Bjoern A. Zeeb [Mon, 29 Jan 2024 12:51:16 +0000 (12:51 +0000)]
iwlwifi: add the d3 (PM) bits to the Makefile (disabled)
Add the logic to conditionally enable PM for iwlwifi.
This should help suspend/resume in the future.
For now leave it disabled until other preconditional problems are
sorted.
Sponsored by: The FreeBSD Foundation (2023)
MFC after: 3 days
Reviewed by: cc
Differential Revision: https://reviews.freebsd.org/D43647
Bjoern A. Zeeb [Mon, 29 Jan 2024 14:23:01 +0000 (14:23 +0000)]
iwlwifi: adjust to make d3.c compile
struct iwl_mvm_wep_key_cmd ends in a variable sized array but later
is included in another struct followed by the actual
struct iwl_mvm_wep_key in d3.c. Make the array[0] instead of []
to avoid the warning about it being a GNU-extension.
Also include string.h explicitly for memset_after().
MFC after: 3 days
Reviewed by: cc
Differential Revision: https://reviews.freebsd.org/D43647
Bjoern A. Zeeb [Sun, 28 Jan 2024 00:51:23 +0000 (00:51 +0000)]
LinuxKPI: 802.11: fix field order in ieee80211_key_conf
When adding the new field link_id to struct ieee80211_key_conf, it
was erroneously placed at the end of the struct; the zero-length
(variable sized) array for the key always needs to stay last.
Resort fields and add hopefully helpful comment to avoid the problem
in the future.
Fixes: adff403fe7a87
MFC after: 3 days
Reviewed by: cc
Differential Revision: https://reviews.freebsd.org/D43635
Martin Oliveira [Tue, 12 Sep 2023 20:31:00 +0000 (14:31 -0600)]
include/math.h: fix warning with -Wconversion
The way the __fp_type_select macro uses the _Generic expression causes
gcc to throw a warning on valid code if the -Wconversion flag is used.
For example, consider the following program:
#include <math.h>
int main()
{
double x = 1.0;
isnan(x);
return 0;
}
which throws a warning:
$ gcc -Wconversion a.c
a.c:5:15: warning: conversion from 'double' to 'float' may change value [-Wfloat-conversion]
5 | isnan(x);
| ^
This happens because the functions are invoked inside of the _Generic.
Looking at the example of _Generic in the C11 specification, one sees
that the parameters are outside of the _Generic expression (see page 79
here: https://www.open-std.org/jtc1/sc22/wg14/www/docs/n1570.pdf).
When only the user (ALL) is specified explicitly, and the group is
implied, only sudo -u works. Specifying both the user and group, like
(ALL:ALL), is required to:
1. Use sudo -g by itself (with no -u user)
2. Use sudo -u and -g together, with a -g group that is different from
the -u user's primary group
Graham Perrin [Sat, 2 Sep 2023 18:25:52 +0000 (19:25 +0100)]
urndis(4): retrospective, address for hselasky
PR: 273530
Fixes: 08c9016bc61b Add a manpage for the urndis driver.
Signed-off-by: Graham Perrin <grahamperrin@gmail.com>
Reviewed-by: imp, zlei
Pull-request: https://github.com/freebsd/freebsd-src/pull/834
Jessica Clarke [Sat, 3 Feb 2024 01:52:53 +0000 (01:52 +0000)]
bsdinstall: Drop Error from title in netconfig no interfaces dialog
This isn't inherently an error. It is if you're attempting to download
dist tarballs or later install packages, but a FreeBSD system with no
NIC is a reasonable setup to have, especially in a throwaway VM setting,
so we shouldn't say it is one.
Leaving the exit code as 1 is still fine, since auto will ignore it, and
avoids breaking other uses.
Jessica Clarke [Sat, 3 Feb 2024 01:52:37 +0000 (01:52 +0000)]
bsdinstall: Fix netconfig script when no interfaces are present
The script uses [ -z "$INTERFACES" ] to check if the list of interfaces
is empty and will exit early if so, but INTERFACES always contains at
least a space due to the way it appends the list of wireless devices.
Fix this by only adding the space when there are devices to append,
mirroring the behaviour for non-wireless devices above (both will result
in a redundant leading space when the list is non-empty, but that one is
harmless).
Fixes: 159ca5c844cd ("Adapt to new wireless scheme where base wlan interfaces do not show up in ifconfig anymore.")
MFC after: 1 week
Ricardo Branco [Sat, 3 Feb 2024 00:05:05 +0000 (17:05 -0700)]
wc: Do not use st_size if it equals zero
Pseudo-filesystems often cannot compute the size of the file correctly
and report 0 for the size. Ignore the size when it's zero and fallback
to the size unknown code.
Jessica Clarke [Sat, 3 Feb 2024 01:31:11 +0000 (01:31 +0000)]
Revert "bsdinstall: separate out dist selection in prep for pkgbase support"
Firstly, my review comments were not addressed and instead totally
ignored. Secondly, and a more valid justification for the revert, this
completely breaks the installer, since selectdists isn't installed.
Given the blatant lack of testing, back out this commit until it has
actually been tested and review comments taken on board so that the
installer actually works.
Lexi Winter [Fri, 2 Feb 2024 21:46:14 +0000 (14:46 -0700)]
traceroute6: remove -l flag
The -l flag was used to tell traceroute6(8) to show both hostname and
address for each hop. However, traceroute(8) already does this by
default, and there's no reason for traceroute6 to behave differently.
Make this the default behaviour, and accept -l for backward
compatibility as a no-op flag.
Cy Schubert [Fri, 2 Feb 2024 21:10:22 +0000 (13:10 -0800)]
OpenSSL: Vendor import of OpenSSL 3.0.13
* Fixed PKCS12 Decoding crashes ([CVE-2024-0727])
* Fixed Excessive time spent checking invalid RSA public keys
([CVE-2023-6237])
* Fixed POLY1305 MAC implementation corrupting vector registers on
PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129])
* Fix excessive time spent in DH check / generation with large Q
parameter value ([CVE-2023-5678])
Release notes can be found at
https://www.openssl.org/news/openssl-3.0-notes.html.
Jessica Clarke [Fri, 2 Feb 2024 21:17:23 +0000 (21:17 +0000)]
bsd.subdir.mk: Drop broken optimisation for realinstall parallelisation
Not all of the tree is happy for realinstall to be done in parallel. In
particular, Makefile.inc1 uses .WAIT to force etc to be installed after
earlier subdirectories, since etc calls into share/man's makedb to run
makewhatis on the tree and needs all manpages to have been installed.
Also, libexec/Makefile doesn't set SUBDIR_PARALLEL, and the link from
ld-elf32.1 to ld-elf.1 relies on rtld-elf having been installed before
rtld-elf32, otherwise creating the link will fail.
In general, core behavioural differences like this between NO_ROOT and
"normal" builds are also dangerous and confusing.
If this optimisation is deemed important, it should be reintroduced in a
more limited and robust manner that doesn't break the above situations.
Until then value correctness over slight efficiency gains on high core
count machines, the same machines where you're more likely to encounter
issues from this optimisation.
This reverts commits cd19ecdbdc87 ("Similar to r296013 for NO_ROOT,
force SUBDIR_PARALLEL for buildworld WORLDTMP staging.") and b9c6f3168112 ("Add more STANDALONE_SUBDIR_TARGETS.").
Found by: CheriBSD Jenkins
Reviewed by: bdrewery, brooks
Fixes: cd19ecdbdc87 ("Similar to r296013 for NO_ROOT, force SUBDIR_PARALLEL for buildworld WORLDTMP staging.")
Fixes: b9c6f3168112 ("Add more STANDALONE_SUBDIR_TARGETS.")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43705
Warner Losh [Fri, 2 Feb 2024 01:37:12 +0000 (18:37 -0700)]
loader: Font module is EFI dependent
The font module is part of the gfx_fb support. Since we share this file
between EFI and kboot, we only want to pass the font data to the kernel
when we're booting from EFI, not kboot.
Warner Losh [Wed, 31 Jan 2024 23:54:19 +0000 (16:54 -0700)]
libsa: Move hash functions up a level
This should have no functional change. Move compiling the sha256, sha512
and md5 hash functions up into libsa to allow them to be used elsewhere
in the boot loader when geli isn't configured. Since libsa is a .a, these
won't wind up in any boot loader that doesn't reference them, so should
be a nop.
Stephan de Wit [Fri, 2 Feb 2024 19:17:14 +0000 (12:17 -0700)]
axgbe: Various link stability and module compatibilty improvements
Move the phy_stop() routine to if_detach() to prevent link interruptions
when configuring the interface. Accompanying this is a sanity check
using phy_started, which was already there but remained unused. We do
not move phy_start(), as the logic there is needed for any init routine,
be it attach or start.
Also bring in the linux PMA_PLL change which addresses the flapping of
back-to-back fiber connections.
Use miibus for SFP PHYs up to 1G copper. We retry in cases where the PHY
is not directly reachable. Set the correct IFM_100_SGMII flag when the
phy speed has been set to 100. We remove xgbe_phy_start_aneg() since
it's handled by miibus.
Add support for 100 and 1000 BASE-BX fiber modules
Add support for 25G multirate DACs which are capable of 10G.
While here, also fixup the LINK_ERR state. It was impossible to recover
from this previously.
[[ Note: light style fixes by imp, slight commit message adjustment,
and a warning that I don't have the hardware to validate, but
the changes do track the commit message and seem otherwise OK ]]
quick_exit() can call other functions, and we don't guarantee it calls
std::terminate should those other functions throw exceptions. And to
make it do so has ABI complications for libc. Until that's sorted out,
revert this noexcept (but leave a comment behind so people will find
this commit message)
Stéphane Rochoy [Thu, 21 Dec 2023 14:05:58 +0000 (15:05 +0100)]
stand/lua: always allow overriding with local config files
Loader now also read configuration files listed in local_loader_conf_files.
Files listed here are the last ones read. And /boot/loader.conf.local was
moved from loader_conf_files to local_loader_conf_files leaving only
loader.conf and device.hints in loader_conf_files by default.
The idea is to ensure local_loader_conf_files, i.e., /boot/loader.conf.local,
can always be used to override other user defined settings.
Stéphane Rochoy [Thu, 4 May 2023 07:23:47 +0000 (09:23 +0200)]
stand/lua: per-product conf if requested via product_vars
If product_vars is set, it must be a space separated list of environment
variable names to walk through to guess the product. Each time a product can be
guessed (i.e., the corresponding variable is defined), prepend
/boot/loader.conf.d/PRODUCT/ to loader_conf_dirs.
Stéphane Rochoy [Thu, 21 Dec 2023 14:05:58 +0000 (15:05 +0100)]
stand/lua: always allow overriding with local config files
Loader now also read configuration files listed in local_loader_conf_files.
Files listed here are the last ones read. And /boot/loader.conf.local was
moved from loader_conf_files to local_loader_conf_files leaving only
loader.conf and device.hints in loader_conf_files by default.
The idea is to ensure local_loader_conf_files, i.e., /boot/loader.conf.local,
can always be used to override other user defined settings.
Stéphane Rochoy [Thu, 4 May 2023 07:23:47 +0000 (09:23 +0200)]
stand/lua: per-product conf if requested via product_vars
If product_vars is set, it must be a space separated list of environment
variable names to walk through to guess the product. Each time a product can be
guessed (i.e., the corresponding variable is defined), prepend
/boot/loader.conf.d/PRODUCT/ to loader_conf_dirs.
regex: fix freeing g->charjump in low memory condition
computejumps() moves g->charjump to a position relativ to the value of
CHAR_MIN. As such, g->charjump doesn't necessarily point to the address
actually allocated. While regfree() takes that into account, the low
memory handling in regcomp_internal() doesn't. Fix that by free'ing
the actually allocated address, as in regfree().
- 223.backup-zfs would previously honour the daily_backup_zfs_verbose
flag for zfs/zpool list, but not for the properties list. fix it to
show a diff for both of these if requested.
- if daily_backup_zfs_verbose was disabled, 223.backup-zfs would still
set rc=1 if the backup files changed, which caused periodic(8) to send
a useless email even if daily_show_success=NO was set.
change this so that it only sets rc=1 if diff output is enabled, i.e.
the output is actually useful to the admin.
Lexi Winter [Fri, 2 Feb 2024 16:41:40 +0000 (09:41 -0700)]
sys/cdefs.h: add __noexcept and __noexcept_if
These macros provide the C++11 noexcept and noexcept(...) keywords if
we're compiling in a C++11 environment. Otherwise, they expand to an
empty string.
This will be used to add the required noexcept specifier to several libc
functions as required in C++11.
Kristof Provost [Thu, 1 Feb 2024 17:59:36 +0000 (18:59 +0100)]
pf: ensure dummynet gets the correct direction after route-to
If we apply a route-to to an inbound packet pf_route() may hand that
packet over to dummynet. Dummynet may then delay the packet, and later
re-inject it. This re-injection (in dummynet_send()) needs to know
if the packet was inbound or outbound, to call the correct path for
continued processing.
That's done based on the pf_pdesc we pass along (through
pf_dummynet_route() and pf_pdesc_to_dnflow()). In the case of pf_route()
on inbound packets that may be wrong, because we're called in the input
path, and didn't update pf_pdesc->dir.
This can manifest in issues with fragmented packets. For example, a
fragmented packet will be re-fragmented in pf_route(), and if dummynet
makes different decisions for some of the fragments (that is, it delays
some and allows others to pass through directly) this will break.
The packets that pass through dummynet without delay will be transmitted
correctly (through the ifp->if_output() call in pf_route()), but
the delayed packets will be re-injected in the input path (and not
the output path, as they should be). These packets will pass through
pf_test(PF_IN) as they're tagged PF_MTAG_FLAG_DUMMYNET. However,
this tag is then removed and the packet will be routed and enter
pf_test(PF_OUT) where pf_reassemble() will hold them indefinitely
(as some fragments have been transmitted directly, and will never hit
pf_test(PF_OUT)).
The fix is simple: we must update pf_pfdesc->dir to PF_OUT before we
pass the packet to dummynet.
Lexi Winter [Fri, 2 Feb 2024 16:17:19 +0000 (09:17 -0700)]
.gitignore: add sys/*/compile
Files in sys/*/compile are created when compiling the kernel with
config(8). They are never source files and should never be committed to
source control, so list this entire directory in .gitignore. While not
the official way to build the kernel, it's often useful to debug
sys/conf/files* changes when adding new drivers, etc.
Mina Galić [Fri, 2 Feb 2024 15:35:46 +0000 (08:35 -0700)]
kldxref: Fix maketempfile function's way of finding the root dir
Rather than assuming that the "root" is passed as directory and will be
marked by a trailing slash, we just assume that the directory, which has
been checked previously to be a directory, is a directory.
This fixes an inconsistency between `kldxref /boot/modules`, which tries
to create the temp file in `/boot/`, and `kldxref /boot/modules/`, which
tries to create it in `/boot/modules/` itself.
Mark Johnston [Fri, 2 Feb 2024 14:23:53 +0000 (09:23 -0500)]
libthr: Force the thr_wake() symbol to be resolved during initialization
Otherwise the lock upgrade performed by rtld's load_filtees() can result
in infinite recursion, wherein:
1. _rtld_bind() acquires the bind read lock,
2. the source DSO's filtees haven't been loaded yet, so the lock upgrade
in load_filtees() cause rtld to jump to _rtld_bind() and release the
bind lock,
3. _thr_rtld_lock_release() calls _thr_ast(), which calls thr_wake(),
which hasn't been resolved yet,
4. _rtld_bind() acquires the bind read lock in order to resolve
thr_wake(),
5. ...
See the linked pull request for an instance of this problem arising with
libsys. That particular instance is also worked around by commit e7951d0b04e6.
Lexi Winter [Fri, 2 Feb 2024 15:29:01 +0000 (08:29 -0700)]
share/examples/IPv6/USAGE: remove
This document dates from the KAME days and, among other things,
references the 'prefix' command which has not existed for a long time.
Since IPv6 configuration is now documented in the Handbook, remove this
obsolete file.
In order to atomically upgrade the rtld bind lock, load_filtees() may
trigger a longjmp back to _rtld_bind() so that the binding can be done
with the write lock held. However, the write lock is only needed when
filtee objects haven't already been loaded, so move the
lock_restart_for_upgrade() call to avoid unnecessary lock upgrades when
a filtee is defined.
Emmanuel Vadot [Fri, 2 Feb 2024 10:39:51 +0000 (11:39 +0100)]
Revert "pkgbase: Create a FreeBSD-dtb package"
Somehow this doesn't work iwth make packages due to some kind of a race.
The package is first created correctly but later in the process it is
overwritten by a badly created empty package.
Revert in the mean time so we can have working pkgbase on arm/arm64
Cy Schubert [Fri, 2 Feb 2024 04:39:16 +0000 (20:39 -0800)]
OpenSSL: Vendor import of OpenSSL 3.0.13
* Fixed PKCS12 Decoding crashes ([CVE-2024-0727])
* Fixed Excessive time spent checking invalid RSA public keys
([CVE-2023-6237])
* Fixed POLY1305 MAC implementation corrupting vector registers on
PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129])
* Fix excessive time spent in DH check / generation with large Q
parameter value ([CVE-2023-5678])
Release notes can be found at
https://www.openssl.org/news/openssl-3.0-notes.html.
Gleb Smirnoff [Thu, 1 Feb 2024 21:37:26 +0000 (13:37 -0800)]
tests/netinet: add a demo of TCP implied connect
The TCP implied connect is an artifact left after T/TCP. To my surprise
it still works, hence the existence of this test. Please read this email
first:
An interesting fact that this test takes 220 - 240 milliseconds to
execute on my Threadripper PRO. Flipping the '#if 0' to '#if 1' in the
test, thus bringing it back to normal connect(2), would speed the test up
a hundred times and I guess all this time is fork+exec of the test.