remains to be
seen how it gets used. For now we just print its value.
Thank you to Danjel Qyteza <danq1222@gmail.com> who submitted an early
version of this change to me, although it has been almost entirely
rewritten.
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39809
Tetsuya Uemura [Sun, 28 May 2023 12:56:21 +0000 (09:56 -0300)]
bcm2835_gpio: Handle BCM2711 pin configuration
Add support for GPIO internal pull up/down configuration on RPi4 family.
BCM2711 SoC on 4th generation Raspberry Pi changed the way to configure
its GPIO pins' internal pull up/down resistors. NetBSD already have
support for this change, and port it to FreeBSD is trivial.
This patch, based on the NetBSD commit adds the appropriate method for
BCM2711 and now we can properly configure the GPIO pins' pull status.
Mitchell Horne [Wed, 10 May 2023 12:52:47 +0000 (09:52 -0300)]
hier(7): drop list of /usr/include subdirectories
It is nice to have, however, the location of this information means that
it will naturally be missed by developers adding or removing directories
to the layout, so it trends out-of-date and it is out-of-date.
The target audience for hier(7) is users and administrators. It is not
expected to be a place that programmers should go to learn about the
purposes of the different C headers provided by FreeBSD.
Program authors needing FreeBSD-specific interfaces or libraries
(#include <sys/queue.h>, for instance) will either be following a more
detailed man page, or consulting the header contents directly. Folks
targeting standardized headers (#include <sys/time.h>) will not need
hier(7) to tell them where those headers are under /usr/include.
In other words, this is more detail than necessary for this document.
I'd go as far as to say that many of the existing entries in this list
do little more than parrot the name of the directory.
With all this in mind, let's drop the maintenance burden.
Reviewed by: imp, emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40000
riscv: Use PMAP_MAPDEV_EARLY_SIZE in locore and pmap_bootstrap
Use PMAP_MAPDEV_EARLY_SIZE instead of assuming that its value is always
L2_SIZE. Add compile-time assertions to check that the size matches the
expectations in locore.