Follow-up r364753 by enabling compiler-rt's atomic implementation only
for clang, as it uses clang specific builtins, and does not compile
correctly with gcc. Note that gcc packages usually come with their own
libatomic, providing these primitives.
Merge commit e6bb4c8e7 from llvm git (by Craig Topper):
[X86] SSE4_A should only imply SSE3 not SSSE3 in the frontend.
SSE4_1 and SSE4_2 due imply SSSE3. So I guess I got confused when
switching the code to being table based in D83273.
Fixes PR47464
This should fix builds with -march=amdfam10 emitting SSSE3 instructions
such as pshufb, which lead to programs crashing with SIGILL on such
processors.
getlogin_r is specified by POSIX to to take a size_t len, not int. Fix our
version to do the same, bump the symbol version due to ABI change and
provide compat.
This was reported to break compilation of Ruby 2.8.
Some discussion about the necessity of the ABI compat did take place in the
review. While many 64-bit platforms would likely be passing it in a 64-bit
register and zero-extended and thus, not notice ABI breakage, some do
sign-extend (e.g. mips).
In r354148 the goal was to check THREAD_CAN_SLEEP() only once for the
purpose of epoch_trace() and for calling subsequent panic, but to keep
code fully under INVARIANTS, so don't use bare function call to panic().
However, at the last stage of review a true value slipped in, while
always false was assumed. I checked that in email archive with kib@.
Randall Stewart [Wed, 9 Sep 2020 11:11:50 +0000 (11:11 +0000)]
So it turns out that syzkaller hit another crash. It has to do with switching
stacks with a SENT_FIN outstanding. Both rack and bbr will only send a
FIN if all data is ack'd so this must be enforced. Also if the previous stack
sent the FIN we need to make sure in rack that when we manufacture the
"unknown" sends that we include the proper HAS_FIN bits.
Note for BBR we take a simpler approach and just refuse to switch.
Sponsored by: Netflix Inc.
Differential Revision: https://reviews.freebsd.org/D26269
certctl: fix hashed link generation with duplicate subjects
Currently, certctl rehash will just keep clobbering .0 rather than
incrementing the suffix upon encountering a duplicate. Do this, and do it
for blacklisted certs as well.
This also improves the situation with the blacklist to be a little less
flakey, comparing cert fingerprints for all certs with a matching subject
hash in the blacklist to determine if the cert we're looking at can be
installed.
Future work needs to completely revamp the blacklist to align more with how
it's described in PR 246614. In particular, /etc/ssl/blacklisted should go
away to avoid potential confusion -- OpenSSL will not read it, it's
basically certctl internal.
PR: 246614
Reviewed by: Michael Osipov <michael.osipov siemens com>
Tested by: Michael Osipov
With suggestions from: Michael Osipov
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26167
Main changes:
* Vim-style expandtab option
* Provides Turkish translation
* Backspace now deletes \ rather than being escaped
* T during motion commands is now VI-compatible
* Encoding related fixes, such as UTF-8 detection
* Fixed a number of memory management issues
This is being addressed as part of a side-patch I'm working on that builds
all the things with WARNS=6, instead of relying on it being supplied in just
shallow parts of the build with higher-level Makefile.inc.
Provide a prototype for mod_main and annotate the thread function argument
as unused.
libc/resolv: attempt to fix the test under WARNS=6
In a side-change that I'm working on to start defaulting src builds to
WARNS=6 where WARNS isn't otherwise specified, GCC6 (and clang, to a lesser
extent) pointed out a number of issues with the resolv tests:
- Global method variable that gets shadowed in run_tests()
- Signed/unsigned comparison between i in run_tests() and hosts->sl_cur
The shadowed variable looks like it might actually be bogus as written, as
we pass it to RUN_TESTS -> run_tests, but other parts use the global method
instead. This change is mainly geared towards correcting that by removing
the global and plumbing the method through from run_tests -> run into the
new thread.
For the signed/unsigned comparison, there's no compelling reason to not just
switch i/nthreads/nhosts to size_t.
The review also included a change to the load() function that was better
addressed by jhb in r365302.
Currently, WITHOUT_PORTSNAP forces WITHOUT_FREEBSD_UPDATE because the
latter relies on phttpget, which lives inside the portsnap build bits.
Remove the dependency between these two options by moving phttpget out into
^/libexec and building/installing it if either WITH_PORTSNAP or
WITH_FREEBSD_UPDATE.
Future work could remove the conditional if it's decided that users will use
it independently of either the current in-base consumers.
Add support for user-supplied callbacks into phys pager operations,
providing custom getpages(), haspage(), and populate() methods
implementations. Pager stores user data ptr/val in the object to
provide context.
Add phys_pager_allocate() helper that takes user ops table as one of
the arguments.
Current code for these methods is moved to the 'default' ops table,
assigned automatically when vm_pager_alloc() is used.
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D24652
Adjust a couple of printf() lines that deal with dumping out addresses
to cast to uintmax_t.
This allows building a 64-bit libofw for use in things like a future
Petitboot loader for PowerPC64, and other FDT platforms that require
a 64-bit loader binary and want to use forth.
John Baldwin [Tue, 8 Sep 2020 22:41:35 +0000 (22:41 +0000)]
Don't return errors from the cryptodev_process() method.
The cryptodev_process() method should either return 0 if it has
completed a request, or ERESTART to defer the request until later. If
a request encounters an error, the error should be reported via
crp_etype before completing the request via crypto_done().
Fix a few more drivers noticed by asomers@ similar to the fix in
r365389. This is an old bug, but went unnoticed since crypto requests
did not start failing as a normal part of operation until digest
verification was introduced which can fail requests with EBADMSG.
geom_part: extend kern.geom.part.check_integrity to work on GPT
There are multiple USB/SATA bridges on the market that unconditionally
cut some LBAs off connected media. This could be a problem
for pre-partitioned drives so GEOM complains and does not create
devices in /dev for slices/partitions preventing access to existing data.
We have kern.geom.part.check_integrity that allows us to correct
partitioning if changed from default 1 to 0 but it works for MBR only.
If backup copy of GPT is unavailable due to decreases number of LBAs,
kernel still does not give access to partitions and prints to dmesg:
GEOM: md0: corrupt or invalid GPT detected.
GEOM: md0: GPT rejected -- may not be recoverable.
This change makes it work for GPT too, so it created partitions in /dev
and prints to dmesg this instead:
GEOM: md0: the secondary GPT table is corrupt or invalid.
GEOM: md0: using the primary only -- recovery suggested.
Then "gpart recover" re-created backup copy of GPT
and allows further manipulations with partitions.
This change is no-op for default configuration having
kern.geom.part.check_integrity=1
Doing it this way eliminates the assumption about homogeneous support
for the feature, since HWCAP values are only set if support is present
on all CPUs.
Reviewed by: tuexen, markj
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D26032
Expose some of the new HWCAP features added in r65304. This includes the
addition of elf_hwcap2 into the sysvec, and a separate function to parse
for those features.
This only exposes features which require no further configuration, e.g.
indicating the presence of certain instructions. Larger features (SVE)
will not be advertised until we actually support them. The exact list of
features/extensions this patch exposes is:
- ARMv8.0-DGH
- ARMv8.0-SB
- ARMv8.2-BF16
- ARMv8.2-DCCVADP
- ARMv8.2-I8MM
- ARMv8.4-LRCPC
- ARMv8.5-CondM
- ARMv8.5-FRINT
- ARMv8.5-RNG
- PSTATE.SSBS
While here, annotate elf_hwcap and elf_hwcap2 as __read_frequently, and
move the declarations to the machine/md_var.h header.
Submitted by: mikael@ (D22314 portion)
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D26031
Differential Revision: https://reviews.freebsd.org/D22314
FreeBSD exports CPU features as bits in the AT_HWCAP and AT_HWCAP2
vectors via elf_aux_info(3). This interface is similar to getauxval(3)
on Linux, and for simplicity to consumers we try to maintain an
identical set of feature flags on arm64.
The first batch of AT_HWCAP flags were added in r350166, corresponding
to definitions that already existed in Linux. Unfortunately, one flag
was missed, and a portion of the values are shifted one bit to the right
as a result.
Add the missing definition for HWCAP_ASIMDHP, and adjust the affected
values to match their Linux counterparts.
Although this is an ABI-breaking change, there is no plan to provide
compat code for old binaries. An audit of our ports tree and other
software via Debian code search indicates that there are not yet any
consumers of this interface for FreeBSD/arm64.
Bump __FreeBSD_version to be on the safe side, in case compat code needs
to be added in the future.
Reviewed by: emaste, manu
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D26329
There's a race where dying vnets move their interfaces back to their original
vnet, and if_epair cleanup (where deleting one interface also deletes the other
end of the epair). This is commonly triggered by the pf tests, but also by
cleanup of vnet jails.
As we've not yet been able to fix the root cause of the issue work around the
panic by not dereferencing a NULL softc in epair_qflush() and by not
re-attaching DYING interfaces.
This isn't a full fix, but makes a very common panic far less likely.
This option was marked as broken because our riscv64-xtoolchain-gcc
package lacked support. Since we are moving away from xtoolchain gcc in
favor of freebsd-gcc9, there should be no issue in enabling this option
by default.
Andrew Turner [Tue, 8 Sep 2020 11:35:35 +0000 (11:35 +0000)]
Add a GPIO driver for the Arm pl061 controller
A PL061 is a simple 8 pin GPIO controller. This GPIO device is used to
signal an internal request for shutdown on some virtual machines including
Arm-based Amazon EC2 instances.
Submitted by: Ali Saidi <alisaidi_amazon.com> (previouss version)
Reviewed by: Ali Saidi, manu
Differential Revision: https://reviews.freebsd.org/D24065
o Enhance dependency loop logging: print full chain instead of the
last link competing the loop;
o Add -g option to generate dependency graph suitable for GraphViz
visualization, loops and other graph generation issues are highlighted
automatically;
o Add -p option that enables grouping items that can be processed in
parallel.
Submitted by: Boris Lytochkin <lytboris at gmail>
Reviewed by: melifaro
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D25389
Note that -525703168 (an int) is 0xe0aa6800 in binary representation.
The partition indexes are actually stored as uint8_t, so that value
was converted / truncated to zero.
[PowerPC] Work around -O miscompile on powerpc 32 bit.
Work around llvm 11 miscompile in 32 bit powerpc that appears to cause ifuncs
to branch to the wrong address by forcing -O2. This worked in previous
versions because -O was mapped to -O2 previously (but is now -O1.)
While here, remove the old temporary workaround from r224882 that does the
opposite thing for powerpc non-DEBUG kernels, bringing it in line with other
platforms that compile at -O2.
This fixes kernel boot on powerpc and powerpcspe after the llvm11 transition.
Ed Maste [Tue, 8 Sep 2020 00:15:18 +0000 (00:15 +0000)]
retire an old NO_CLEAN dependency cleanup hack
We have some hacks to remove stale dependency files for NO_CLEAN
builds that are missed by make's dependency handling. These are
intended to upport ongoing NO_CLEAN builds, and are no longer needed
after a sufficient amount of time elapses.
Mark Johnston [Mon, 7 Sep 2020 23:28:33 +0000 (23:28 +0000)]
vm_object_split(): Handle orig_object type changes.
orig_object->type can change from OBJT_DEFAULT to OBJT_SWAP while
vm_object_split() is sleeping. In this case some pages in new_object
may be left unbusied, but vm_object_split() attempts to unbusy all of
them.
Track the beginning of the busied range. Add an assertion to verify
that pages are not re-added to the source object while sleeping.
[PowerPC] Initialize ELFv1 as a secondary sysvec to ELFv2.
In order to enable VDSO timekeeping, it is necessary that there be exactly
one primary FreeBSD sysvec for each of the host and (optionally) compat32.
So, switch ELFv1 to being a secondary sysvec of ELFv2, so it does not get
double-allocated in the shared page.
Since secondary sysvecs use the same sigcode allocation as the primary,
define both to use the main sigcode64, and adjust the sv_sigcode_base on
ELFv2 after initialization to point to the correct offset.
This has the desirable side effect of avoiding having a separate copy of
the signal trampoline in the shared page. Our sigcode64 was already written
to take advantage of trampoline sharing, it was just not being allocated
that way until now.
Submitted by: jhibbits
Sponsored by: Tag1 Consulting, Inc.
In r178354 with the introduction of multi-bss ("vap") support factoring
out started and with r193340 ieee80211_media_change() no longer returned
ENETRESET but only 0 or error.
As ieee80211(9) tells the ieee80211_media_change() function should not
be called directly but is registered with ieee80211_vap_attach() instead.
Some drivers have not been fully converted. After fixing the return
checking some of these functions were simply wrappers between
ieee80211_vap_attach() and ieee80211_media_change(), so remove the extra
function, where possible as well.
PR: 248955
Submitted by: Tong Zhang (ztong0001 gmail.com) (original)
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
musb/allwinner: add support for configuring phy as well as device mode
At least on Orange Pi PC Plus even the host mode does not work without
enabling the phy and setting it to the host mode.
The driver will now parse dr_mode property and will try to configure
itself and the phy accordingly.
OTG mode is not supported yet, so it is treated as the device / peripheral
mode.
The phy is enabled -- powered on -- only for the host mode.
The device mode requires support from a phy driver, e.g., aw_usbphy on
Allwinner platform.
aw_usbphy does not support the device mode, so it cannnot work yet.
twsi: use tsleep instead of pause for better responsiveness
wakeup() does not have any effect on pause(), so if a transfer was
not finished by the time of the first check, then the thread
would sleep full 30 ms.
To do: protect the transfer and interrupt code with the mutex,
switch from tsleep from msleep
Reviewed by: manu
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D26309
Alan Somers [Sun, 6 Sep 2020 20:32:13 +0000 (20:32 +0000)]
nsswitch.conf(5): recommend placing cache after files
When cache precedes files, and nscd is configured to allow negative caching,
commands like "pw groupadd" can fail. The sequence of events looks like:
1. A command like pkg(8) looks up the group, and finds it absent.
2. pkg invokes pw(8) to add the group
3. pkg queries the group, but nscd says it doesn't exist, since it has a
negative cache entry for that group.
See also: https://lists.freebsd.org/pipermail/freebsd-current/2012-January/031595.html
Turn MALLOC_PRODUCTION into a regular src.conf(5) option
For historical reasons, defining MALLOC_PRODUCTION in /etc/make.conf has
been used to turn off potentially expensive debug checks and statistics
gathering in the implementation of malloc(3).
It seems more consistent to turn this into a regular src.conf(5) option,
e.g. WITH_MALLOC_PRODUCTION / WITHOUT_MALLOC_PRODUCTION. This can then
be toggled similar to any other source build option, and turned on or
off by default for e.g. stable branches.
If object has no dynamic phdr, do not try to dereference NULL. This
means that we cannot process any relocation, and that there cannot be
symbols defined, but it is up to static linker to produce meaningful
objects.
PR: 249121
Reported by: wsh@riski.sh
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Lots of code refactoring, simplification and cleanup.
Lots of new unit-tests providing much higher code coverage.
All courtesy of rillig at netbsd.
Other significant changes:
o new read-only variable .SHELL which provides the path of the shell
used to run scripts (as defined by the .SHELL target).
o variable parsing detects more errors.
o new debug option -dl: LINT mode, does the equivalent of := for all
variable assignments so that file and line number are reported for
variable parse errors.
Lots of code refactoring, simplification and cleanup.
Lots of new unit-tests providing much higher code coverage.
All courtesy of rillig at netbsd.
Other significant changes:
o new read-only variable .SHELL which provides the path of the shell
used to run scripts (as defined by the .SHELL target).
o new debug option -dl: LINT mode, does the equivalent of := for all
variable assignments so that file and line number are reported for
variable parse errors.
Rick Macklem [Sat, 5 Sep 2020 00:50:52 +0000 (00:50 +0000)]
Fix a potential memory leak in the NFS over TLS handling code.
For the TLS case where there is a "user@domain" name specified in the
X.509 v3 certificate presented by the client in the otherName component
of subjectAltName, a gid list is allocated via mem_alloc().
This needs to be free'd. Otherwise xp_gidp == NULL and free() handles that.
(The size argument to mem_free() is not used by FreeBSD, so it can be 0.)
This leak would not have occurred for any other case than NFS over TLS
with the "user@domain" in the client's certificate.
If multiple threads race calling vfs_hash_insert() while creating vnodes
with the same identity, all of the vnodes which lose the race must be
destroyed before any other thread can see them. Previously this was
accomplished by the vput() in vfs_hash_insert() resulting in the vnode's
VOP_INACTIVE() method calling vgone() before the vnode lock was unlocked,
but at some point changes to the the vnode refcount/inactive logic have caused
that to no longer work, leading to crashes, so instead vfs_hash_insert()
must call vgone() itself before calling vput() on vnodes which lose the race.
Xin LI [Fri, 4 Sep 2020 23:36:43 +0000 (23:36 +0000)]
Make zpool on GELI work again.
After OpenZFS import, zpool auto import behavior was moved to an
explicit "zpool import -a", and the zpool rc.d script was added
as a prerequisite of zvol.
However, in r299839, zvol was added as a prerequisite of dumpon,
making it to start very early and before all 'disks' providers.
At this time, dumping on a zvol is not supported, so remove this
requirement and make zpool depend on disks to allow zpool on
full disk encryption work.