Kornel Duleba [Tue, 31 Aug 2021 06:22:29 +0000 (08:22 +0200)]
mvneta: Fix MTU update sequence
After MTU is updated we might start using allocating RX buffers from different pool. (MJUM9BYTES vs MCLBYTES)
Because of that we need to update the RX buffer size in hardware.
Previously it was done only when the interface was up, which is incorrect since MTU can be changed at any time.
qoriq_dw_pci: Fix typo in link status checking code
On some DesignWare PCIe controllers accessing config registers of slots
whose link is down triggers a SError. Because of that we need to check the
link status before any acceses config space.
Due to a typo link was always reported up.
This fixes a SError that occured during boot on LS1028A-RDB.
Ryan Stone [Wed, 7 Jul 2021 20:04:10 +0000 (16:04 -0400)]
Fix an early return in ctld UCL parser
If the UCL ctld parser encountered a port that used the CTL
ioctl device, it fell into a special case that had an erroneous
early return. This caused all configuration in the target
following the port attribute to be skipped. Fix this by replacing
the return with a continue so that the rest of the config is
parsed correctly.
John Baldwin [Mon, 30 Aug 2021 22:55:40 +0000 (15:55 -0700)]
cxgbei: Add sysctls to report the maximum data segment lengths.
These sysctls report the maximum data segment lengths supported by an
adapter. These are the values advertised to the remote end during the
login phase.
Thomas Skibo [Mon, 30 Aug 2021 20:39:20 +0000 (21:39 +0100)]
sifive_spi: Add missing case for SPIBUS_MODE_NONE
Otherwise sckmode is left uninitialised, not zero. This mode is used for
the on-board flash on the HiFive Unmatched board. Whilst here, catch
unknown modes and return an error rather than silently continuing.
John Baldwin [Mon, 30 Aug 2021 20:11:52 +0000 (13:11 -0700)]
ktls: Support asynchronous dispatch of AEAD ciphers.
KTLS OCF support was originally targeted at software backends that
used host CPU cycles to encrypt TLS records. As a result, each KTLS
worker thread queued a single TLS record at a time and waited for it
to be encrypted before processing another TLS record. This works well
for software backends but limits throughput on OCF drivers for
coprocessors that support asynchronous operation such as qat(4) or
ccr(4). This change uses an alternate function (ktls_encrypt_async)
when encrypt TLS records via a coprocessor. This function queues TLS
records for encryption and returns. It defers the work done after a
TLS record has been encrypted (such as marking the mbufs ready) to a
callback invoked asynchronously by the coprocessor driver when a
record has been encrypted.
- Add a struct ktls_ocf_state that holds the per-request state stored
on the stack for synchronous requests. Asynchronous requests malloc
this structure while synchronous requests continue to allocate this
structure on the stack.
- Add a ktls_encrypt_async() variant of ktls_encrypt() which does not
perform request completion after dispatching a request to OCF.
Instead, the ktls_ocf backends invoke ktls_encrypt_cb() when a TLS
record request completes for an asynchronous request.
- Flag AEAD software TLS sessions as async if the backend driver
selected by OCF is an async driver.
- Pull code to create and dispatch an OCF request out of
ktls_encrypt() into a new ktls_encrypt_one() function used by both
ktls_encrypt() and ktls_encrypt_async().
- Pull code to "finish" the VM page shuffling for a file-backed TLS
record into a helper function ktls_finish_noanon() used by both
ktls_encrypt() and ktls_encrypt_cb().
Dimitry Andric [Sun, 29 Aug 2021 11:15:23 +0000 (13:15 +0200)]
Fix acpica macros that subtract null pointers
Clang 13.0.0 produces a new -Werror warning about the ACPI_TO_INTEGER(p)
and ACPI_OFFSET(d, f) macros in acpica's actypes.h:
sys/contrib/dev/acpica/components/dispatcher/dsopcode.c:708:31: error: performing pointer subtraction with a null pointer has undefined behavior [-Werror,-Wnull-pointer-subtraction]
ObjDesc->Region.Address = ACPI_PTR_TO_PHYSADDR (Table);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
sys/contrib/dev/acpica/include/actypes.h:664:41: note: expanded from macro 'ACPI_PTR_TO_PHYSADDR'
#define ACPI_PTR_TO_PHYSADDR(i) ACPI_TO_INTEGER(i)
^~~~~~~~~~~~~~~~~~
sys/contrib/dev/acpica/include/actypes.h:661:41: note: expanded from macro 'ACPI_TO_INTEGER'
#define ACPI_TO_INTEGER(p) ACPI_PTR_DIFF (p, (void *) 0)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sys/contrib/dev/acpica/include/actypes.h:656:82: note: expanded from macro 'ACPI_PTR_DIFF'
#define ACPI_PTR_DIFF(a, b) ((ACPI_SIZE) (ACPI_CAST_PTR (UINT8, (a)) - ACPI_CAST_PTR (UINT8, (b))))
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.
This problem of undefined behavior was also reported to acpica by @cem
in 2018: https://github.com/acpica/acpica/issues/407, but it seems there
was never any fix committed for it upstream.
Instead fix these locally, for ACPI_TO_INTEGER by simply casting the
incoming pointer to ACPI_SIZE (which corresponds roughly to uintptr_t
and size_t), and for ACPI_OFFSET by reusing our __offsetof definition
from sys/cdefs.h.
Mitchell Horne [Mon, 30 Aug 2021 17:03:18 +0000 (14:03 -0300)]
hwpmc: don't validate capabilities in allocation method
These checks were inconsistently applied across the various hwpmc
classes. The condition is already checked by the generic code in
hwpmc_mod.c, so remove them.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31388
Mitchell Horne [Mon, 30 Aug 2021 17:02:23 +0000 (14:02 -0300)]
hwpmc: consistently validate PMC class in allocation method
It is always a good idea. In one case, attempting to allocate N+1 PMCs
from a class with N hardware counters would incorrectly attempt to
allocate from the next class in the list. Without this validation, this
can lead to all kinds of strange behaviour.
Since powerpc_allocate_pmc() is used by both the mpc7xxx and ppc970
classes, add a new global to track which is active (it will never be
both).
Reviewed by: luporl, ray
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31387
Mark Johnston [Mon, 30 Aug 2021 18:22:20 +0000 (14:22 -0400)]
aesni: Avoid a potential out-of-bounds load in aes_encrypt_icm()
Given a partial block at the end of a payload, aes_encrypt_icm() would
perform a 16-byte load of the residual into a temporary variable. This
is unsafe in principle since the full block may cross a page boundary.
Fix the problem by copying the residual into a stack buffer first.
Mitchell Horne [Wed, 2 Jun 2021 15:00:56 +0000 (12:00 -0300)]
xinstall: fix invocation of llvm-strip
When executing strip(1), '--' is passed as an argument to explicitly
terminate the getopt(3) loop. The option parsing in llvm-strip doesn't
support this however, so setting XSTRIPBIN=llvm-strip results in an
unsupported argument error. llvm-strip(1) is otherwise
commandline-compatible with FreeBSD's strip(1), so just use the
documented argument format that is common to both.
Special care needs to be taken for filenames beginning with a '-'.
Reviewed by: arichardson, eugen (earlier version, both)
Discussed with: jilles
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D30614
Rick Macklem [Sun, 29 Aug 2021 23:46:27 +0000 (16:46 -0700)]
nfsd: Make loop calling VOP_ALLOCATE() iterate until done
The NFSv4.2 Deallocate operation loops on VOP_DEALLOCATE()
while progress is being made (remaining length decreasing).
This patch changes the loop on VOP_ALLOCATE() for the NFSv4.2
Allocate operation do the same, instead of stopping after
an arbitrary 20 iterations.
Dimitry Andric [Sun, 29 Aug 2021 14:02:31 +0000 (16:02 +0200)]
xen: Fix warning by adding KERNBASE to modlist_paddr before casting
Clang 13 produces the following warning for hammer_time_xen():
sys/x86/xen/pv.c:183:19: error: the pointer incremented by -2147483648 refers past the last possible element for an array in 64-bit address space containing 256-bit (32-byte) elements (max possible 576460752303423488 elements) [-Werror,-Warray-bounds]
(vm_paddr_t)start_info->modlist_paddr + KERNBASE;
^ ~~~~~~~~
sys/xen/interface/arch-x86/hvm/start_info.h:131:5: note: array 'modlist_paddr' declared here
uint64_t modlist_paddr; /* Physical address of an array of */
^
This is because the expression first casts start_info->modlist_paddr to
struct hvm_modlist_entry * (via vmpaddr_t), and *then* adds KERNBASE,
which is then interpreted as KERNBASE * sizeof(struct
hvm_modlist_entry).
Instead, parenthesize the addition to get the intended result, and cast
it to struct hvm_modlist_entry * afterwards. Also remove the cast to
vmpaddr_t since it is not necessary.
Reviewed by: royger
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D31711
Dimitry Andric [Sun, 29 Aug 2021 15:31:28 +0000 (17:31 +0200)]
Fix -Wformat errors in pfctl on 32-bit architectures
Use PRIu64 to printf(3) uint64_t quantities, otherwise this will result
in "error: format specifies type 'unsigned long' but the argument has
type 'uint64_t' (aka 'unsigned long long') [-Werror,-Wformat]" on 32-bit
architectures.
Dimitry Andric [Sun, 29 Aug 2021 13:53:40 +0000 (15:53 +0200)]
Don't error out on unused but set variables with clang 13
Clang 13.0.0 now has a -Wunused-but-set-variable warning similar to the
one gcc has had for quite a while. Since this triggers *very* often for
our kernel builds, don't make it a hard error, but leave the warning
visible so is some incentive to fix the instances.
Dimitry Andric [Sun, 29 Aug 2021 13:39:16 +0000 (15:39 +0200)]
Remove -simplifycfg-dup-ret from CLANG_OPT_SMALL flags for clang 13
After llvm/clang 13.0.0, the -simplifycfg-dup-ret backend flag is no
longer supported. This was part of CLANG_OPT_SMALL, which is only still
used for stand/i386/boot2 and stand/i386/isoboot, to achieve the very
small binary size required. Luckily clang 13.0.0 does not need any
additional flags for this (I get 240 bytes available when building
boot2).
Kristof Provost [Mon, 16 Aug 2021 19:55:27 +0000 (21:55 +0200)]
pf: Introduce nvlist variant of DIOCGETSTATUS
Make it possible to extend the GETSTATUS call (e.g. when we want to add
new counters, such as for syncookie support) by introducing an
nvlist-based alternative.
Ka Ho Ng [Sun, 29 Aug 2021 08:26:00 +0000 (16:26 +0800)]
vfs: yield in vn_deallocate_impl() loop
Yield at the end of each loop iteration if there are remaining works as
indicated by the value of *len updated by VOP_DEALLOCATE. Without this,
when calling vop_stddeallocate to zero a large region, the
implementation only zerofills a relatively small chunk and returns.
Sponsored by: The FreeBSD Foundation
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D31705
It seems -v only worked for a.out. Remove it, not even keeping the current
nop for compat. Also remove more mentions of a.out format from the man
page.
Reviewed by: dim, emaste
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D31708
Mark Johnston [Sat, 28 Aug 2021 19:50:44 +0000 (15:50 -0400)]
fsetown: Avoid process group lock recursion
Restore the pre-1d874ba4f8ba behaviour of disassociating the current
SIGIO recipient before looking up the specified process or process
group. This avoids a lock recursion in the scenario where a process
group is configured to receive SIGIO for an fd when it has already been
so configured.
Rick Macklem [Sat, 28 Aug 2021 01:31:36 +0000 (18:31 -0700)]
nfscl: Add a VOP_DEALLOCATE() for the NFSv4.2 client
This patch adds a VOP_DEALLOCATE() to the NFS client.
For NFSv4.2 servers that support the Deallocate operation,
it is used. Otherwise, it falls back on calling
vop_stddeallocate().
Rick Macklem [Sat, 28 Aug 2021 01:25:44 +0000 (18:25 -0700)]
vfs_default: Change vop_stddeallocate() from static to global
A future commit to the NFS client uses vop_stddeallocate() for
cases where the NFS server does not support a Deallocate operation.
Change vop_stddeallocate() from static to global so that it can
be called by the NFS client.
Dimitry Andric [Fri, 27 Aug 2021 17:45:43 +0000 (19:45 +0200)]
Fix null pointer subtraction in mergesort()
Clang 13 produces the following warning for this function:
lib/libc/stdlib/merge.c:137:41: error: performing pointer subtraction with a null pointer has undefined behavior [-Werror,-Wnull-pointer-subtraction]
if (!(size % ISIZE) && !(((char *)base - (char *)0) % ISIZE))
^ ~~~~~~~~~
This is meant to check whether the size and base parameters are aligned
to the size of an int, so use our __is_aligned() macro instead.
Also remove the comment that indicated this "stupid subtraction" was
done to pacify some ancient and unknown Cray compiler, and which has
been there since the BSD 4.4 Lite Lib Sources were imported.
efi loader: disallow user to configure staging area size less than default
We need to round it up to 2M, for instance. Having staging area too small
might cause the first resize to use negative size for memmove()/memcpy(),
which kills loader.
Tested by: Harry Schmalzbauer <freebsd@omnilan.de>
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
The definition can be overridden by users, and before f75caed644a5c it
was in MBs. Make the symbol' unit MB, to be compatible with users
customizations.
Reported and tested by: Harry Schmalzbauer <freebsd@omnilan.de>
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
vfs_hash_rehash(): require the vnode to be exclusively locked
Rehash updates v_hash. Also, rehash moves the vnode to different hash
bucket, which should be noticed in vfs_hash_get() after sleeping for
the vnode lock.
Reviewed by: mckusick, rmacklem
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D31464
After vnode lock, recheck v_hash. When vfs_hash_insert() is used with
a predicate, recheck it after the selected vnode is locked. Since
vfs_hash_lock is dropped, vnode could be rehashed during the sleep for
the vnode lock, which could go unnoticed there.
Reported and tested by: pho
Reviewed by: mckusick, rmacklem
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D31464
This affects powerpc64*, making binaries crash with segmentation fault
due to bad code generation around "__stack_chk_guard"
Root cause and/or proper fix is under investigation by:
https://bugs.llvm.org/show_bug.cgi?id=51590
Reviewed by: dim
MFC after: 2 days
Sponsored by: Instituto de Pesquisas Eldorado (eldorado.org.br)
Differential Revision: https://reviews.freebsd.org/D31698
Rick Macklem [Fri, 27 Aug 2021 01:14:11 +0000 (18:14 -0700)]
nfsd: Add support for the NFSv4.2 Deallocate operation
The recently added VOP_DEALLOCATE(9) VOP call allows
implementation of the Deallocate NFSv4.2 operation.
Since the Deallocate operation is a single succeed/fail
operation, the call to VOP_DEALLOCATE(9) loops so long
as progress is being made. It calls maybe_yield()
between loop iterations to allow other processes
to preempt it.
Where RFC 7862 underspecifies behaviour, the code
is written to be Linux NFSv4.2 server compatible.
Colin Percival [Fri, 27 Aug 2021 00:54:53 +0000 (17:54 -0700)]
Add support for recording EC2 AMI Ids in SSM
If SSMPREFIX is specified, AMI Ids will be recorded in the SSM
Parameter Store under the name
${SSMPREFIX}/${ARCH}/${FLAVOUR}/${ROOTFS}/${REVISION}/${BRANCH}
where ARCH is "amd64" or "arm64", FLAVOUR is "base" (but may have
other options in the future), ROOTFS is "ufs" (but may have other
options in the future), and REVISION and BRANCH have their normal
meanings.
FreeBSD will be using the public prefix "/aws/service/freebsd",
resulting in SSM Parameter names which look like
/aws/service/freebsd/amd64/base/ufs/14.0/CURRENT
Alexander Motin [Fri, 27 Aug 2021 00:21:56 +0000 (20:21 -0400)]
pcib(4): Write window registers after resource adjustment
When adjusting resources we should write updated window base/limit into
the registers. Without this newly added address range won't be routed
through the bridge properly.
Use MIN()/MAX() against current window base/limit to not shrink it on
the other side if the window is shared by several resources.
Align passed resource start/end to the set window granularity to keep
it properly aligned. Currently this is mostly called by other bridges
having the same window alignment, but it may be change one day.
Dimitry Andric [Thu, 26 Aug 2021 20:06:49 +0000 (22:06 +0200)]
googletest: Silence warnings about deprecated implicit copy constructors
Our copy of googletest is rather stale, and causes a number of -Werror
warnings about implicit copy constructor definitions being deprecated,
because several classes have user-declared copy assignment operators.
Silence the warnings until we either upgrade or remove googletest.
Dimitry Andric [Thu, 26 Aug 2021 18:53:18 +0000 (20:53 +0200)]
Cleanup compiler warning flags in lib/libefivar/Makefile
There is no need to set -Wno-unused-parameter twice, and instead of
appending to CFLAGS, append to CWARNFLAGS instead. While here, add
-Wno-unused-but-set-variable for the sake of clang 13.0.0.
To fix, discard both positive and negative vhid values in
in_aifaddr_ioctl, if carp(4) is not loaded. This prevents NULL pointer
dereference and kernel panic.
amd64: remove lfence after swapgs on syscall entry
According to the description of SBSS issue at
https://software.intel.com/content/www/us/en/develop/articles/software-security-guidance/technical-documentation/speculative-behavior-swapgs-and-segment-registers.html
lfence after swapgs is needed only for the case when swapgs could be
speculatively executed. Since syscall entry, unlike exception and
interrupt entries, executes swapgs unconditionally, there is no
opportunity for speculation.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D31682
Kristof Provost [Thu, 26 Aug 2021 08:25:57 +0000 (10:25 +0200)]
pf tests: ALTQ priority test
Test that ALTQ can prioritise one type of traffic over another. Do this
by establishing a slow link and saturating it with ICMP echos.
When prioritised TCP connections reliably go through. When not
prioritised TCP connections reliably fail.