r348194:
loader: Add pnp functions for autoloading modules based on linker.hints
This adds some new commands to loader :
- pnpmatch
This takes a pnpinfo string as argument and tries to find a kernel module
associated with it. -v and -d option are available and are the same as in
devmatch (v is verbose, d dumps the hints).
- pnpload
This takes a pnpinfo string as argument and tries to load a kernel module
associated with it.
- pnpautoload
This will attempt to load every kernel module for each buses. Each buses are
probed, the probe function will generate pnpinfo string and load kernel module
associated with it if it exists.
Only simplebus for FDT system is implemented for now.
Since we need the dtb and overlays to be applied before searching the tree
fdt_devmatch_next will load and apply the dtb + overlays.
All the pnp parsing code comes from devmatch and is the same at 99%.
r348196:
loader: Remove unused variable
r348204:
Remove yet another unused variable.
r348207:
Initialize a variable to fix build with GCC.
Some of these files using <FOO>_DEBUG defined a DEBUG() macro to serve as a
debug-printf. -DDEBUG is useful to enable some debugging output across
multiple ELF/common parts, so switch the DEBUG-as-printf macros over to
something more like DPRINTF that is more commonly used for this kind of
thing and less likely to conflict.
userboot/elf64_freebsd debugging also assumed %llx for uint64; use PRIx64
instead.
r347219:
loader: use safer DPRINTF body for non-debug case
r347220:
loader: bcache code does not need to check argument for free()
The current console code is printing out 8 spaces for tab, calculate
the amount of spaces based on tab stops.
r347389:
loader: ptable_print() needs two tabs sometimes
Since the partition/slice names do vary in length, check the length
of the fixed part of the line against 3 * 8, if the lenth is less than
3 tab stops, print out extra tab.
use snprintf() instead of sprintf.
r347391:
loader: no-TERM_EMU is broken now
If TERM_EMU is not defined, we do not have curx variable. Use conout mode
for efi and expose get_pos() for i386.
r347393:
loader: use DPRINTF in biosdisk.c and define safe DPRINTF
r345066 did miss biosdisk.c.
Also define DPRINTF as ((void)0) for case we do not want debug printouts.
r347553:
loader: fix memory handling errors in module.c
file_loadraw():
check for file_alloc() and strdup() results.
we leak 'name'.
mod_load() does leak 'filename'.
mod_loadkld() does not need to check fp, file_discard() does check.
r348040:
stand: TARGET_ARCH is spelled MACHINE_ARCH in Makefiles
Add a wrapper around efi_delenv akin to efi_freebsd_getenv and
efi_getenv.
r346703:
Move initialization of the block device handles earlier (we're just
snagging them from UEFI BIOS). Call the device type init routines
earlier as well, as they don't depend on how the console is
setup. This will allow us to read files earlier in boot, so any rare
error messages that this might move only to the EFI console will be an
acceptable price to pay. Also tweak the order of has_kbd so it resides
next to the rest of the console code. It needs to be after we initialize
the buffer cache.
r346704:
Add the proper range of years for Netflix's copyright on this
file. Note that I wrote it.
r346879:
Read in and parse /efi/freebsd/loader.env from the boot device's
partition as if it were on the command line.
Fetch FreeBSD-LoaderEnv UEFI enviornment variable. If set, read in
loader environment variables from it. Otherwise read in
/efi/freebsd/loader.env. Both are read relative to the device
loader.efi loaded from (they aren't full UEFI device paths)
Next fetch FreeBSD-NextLoaderEnv UEFI environment variable. If
present, read the file it points to in as above and delete the UEFI
environment variable so it only happens once.
This lets one set environment variables in the bootloader.
Unfortunately, we don't have all the mechanisms in place to parse the
file, nor do we have the magic pattern matching in place that
loader.conf has. Variables are of the form foo=bar. No quotes are
supported, so spaces aren't allowed, for example. Also, variables like
foo_load=yes are intercepted when we parse the loader.conf file and
things are done based on that. Since those aren't done here, variables
that cause an action to happen won't work.
r346880:
Implement uefi_rootdev
If uefi_rootdev is set in the environment, then treat it like a device
path. Convert the string to a device path and see if we can find a
device that matches. If so, use that device at our root dev no matter
what. If it's bad in any way, the boot will fail.
When set, we ignore all the hints that the UEFI boot manager has set
for us. We also always fail back to the OK prompt when we can't find
the right thing to boot rather than failing back to the UEFI boot
manager. This has the side effect of also expanding the cases where we
fail back to the OK prompt to include when we're booted under UEFI,
but UEFI::BootCurrent isn't set in the environment and we can't find a
proper place to boot from.
r347023:
stand: correct mis-merge from r346879
Small mis-merge from multiple WIP resulted in block io media handles getting
double-initialized. This resulted in some installations oddly landing at the
mountroot prompt.
r347059:
Remove stray '*'
We're storing an EFI_HANDLE, not an pointer to a handle. Since
EFI_HANDLE is a void * anyway, this has little practical effect since
the conversion to / from void * and void ** is silent.
r347060:
When we can't get memory, trying again right away is going to
fail. Rather than print N failure messages, bail on the first one.
r347061:
Substitute boot1 with ${BOOT1}
Allow for other names to be built, so parameterize this makefile to
avoid hard coding boot1.
r347062:
Use SRC+= rather than SRC=
To allow boot1/Makefile to be included, use SRC+= rathern than SRC=
so the including Makefile can add additional sources to the build.
r347193:
Reach over and pull in devpath.c from libefi
This allows us to remove three nearly identical functions because the
differences don't matter, and the size difference is trivial.
r347194:
We only ever need one devinfo per handle. So allocate it outside of
looping over the filesystem modules rather than doing a malloc + free
each time through the loop. In addition, nothing changes from loop to
loop, so setup the new devinfo outside the loop as well.
r347201:
Simplify boot1 allocation of handles.
There's no need to pre-malloc the number of handles. Instead call
LocateHandles twice, once to get the size, and once to get the
data.
Kyle Evans [Thu, 24 Oct 2019 02:46:36 +0000 (02:46 +0000)]
MFC r346701: loader: fdt: Add fdt_is_setup function
When efi_autoload is called it will call fdt_setup_fdtp which setup the
dtb and overlays. If a user already loaded at dtb or overlays or just
printed the efi provided dtb, this will re-setup everything and also
re-applying the overlays.
Test that everything is setup before doing it again.
Add an interface to remove / delete UEFI variables.
r346353:
Minor tweak to the debug
Make it clear we're loading from UFS.
r346407:
Add define for CONST.
Newer interfaces take CONST parameters, so define CONST to minimize
differences between our headers and the standards docs.
r346408:
Add UEFI definitions related to converting string to DEVICE_PATH
Add definitions from UEFI 2.7 Errata B standards doc for converting a
text string to a device path. Added clearly missing 'e' at the end of
Device to resolve mismatch in that document in
EFI_DEVICE_PATH_FROM_TEXT_PROTOCOL element names.
r346409:
Add wrapper functions to convert strings to EFI_DEVICE_PATH
In anticipation of new functionality, create routines to convert char *
and a CHAR16 * to a EFI_DEVICE_PATH
EFI_DEVICE_PATH *efi_name_to_devpath(const char *path);
EFI_DEVICE_PATH *efi_name_to_devpath16(CHAR16 *path);
void efi_devpath_free(EFI_DEVICE_PATH *dp);
The first two return an EFI_DEVICE_PATH for the passed in paths. The
third frees up the storage the first two return when the caller is
done with it.
r346430:
Start to reduce the number of #ifdef EFI_ZFS_BOOT
There's a number of EFI_ZFS_BOOT #ifdefs that aren't needed, or can be
eliminated with some trivial #defines. Remove the EFI_ZFS_BOOT ifdefs
that aren't needed. Replace libzfs.h include which is not safe to
include without EFI_ZFS_BOOT with efizfs.h which is and now
conditionally included libzfs.h. Define efizfs_set_preferred away
and define efi_zfs_probe to NULL when ZFS is compiled out.
r346573:
Move setting of console earlier in boot.
There's no reason we can't setup the console first thing after the
arch flags are setup. We set it undconditionally to efi. This is a
good default, and will get us error messages to at least the efi
console no matter what. This will also prime the pump so that as other
variables are set, they will take effect and the console will be
correct as soon as those env vars are set. Also remove the redundant
setting of the console to efi when we know the console is efi.
r346575:
Create boot_img as a global variable
Get the information from the image that we're booting and store it in
a global variable. Prefer using this to passing it around. Remove the
special case for zfs that set the preferred boot handle by having it
uses this global variable diretly.
Kyle Evans [Thu, 24 Oct 2019 02:36:42 +0000 (02:36 +0000)]
MFC r345998-r346002, r346007-r346008: various loader improvements
r345998:
loader: malloc+bzero is calloc
Replace malloc+bzero in module.c with calloc.
r345999:
loader: file_addmodule should check for memory allocation
strdup() can return NULL.
r346000:
loader: remove pointer checks before free() in module.c
free() does check for NULL argument, remove duplicate checks.
r346001:
loader: file_addmetadata() should check for memory allocation
malloc() can return NULL.
r346002:
loader: mod_loadkld() error: we previously assumed 'last_file' could be null
The last_file variable is used to reset the loadaddr variable back to
original
value; however, it is possible the last_file is NULL, so we can not blindly
trust it. But then again, we can just save the original loadaddr and use
the saved value for recovery.
r346007:
loader: add file_remove() function to undo file_insert_tail().
346002 did miss the fact that we do not only undo the loadaddr, but also
we need to remove the inserted module. Implement file_remove() to do the
job.
r346008:
loader: command_lsefi: ret can be used uninitialized
Kyle Evans [Thu, 24 Oct 2019 02:34:48 +0000 (02:34 +0000)]
MFC r345330: loader: fix loading of kernels with . in path
The loader indended to search the kernel file name (only) for . but
instead searched the entire path, so paths like
"boot/test.elfv2/kernel" would not work.
Kyle Evans [Thu, 24 Oct 2019 02:27:16 +0000 (02:27 +0000)]
MFC r342054-r342055, r342742: loader diagnostics
r342054:
Print an error message in efi_main.c if we can't allocate memory for the
heap
With the default Qemu parameters, only 128MB RAM gets given to a VM. This
causes
the loader to be unable to allocate the 64MB it needs for the heap. This
change
makes the cause of the error more obvious.
r342055:
Cast error message in efi_main.c to CHAR16* to avoid build error
r342742:
loader.efi: efi variable rework and lsefi command added
This update does add diag and debug capabilities to interpret the efi
variables, configuration and protocols (lsefi).
The side effect is that we add/update bunch of related headers.
Kyle Evans [Thu, 24 Oct 2019 02:25:30 +0000 (02:25 +0000)]
MFC r341433: Move inclusion of src.opts.mk later.
src.opts.mk includes bsd.own.mk. This in turn defines CTFCONVERT_CMD
depending on the MK_CTF value. We then set MK_CTF to no, which has no
real effect. The solution is to set all the MK_foo values before
including src.opts.mk.
This should stop the cdboot binary from exploding in size for releases built
WITH_CTF=yes in src.conf.
Dimitry Andric [Mon, 21 Oct 2019 17:45:00 +0000 (17:45 +0000)]
MFC r339524 (by imp):
Add missing options.
WITHOUT_LOADER_LUA is only needed since we turned it off by default on
powerpc and sparc64 in r338203. Same with
WITHOUT_LOADER_GEIL. WITH_NVME, WITHOUT_NVME, WITH_LOADER_FORCE_LE
have been needed since they were added.
MFC r353737:
Provide a src.conf(5) description for the new WITHOUT_CAROOT option, and
rename the WITH_LOADER_VERIEXEC_PASS_MANFIEST description to its correct
name. Also correct a bunch of spelling errors in that description.
Kyle Evans [Mon, 21 Oct 2019 01:24:21 +0000 (01:24 +0000)]
MFC r352711-r352712: Address posix_spawn(3) signal issues
r352711:
rfork(2): add RFSPAWN flag
When RFSPAWN is passed, rfork exhibits vfork(2) semantics but also resets
signal handlers in the child during creation to avoid a point of corruption
of parent state from the child.
This flag will be used by posix_spawn(3) to handle potential signal issues.
r352712:
posix_spawn(3): handle potential signal issues with vfork
Described in [1], signal handlers running in a vfork child have
opportunities to corrupt the parent's state. Address this by adding a new
rfork(2) flag, RFSPAWN, that has vfork(2) semantics but also resets signal
handlers in the child during creation.
x86 uses rfork_thread(3) instead of a direct rfork(2) because rfork with
RFMEM/RFSPAWN cannot work when the return address is stored on the stack --
further information about this problem is described under RFMEM in the
rfork(2) man page.
Addressing this has been identified as a prerequisite to using posix_spawn
in subprocess on FreeBSD [2].
Kyle Evans [Mon, 21 Oct 2019 00:08:34 +0000 (00:08 +0000)]
MFC r351650, r351795-r351796: writemapping accounting for posixshm
r351650:
posixshm: switch to OBJT_SWAP in advance of other changes
Future changes to posixshm will start tracking writeable mappings in order
to support file sealing. Tracking writeable mappings for an OBJT_DEFAULT
object is complicated as it may be swapped out and converted to an
OBJT_SWAP. One may generically add this tracking for vm_object, but this is
difficult to do without increasing memory footprint of vm_object and blowing
up memory usage by a significant amount.
On the other hand, the swap pager can be expanded to track writeable
mappings without increasing vm_object size. This change is currently in
D21456. Switch over to OBJT_SWAP in advance of the other changes to the
swap pager and posixshm.
r351795:
vm pager: writemapping accounting for OBJT_SWAP
Currently writemapping accounting is only done for vnode_pager which does
some accounting on the underlying vnode.
Extend this to allow accounting to be possible for any of the pager types.
New pageops are added to update/release writecount that need to be
implemented for any pager wishing to do said accounting, and we implement
these methods now for both vnode_pager (unchanged) and swap_pager.
The primary motivation for this is to allow other systems with OBJT_SWAP
objects to check if their objects have any write mappings and reject
operations with EBUSY if so. posixshm will be the first to do so in order to
reject adding write seals to the shmfd if any writable mappings exist.
r351650 switched posixshm to using OBJT_SWAP for shm_object
r351795 added support to the swap_pager for tracking writeable mappings
Take advantage of this and start tracking writeable mappings; fd sealing
will use this to reject a seal on writing with EBUSY if any such mapping
exist.
r353644:
libbe(3): add needed bits for be_destroy to auto-destroy some origins
New BEs can be created from either an existing snapshot or an existing BE.
If an existing BE is chosen (either implicitly via 'bectl create' or
explicitly via 'bectl create -e foo bar', for instance), then bectl will
create a snapshot of the current BE or "foo" with be_snapshot, with a name
formatted like: strftime("%F-%T") and a serial added to it.
This commit adds the needed bits for libbe or consumers to determine if a
snapshot names matches one of these auto-created snapshots (with some light
validation of the date/time/serial), and also a be_destroy flag to specify
that the origin should be automatically destroyed if possible.
A future commit to bectl will specify BE_DESTROY_AUTOORIGIN by default so we
clean up the origin in the most common case, non-user-managed snapshots.
r353646:
bectl(8): destroy: use BE_DESTROY_AUTOORIGIN if -o is not specified
-o will force the origin to be destroyed unconditionally.
BE_DESTROY_AUTOORIGIN, on the other hand, will only destroy the origin if it
matches the format used by be_snapshot. This lets us clean up the snapshots
that are clearly not user-managed (because we're creating them) while
leaving user-created snapshots in place and warning that they're still
around when the BE created goes away.
r353663:
libbe(3): Fix destroy of imported BE w/ AUTOORIGIN
Imported BE, much like the activated BE, will not have an origin that we can
fetch/examine for destruction. be_destroy should not return BE_ERR_NOORIGIN
for failure to get the origin property for BE_DESTROY_AUTOORIGIN, because
we don't really know going into it that there's even an origin to be
destroyed.
BE_DESTROY_NEEDORIGIN has been renamed to BE_DESTROY_WANTORIGIN because only
a subset of it *needs* the origin, so 'need' is too strong of verbiage.
This was caught by jenkins and the bectl tests, but kevans failed to run the
bectl tests prior to commit.
r353128:
kern_conf: fully initialize cloned devices with make_dev_args, too
Attempting to initialize si_drv{1,2} with mda_si_drv{1,2} does not work if
you are operating on cloned devices.
clone_create must be called prior to the make_dev* family to create/return
the device on the clonelist as needed. This device is later returned early
in newdev(), prior to si_drv{0,1,2} initialization.
This patch simply breaks out of the loop if we've found a device and
finishes init.
r353129:
Remove the remnants of SI_CHEAPCLONE
SI_CHEAPCLONE was introduced in r66067 for use with cloned bpfs. It was
later also used in tty, tun, tap at points. The rough timeline for being
removed in each of these is as follows:
- r181690: bpf switched to use cdevpriv API by ed@
- r181905: ed@ rewrote the TTY later to be mpsafe
- r204464: kib@ removes it from tun/tap, declaring it unused
I've not yet been able to dig up any other consumers in the intervening 9
years. It is no longer set on any devices in the tree and leaves an
interesting situation in make_dev_sv where we're ok with the device already
being set SI_NAMED.
Dimitry Andric [Sat, 19 Oct 2019 15:58:20 +0000 (15:58 +0000)]
MFC r353655:
Ensure lld respects the WITH/WITHOUT_SHARED_TOOLCHAIN option
Traditionally, toolchain components such as cc, as, and ld have been
built as static executables. The WITH_SHARED_TOOLCHAIN option from
src.conf(5) is meant to link these as regular executables, e.g. using
shared libraries.
The build of ld.lld did not yet check this option. Fix the Makefile so
it will do so now.
Reported by: Mike Cui <cuicui@gmail.com>
PR: 241257
MFC r353545:
Explicitly initialize the memory buffer to store O_ICMP6TYPE opcode.
By default next_cmd() initializes only first u32 of opcode. O_ICMP6TYPE
opcode has array of bit masks to store corresponding ICMPv6 types.
An opcode that precedes O_ICMP6TYPE, e.g. O_IP6_DST, can have variable
length and during opcode filling it can modify memory that will be used
by O_ICMP6TYPE opcode. Without explicit initialization this leads to
creation of wrong opcode.
Reported by: Boris N. Lytochkin
Obtained from: Yandex LLC
Kristof Provost [Fri, 18 Oct 2019 03:38:01 +0000 (03:38 +0000)]
MFC r353443
mountroot: run statfs after mounting devfs
The usual flow for mounting a file system is to VFS_MOUNT() and then
immediately VFS_STATFS().
That's not done in vfs_mountroot_devfs(), which means the
mp->mnt_stat.f_iosize field is not correctly populated, which in turn
causes us to mark valid aio operations as unsafe (because the io size is
set to 0), ultimately causing the aio_test:md_waitcomplete test to fail.
John Baldwin [Thu, 17 Oct 2019 23:29:52 +0000 (23:29 +0000)]
MFC 348779:
Keep the shadow PCIR_COMMAND synced with the real one for pass through.
This ensures that bhyve properly recognizes when decoding is disabled
for BARs on passthru devices. To properly handle writes to the
register, export a pci_emul_cmd_changed function from pci_emul.c that
the pass through device model invokes for config writes that change
PCIR_COMMAND.
John Baldwin [Thu, 17 Oct 2019 23:26:39 +0000 (23:26 +0000)]
MFC 348778,348998: Enable memory and I/O decoding in PCI devices on demand.
348778:
Enable memory and I/O decoding in PCI devices on demand.
Rather than uncoditionally setting the MEMEN and PORTEN bits in
PCIR_COMMAND for PCI devices, set the respective bit when the first
BAR of a given type is added to the device. This more closely matches
what firmware does on bare metal.
BUSMASTEREN is still set unconditionally. Eventually this bit should
move into the device models as not all device models need this set.
348998:
Remove a spurious break when setting up a 64-bit memory BAR.
This was causing 'enbit' to not be initialized in this case.
John Baldwin [Thu, 17 Oct 2019 23:17:56 +0000 (23:17 +0000)]
MFC 348212,348712: Add support for writing to guest memory in the debug server.
348212:
Add support for writing to guest memory in the debug server.
- Add a write_mem counterpart to read_mem to handle writes to MMIO.
- Add support for the GDB 'M' packet to write bytes to the guest's
memory. For MMIO writes, attempt to batch writes up into words.
This is imprecise, but if you write a single 2 or 4-byte aligned
word, it should be treated as a single MMIO write operation.
- While here, tidy up the parsing of the 'm' command used for reading
memory to match 'M'.
348712:
Use parse_integer to avoid sign extension.
Coverity warned about gdb_write_mem sign extending the result of
parse_byte shifted left by 24 bits when generating a 32-bit memory
write value for MMIO. Simplify the code by using parse_integer
instead of unrolled parse_byte calls.
Ian Lepore [Thu, 17 Oct 2019 01:30:37 +0000 (01:30 +0000)]
MFC r353651-r353652
r353651:
Relax the sdhci(4) check that filters out the 1.8v voltage option unless
the slot is flagged as 'embedded'.
The features related to embedded and shared slots were added in v3.0 of
the sdhci spec. Hardware prior to v3 sometimes supported 1.8v on non-
removable devices in embedded systems, but had no way to indicate that
via the standard sdhci registers (instead they use out of band metadata
such as FDT data).
This change adds the controller specification version to the check for
whether to filter out the 1.8v selection. On older hardware, the 1.8v
option is allowed to remain. On 3.0 or later it still requires the
embedded-slot flag to remain.
This is part of the fix for PR 241301 (eMMC not detected on Beaglebone).
Changes to the sdhci_ti driver are also needed for a full fix.
PR: 241301
r353652:
Revert r351218 (by manu). While the changes in r351218 appear to be (and
should be) correct, they lead to the eMMC on a Beaglebone failing to work
in some situations.
The TI sdhci hardware is kind of strange. The first device inherently
supports 1.8v and 3.3v and the abililty to switch between them, and the
other two devices must be set to 1.8v in the sdhci power control register to
operate correctly, but doing so actually makes them run at 3.3v (unless an
external level-shifter is present in the signal path). Even the 1.8v on the
first device may actually be 3.3v (or any other value), depending on what
voltage is fed to the VDDS1-VDDS7 power supply pins on the am335x chip.
Another strange quirk is that the convention for am335x sdhci drivers in
linux and uboot and the am335x boot ROM seems to be to set the voltage in
the sdhci capabilities register to 3.0v even though the actual voltage is
3.3v. Why this is done is a complete mystery to me, but it seems to be
required for correct operation.
If we had complete modern support for the am335x chip we could get the
actual voltages from the FDT data and the regulator framework. But our
am335x code currently doesn't have any regulator framework support.
Reverting to the prior code will get the popular Beaglebone boards working
again.
This is part of the fix for PR 241301, but also requires r353651 for a
complete fix.
Brooks Davis [Tue, 15 Oct 2019 20:08:19 +0000 (20:08 +0000)]
MFC r353329:
msun: Silence new harmless -Wimplicit-int-float-conversion warnings
Clang from trunk recently added a warning for when implicit int-to-float
conversions cause a loss of precision. The code in question is designed
to be able to handle that, so add explicit casts to silence this.
Submitted by: James Clarke <jrtc27@jrtc27.com>
Reviewed by: dim
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D21913
Alexander Motin [Tue, 15 Oct 2019 18:44:28 +0000 (18:44 +0000)]
MFC r352939: Improve latency of synchronous 128KB writes.
Before my ZIL space optimization few years ago 128KB writes were logged
as two 64KB+ records in two 128KB log blocks. After that change it became
~124KB+/4KB+ in two 128KB log blocks to free space in the second block
for another record. Unfortunately in case of 128KB only writes, when space
in the second block remained unused, that change increased write latency by
imbalancing checksum computation time between parallel threads.
This change introduces new 68KB log block size, used for both writes below
67KB and 128KB-sharp writes. Writes of 68-127KB are still using one 128KB
block to not increase processing overhead. Writes above 131KB are still
using full 128KB blocks, since possible saving there is small. Mixed loads
will likely also fall back to previous 128KB, since code uses maximum of
the last 10 requested block sizes.
On a simple 128KB write test with queue depth of 1 this change demonstrates
~15-20% performance improvement.
Alexander Motin [Tue, 15 Oct 2019 18:39:32 +0000 (18:39 +0000)]
MFC r352787: Replace argument checks with assertions.
Those functions are used by kernel, and we can't check all possible argument
errors in production kernel. Plus according to docs many of those errors
are checked by hardware. Assertions should just help with code debugging.
Brooks Davis [Tue, 15 Oct 2019 17:30:12 +0000 (17:30 +0000)]
MFC r353326:
Fix various -Wpointer-compare warnings
This warning (comparing a pointer against a zero character literal
rather than NULL) has existed since GCC 7.1.0, and was recently added to
Clang trunk.
Almost all of these are harmless, except for fwcontrol's str2node, which
needs to both guard against dereferencing a NULL pointer (though in
practice it appears none of the callers will ever pass one in), as well
as ensure it doesn't parse the empty string as node 0 due to strtol's
awkward interface.
Michael Tuexen [Tue, 15 Oct 2019 14:48:00 +0000 (14:48 +0000)]
MFC r353452:
Ensure that local variables are reset to their initial value when
dealing with error cases in a loop over all remote addresses.
This issue was found and reported by OSS_Fuzz in:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18080
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18086
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18121
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18163
Glen Barber [Thu, 10 Oct 2019 17:29:47 +0000 (17:29 +0000)]
MFC r353320:
Rework the logic for installing the pkg(8) configuration.
'quarterly' package sets do not exist for head, so explicitly
install the 'latest' configuration file there. Otherwise,
fall back to the original conditional evaluation to determine
if the 'latest' or 'quarterly' configuration file should be
installed.
As noted by the commit message, callouts are now persistant
and should not be in the auto-zero section of the RQ's and SQ's.
This fixes an assert when using the TX completion event
factor feature with mlx5en(4).
Found by: gallatin@
Sponsored by: Mellanox Technologies
Michael Tuexen [Thu, 10 Oct 2019 14:56:29 +0000 (14:56 +0000)]
MFC r353303:
Validate length before use it, not vice versa.
r353060 should have contained this...
This fixes
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18070
Michael Tuexen [Thu, 10 Oct 2019 14:54:22 +0000 (14:54 +0000)]
MFC r353290:
In r343587 a simple port filter as sysctl tunable was added to siftr.
The new sysctl was not added to the siftr.4 man page at the time.
This updates the man page, and removes one left over trailing whitespace.
Submitted by: Richard Scheffenegger
Differential Revision: https://reviews.freebsd.org/D21619
Michael Tuexen [Thu, 10 Oct 2019 14:52:48 +0000 (14:52 +0000)]
MFC r353145:
Plumb an mbuf leak in a code path that should not be taken. Also avoid
that this path is taken by setting the tail pointer correctly.
There is still bug related to handling unordered unfragmented messages
which were delayed in deferred handling.
This issue was found by OSS-Fuzz testing the usrsctp stack and reported
in
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17794
Michael Tuexen [Thu, 10 Oct 2019 14:51:38 +0000 (14:51 +0000)]
MFC r353123:
Fix a use after free bug when removing remote addresses.
This bug was found by OSS-Fuzz and reported in
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18004
Michael Tuexen [Thu, 10 Oct 2019 14:50:44 +0000 (14:50 +0000)]
MFC r353122:
Plumb an mbuf leak found by Mark Wodrich from Google by fuzz testing the
userland stack and reporting it in:
https://github.com/sctplab/usrsctp/issues/396
Michael Tuexen [Thu, 10 Oct 2019 14:49:49 +0000 (14:49 +0000)]
MFC r353119:
Fix the adding of padding to COOKIE-ECHO chunks.
Thanks to Mark Wodrich who found this issue while fuzz testing the
usrsctp stack and reported the issue in
https://github.com/sctplab/usrsctp/issues/382
Michael Tuexen [Thu, 10 Oct 2019 14:47:39 +0000 (14:47 +0000)]
MFC r353069:
Cleanup sctp_asconf_error_response() and ensure that the parameter
is padded as required. This fixes the followig bug reported by
OSS-Fuzz for the usersctp stack:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17790
Michael Tuexen [Thu, 10 Oct 2019 14:45:59 +0000 (14:45 +0000)]
MFC r353060:
Add missing input validation. This could result in reading from
uninitialized memory.
The issue was found by OSS-Fuzz for usrsctp and reported in
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17780
Martin Matuska [Wed, 9 Oct 2019 22:18:01 +0000 (22:18 +0000)]
MFC r352732:
Sync libarchive with vendor.
Relevant vendor changes:
Issue #1237: Fix integer overflow in archive_read_support_filter_lz4.c
PR #1249: Correct some typographical and grammatical errors.
PR #1250: Minor corrections to the formatting of manual pages
Ed Maste [Wed, 9 Oct 2019 14:35:09 +0000 (14:35 +0000)]
MFC r353021: simplify path handling in sysctl_try_reclaim_vnode
MAXPATHLEN / PATH_MAX includes space for the terminating NUL, and namei
verifies the presence of the NUL. Thus there is no need to increase the
buffer size here.
The sysctl passes the string excluding the NUL, so req->newlen equal to
PATH_MAX is too long.
Andriy Gapon [Wed, 9 Oct 2019 09:40:03 +0000 (09:40 +0000)]
MFC r352591: MFZoL: Retire send space estimation via ZFS_IOC_SEND
Add a small wrapper around libzfs_core's lzc_send_space() to libzfs so
that every legacy ZFS_IOC_SEND consumer, along with their userland
counterpart estimate_ioctl(), can leverage ZFS_IOC_SEND_SPACE to
request send space estimation.
The legacy functionality in zfs_ioc_send() is left untouched for
compatibility purposes.
John Baldwin [Mon, 7 Oct 2019 20:41:55 +0000 (20:41 +0000)]
MFC 351557: Adjust the deprecated warnings for /dev/crypto to be less noisy.
Warn when actual operations are performed instead of when sessions are
created. The /dev/crypto engine in OpenSSL 1.0.x tries to create
sessions for all possible algorithms each time it is initialized
resulting in spurious warnings.