ngie [Sat, 10 Aug 2019 15:53:42 +0000 (15:53 +0000)]
tests/sys/opencrypto: enable armv8crypto on aarch64
This change makes required modifications in runtests to also only require the
aesni module on Intel (i386/amd64) platforms, as it is an Intel specific
module.
MFC after: 1 month
MFC to: ^/stable/12 (support not present on ^/stable/11)
Submitted by: Greg V <greg@unrelenting.technology>
Differential Revision: https://reviews.freebsd.org/D21018
brooks [Fri, 9 Aug 2019 23:50:57 +0000 (23:50 +0000)]
Don't add -Wno-class-memaccess with older gcc.
This is a gcc 8.0+ warning which needed to be silenced on for the riscv
build. amd64-xtoolchain-gcc still uses gcc 6.4.0 and does not understand
this flag.
jtl [Fri, 9 Aug 2019 05:18:59 +0000 (05:18 +0000)]
In m_pulldown(), before trying to prepend bytes to the subsequent mbuf,
ensure that the subsequent mbuf contains the remainder of the bytes
the caller sought. If this is not the case, fall through to the code
which gathers the bytes in a new mbuf.
This fixes a bug where m_pulldown() could fail to gather all the desired
bytes into consecutive memory.
PR: 238787
Reported by: A reddit user
Discussed with: emaste
Obtained from: NetBSD
MFC after: 3 days
imp [Thu, 8 Aug 2019 20:09:36 +0000 (20:09 +0000)]
Stopgap fix for gcc platforms.
Our in-tree gcc doesn't have a no-tree-vectorize optimization knob, so we get a
warning that it's unused. This causes the build to fail on all our gcc platforms.
Add a quick version check as a stop-gap measure to get CI building again.
rmacklem [Thu, 8 Aug 2019 20:07:38 +0000 (20:07 +0000)]
Remove some harmless cruft from vn_generic_copy_file_range().
An earlier version of the patch had code that set "error" between
line#s 2797-2799. When that code was moved, the second check for "error != 0"
could never be true and the check became harmless cruft.
This patch removes the cruft, mainly to make Coverity happy.
rmacklem [Thu, 8 Aug 2019 19:53:07 +0000 (19:53 +0000)]
Fix copy_file_range(2) for an unlikely race during hole finding.
Since the VOP_IOCTL(FIOSEEKDATA/FIOSEEKHOLE) calls are done with the
vnode unlocked, it is possible for another thread to do:
- truncate(), lseek(), write()
between the two calls and create a hole where FIOSEEKDATA returned the
start of data.
For this case, VOP_IOCTL(FIOSEEKHOLE) will return the same offset for
the hole location. This could result in an infinite loop in the copy
code, since copylen is set to 0 and the copy doesn't advance.
Usually, this race is avoided because of the use of rangelocks, but the
NFS server does not do range locking and could do a sequence like the
above to create the hole.
This patch checks for this case and makes the hole search fail, to avoid
the infinite loop.
At this time, it is an open question as to whether or not the NFS server
should do range locking to avoid this race.
imp [Thu, 8 Aug 2019 17:48:07 +0000 (17:48 +0000)]
Make arm64 32-bit mode compile with COMPAT_43
The COMPAT_43 option isn't quite like the other compat options, and arm64 makes
attempts to support it in 64-bit mode. In 32-bit compat mode, however, two
syscall implementations that COMPAT_FREEBSD32 assumes will be there are
missing. Provide implementations for these: ofreebsd32_sigreturn (which we'll
never encounter, so implement it as nosys as is done in kern_sig.c) and
ofreebsd32_getpagesize, where we'll always return 4096 since that's the only
PAGE_SIZE we support, similar to how the ia32 implementation does things.
The chain command can be used to chain load another binary.
If veriexec is enabled we should verify it first.
Note that on EFI systems the verification was already done
through firmware, assuming that Secure Boot was enabled there.
kib [Thu, 8 Aug 2019 16:48:19 +0000 (16:48 +0000)]
Fix stack grow for init.
During early stages of kern_exec(), including strings copyout,
p_textvp for init is NULL. This prevented stack grow from working for
init execution.
Without stack gap enabled, initial stack segment size is enough for
strings passed by kernel to init. With the gap enabled, the used
address might fall out of the initial segment, which kills init.
Exclude initproc from the check for contexts which should not cause
stack grow in the target map.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
thj [Thu, 8 Aug 2019 11:43:09 +0000 (11:43 +0000)]
Rename IPPROTO 33 from SEP to DCCP
IPPROTO 33 is DCCP in the IANA Registry:
https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
IPPROTO_SEP was added about 20 years ago in r33804. The entries were added
straight from RFC1700, without regard to whether they were used.
The reference in RFC1700 for SEP is '[JC120] <mystery contact>', this is an
indication that the protocol number was probably in use in a private network.
As RFC1700 is no longer the authoritative list of internet numbers and that
IANA assinged 33 to DCCP in RFC4340, change the header to the actual
authoritative source.
frag6: move public structure into file local space.
Move ip6asfrag and the accompanying IP6_REASS_MBUF macro from
ip6_var.h into frag6.c as they are not used outside frag6.c.
Sadly struct ip6q is all over the mac framework so we have to
leave it public.
This reduces the public KPI space.
MFC after: 3 months
X-MFC: possibly MFC the #define only to stable branches
Sponsored by: Netflix
Consitently put () around return values.
Do not assign variables at the time of variable declaration.
Sort variables. Rename ia to ia6, remove/reuse some variables used only
once or twice for temporary calculations.
Cleanup some comments (start with upper case, ends in punctuation,
use width and do not consume vertical space). Update comments to
RFC8200. Some whitespace changes.
alc [Thu, 8 Aug 2019 06:26:34 +0000 (06:26 +0000)]
Ordinarily, during a superpage promotion or demotion within a pmap, the
pmap's lock ensures that other operations on the pmap don't observe the
old mapping being broken before the new mapping is established. However,
pmap_kextract() doesn't acquire the kernel pmap's lock, so it may observe
the broken mapping. And, if it does, it returns an incorrect result.
This revision implements a lock-free solution to this problem in
pmap_update_entry() and pmap_kextract() because pmap_kextract() can't
acquire the kernel pmap's lock.
cem [Thu, 8 Aug 2019 03:27:46 +0000 (03:27 +0000)]
Disable useless -Wformat-zero-length
It is part of -Wformat, which is enabled by -Wall. Empty format strings are
well defined and it is perfectly reasonable to expect them in a formatting
interface.
jhibbits [Thu, 8 Aug 2019 03:16:32 +0000 (03:16 +0000)]
Change autounmountd(8) to use time_t for duration instead of double
Summary:
autounmountd(8) uses doubles to handle mount time durations. However,
it must convert to integer types, time_t in particular, to do anything
meaningful. Additionally, even though it's a floating-point value in
seconds, the sub-seconds component is never used, so it's unnecessary.
Switching type to time_t fixes an assertion on powerpc64, which checks
that a sleep value that's not -1.0 is greater than 0. On powerpc64, it
happens that the value of -1.0 gets loaded as a float (perhaps a bug in
gcc), but gets compared to a double. This compares as false, so follows
through the 'sleep != -1.0' path, and fails the assert. Since the
sub-second component isn't used in the double, just drop it and deal
with whole-integer seconds.
cem [Thu, 8 Aug 2019 00:42:29 +0000 (00:42 +0000)]
ddb(4): Add 'sysctl' command
Implement `sysctl` in `ddb` by overriding `SYSCTL_OUT`. When handling the
req, we install custom ddb in/out handlers. The out handler prints straight
to the debugger, while the in handler ignores all input. This is intended
to allow us to print just about any sysctl.
There is a known issue when used from ddb(4) entered via 'sysctl
debug.kdb.enter=1'. The DDB mode does not quite prevent all lock
interactions, and it is possible for the recursive Giant lock to be unlocked
when the ddb(4) 'sysctl' command is used. This may result in a panic on
return from ddb(4) via 'c' (continue). Obviously, this is not a problem
when debugging already-paniced systems.
Submitted by: Travis Lane (formerly: <travis.lane AT isilon.com>)
Reviewed by: vangyzen (earlier version), Don Morris <dgmorris AT earthlink.net>
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D20219
asomers [Wed, 7 Aug 2019 20:28:27 +0000 (20:28 +0000)]
Remove the fuse.ko -> fusefs.ko symlink
On FreeBSD 13.0, the fuse driver will always be known as fusefs. The
backwards compatibility symlink will still be used for stable/12 and
stable/11, though.
Reported by: jhibbits
Reviewed by: rgrimes, imp, cem
MFC after: Never
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D21181
dim [Wed, 7 Aug 2019 20:13:43 +0000 (20:13 +0000)]
Fix a possible segfault in wcsxfrm(3) and wcsxfrm_l(3).
If the length of the source wide character string, passed in via the
"size_t n" parameter, is set to zero, the function should only return
the required length for the destination wide character string. In this
case, it should *not* attempt to write to the destination, so the "dst"
parameter is permitted to be NULL.
However, when the internally called _collate_wxfrm() function returns an
error, such as when using the "C" locale, as a fallback wcscpy(3) or
wcsncpy(3) are used. But if the input length is zero, wcsncpy(3) will
be called with a length of -1! If the "dst" parameter is NULL, this
will immediately result in a segfault, or if "dst" is a valid pointer,
it will most likely result in unexpectedly overwritten memory.
Fix this by explicitly checking for an input length greater than zero,
before calling wcsncpy(3).
Note that a similar situation does not occur in strxfrm(3), the plain
character version of this function, as it uses strlcpy(3) for the error
case. The strlcpy(3) function does not write to the destination if the
input length is zero.
oshogbo [Wed, 7 Aug 2019 19:30:33 +0000 (19:30 +0000)]
cap_filergs: limit size of the file name
The limit of the name in fileargs is twice the size of the MAXPATH.
The nvlist will not add an element with the longer name.
We can detect at this point that the path is too big, and simple return
the same error as open(2) would.
cem [Wed, 7 Aug 2019 19:27:14 +0000 (19:27 +0000)]
sbuf(9): Add sbuf_nl_terminate() API
The API is used to gracefully terminate text line(s) with a single \n. If
the formatted buffer was empty or already ended in \n, it is unmodified.
Otherwise, a newline character is appended to it. The API, like other
sbuf-modifying routines, is only valid while the sbuf is not FINISHED.
cem [Wed, 7 Aug 2019 19:25:56 +0000 (19:25 +0000)]
sbuf(9): Refactor sbuf_newbuf into sbuf_new
Code flow was somewhat difficult to read due to the combination of
multiple return sites and the 4x possible dynamic constructions of an
sbuf. (Future consideration: do we need all 4?) Refactored slightly to
improve legibility.
trasz [Wed, 7 Aug 2019 18:14:45 +0000 (18:14 +0000)]
Add cdceem(4) driver, for virtual ethernet devices compliant
with Communication Device Class Ethernet Emulation Model (CDC EEM).
The driver supports both the device, and host side operation; there
is a new USB template (#11) for the former.
This enables communication with virtual USB NIC provided by iLO 5,
as found in new HPE Proliant servers.
mckusick [Wed, 7 Aug 2019 16:56:00 +0000 (16:56 +0000)]
Correct the location of the first backup superblock in fsck_ffs.8.
Make a note in the newfs.8 manual page to update the first backup
superblock location when changing the default fragment size for
the filesystem.
mav [Wed, 7 Aug 2019 14:45:10 +0000 (14:45 +0000)]
Make `camcontrol modepage` support block descriptors.
It allows to read and write block descriptors alike to mode page parameters.
It allows to change block size or short-stroke HDDs or overprovision SSDs.
Depenting on -P parameter the change can be either persistent or till reset.
In case of block size change device may need reformat after the setting.
In case of SSD overprovisioning format or sanitize may be needed to really
free the flash.
During implementation appeared that csio_encode_visit() can not handle
integers of more then 4 bytes, that makes 8-byte LBA handling awkward.
I had to split it into two 4-byte halves now.
MFC after: 1 week
Relnotes: yes
Sponsored by: iXsystems, Inc.
manu [Wed, 7 Aug 2019 13:13:16 +0000 (13:13 +0000)]
ofw: ofw_reg_to_paddr: Use a 256 static array for the cell
Some hardware needs more than 32, bump this value.
We cannot use the _alloc for of getencprop as this function is called
too early in the boot before pmap is initialized and we only have
2k of stack when cninit is called.
manu [Wed, 7 Aug 2019 13:11:53 +0000 (13:11 +0000)]
arm: dts: am33xx: Fix the region for uart0
The region for uart0 is declared to be 0x2000 in size but the parent
node only declare 0x1000.
As the parent only declare a size of 0x1000 in the ranges for it's children
this cause the device to not be mappable.
markj [Wed, 7 Aug 2019 03:14:45 +0000 (03:14 +0000)]
readelf: Close input files when done with them.
The low fd limit used by poudriere exposed an odd failure mode in
cap_fileargs (used by readelf as of r350516). In particular, when
the limit was hit, both the main process and casper service would
block on their shared socket, waiting forever for the other to send a
message.
Reported by: zeising
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
jhb [Wed, 7 Aug 2019 00:53:27 +0000 (00:53 +0000)]
Tidy up the list of auth and encryption algorithms for IPsec stats.
- Use keyed-md5 and keyed_sha1 instead of md5 and sha1 to match
the names accepted by setkey and to also avoid confusion since
these are not "plain" MD5 or SHA1.
- Remove always-true #ifdef's to make the source a bit easier to
read.
- Add missing mappings for tcp-md5, camellia-cbc, and aes-gmac.
asomers [Wed, 7 Aug 2019 00:38:26 +0000 (00:38 +0000)]
fusefs: merge from projects/fuse2
This commit imports the new fusefs driver. It raises the protocol level
from 7.8 to 7.23, fixes many bugs, adds a test suite for the driver, and
adds many new features. New features include:
* Optional kernel-side permissions checks (-o default_permissions)
* Implement VOP_MKNOD, VOP_BMAP, and VOP_ADVLOCK
* Allow interrupting FUSE operations
* Support named pipes and unix-domain sockets in fusefs file systems
* Forward UTIME_NOW during utimensat(2) to the daemon
* kqueue support for /dev/fuse
* Allow updating mounts with "mount -u"
* Allow exporting fusefs file systems over NFS
* Server-initiated invalidation of the name cache or data cache
* Respect RLIMIT_FSIZE
* Try to support servers as old as protocol 7.4
Performance enhancements include:
* Implement FUSE's FOPEN_KEEP_CACHE and FUSE_ASYNC_READ flags
* Cache file attributes
* Cache lookup entries, both positive and negative
* Server-selectable cache modes: writethrough, writeback, or uncached
* Write clustering
* Readahead
* Use counter(9) for statistical reporting
jhb [Tue, 6 Aug 2019 23:22:25 +0000 (23:22 +0000)]
Fix LOCAL_MODULES and improve the make output.
The exists() check guarding the invocation of ls was not working
correctly as it was expanding '$L' to determine the path of the local
modules directory. Fix by using {} around the variable name.
Inline some of the logic from bsd.subdir.mk when invoking local module
builds. This gives output in 'make buildkernel' the same as if there
was a Makefile in /usr/local/sys/modules with SUBDIR =
${LOCAL_MODULES}.
jhb [Tue, 6 Aug 2019 23:15:04 +0000 (23:15 +0000)]
Detect invalid PCI devices more correctly in PCI interrupt router drivers.
- Check for an invalid device (vendor is invalid) before reading the
header type register when examining function 0 of a possible device.
- When iterating over functions of a device, reject any device whose
16-bit vendor is invalid rather than requiring the full 32-bit
vendor+device to be all 1's. In practice the latter check is
probably fine, but checking the vendor is what the PCI spec
recommends.
jeff [Tue, 6 Aug 2019 21:50:34 +0000 (21:50 +0000)]
Add two new kernel options to control memory locality on NUMA hardware.
- UMA_XDOMAIN enables an additional per-cpu bucket for freed memory that
was freed on a different domain from where it was allocated. This is
only used for UMA_ZONE_NUMA (first-touch) zones.
- UMA_FIRSTTOUCH sets the default UMA policy to be first-touch for all
zones. This tries to maintain locality for kernel memory.
tsoome [Tue, 6 Aug 2019 19:27:27 +0000 (19:27 +0000)]
loader.efi: replace HandleProtocol() with OpenProtocol()
The HandleProtocol() is deprecated interface and we should use OpenProtocol()
instead. Moreover, in some firmware implementation(s), the HandleProtocol()
does return device path using static storage, so we can not keep the value
returned there. With same firmware, the OpenProtocol() does return data we
do not need to clone.
imp [Tue, 6 Aug 2019 18:15:26 +0000 (18:15 +0000)]
Fix mismerge.
I merged passthru.c from the wrong branch (it was a branch that went further in
a direction I wound up not taking). Fix the mismerge and turn passthru on.
mckusick [Tue, 6 Aug 2019 18:10:34 +0000 (18:10 +0000)]
A race condition existed between the time a UFS/FFS superblock check
hash was computed and the time that the superblock was copied to a
buffer to be written to disk. The result was a failed superblock
check hash the next time that the superblock was read.
The fix is to compute the check hash after the superblock has been
copied to a buffer to be written.
PR: 236504
Reported by: Peter Holm
Tested by: Peter Holm
Sponsored by: Netflix
kib [Tue, 6 Aug 2019 16:53:25 +0000 (16:53 +0000)]
amd64: prevents speculations over swapgs reload of %gs base.
Such speculations could use user-controlled %gs base, esp. since
FreeBSD supports WRGSBASE instructions.
Place LFENCEs on entry for each basic block after the test for
previous kernel/user mode on the kernel entry, which prevents the
speculation. Code accesses %gs-based PCPU before any serialization
instructions are executed, like %cr3 reload for KPTI.
There is no need for the 64-bit pmap to have a fixed number of page table
buffers. Since the 64-bit pmap has a DMAP, we can effectively have user
page tables limited only by total RAM size.
projects / FreeBSD / FreeBSD.git / log