Andrew Turner [Tue, 3 Oct 2023 14:03:51 +0000 (15:03 +0100)]
arm64: Set the Guarded Page flag in the kernel
Now the kernel and modules are built with branch protection we can
enablethe Guarded Page flag in the page tables. This causes indirect
branches to a location without a correct landing pad instruction to
raise an exception.
This should help mitigate some attacks where a function pointer is
changed to point somewhere other than the start of the function,
however it doesn't stop an attacker pointing it to an unintended
function.
Reviewed by: alc, scottph (both earlier version), markj
Sponsored by: Arm Ltd
Sponsored by: The FreeBSD Foundation (earlier version)
Differential Revision: https://reviews.freebsd.org/D42080
Andrew Turner [Thu, 12 Oct 2023 14:22:18 +0000 (15:22 +0100)]
libc: Teach libc about the BTI elf note
Add the Branch Target Identification (BTI) note to libc assembly
sources. As all obect files need the note for the library to have it
we need to insert it in all asm files.
Warner Losh [Tue, 21 Nov 2023 03:30:16 +0000 (20:30 -0700)]
stand: bandaide for acpi
Old binaries do not set acpi.rsdp early enough. So when we boot with an
older loader.efi from an ESP that's not been updated, we assume there's
no ACPI on this system. This is unwise. Put a band-aide on this until we
can implement a proper 'feature' variable that the binary reports so we
can do conditionals for things like this in the future.
Tony Hutter [Tue, 21 Nov 2023 00:07:32 +0000 (16:07 -0800)]
ZTS: Fix 'could not unmount datasets' on Alma 9 (#15542)
Many tests are failing on AlmaLinux 9 because ZTS could not destroy the
pool in cleanup. This was due to $PWD being set to '.' instead of the
expected full path. This patch sets $PWD to the full path.
Signed-off-by: Tony Hutter <hutter2@llnl.gov> Reviewed-by: Don Brady <don.brady@delphix.com>
Simon J. Gerraty [Mon, 20 Nov 2023 20:51:25 +0000 (12:51 -0800)]
Fix share/zoneinfo for DIRDEPS_BUILD
The tranditional build makes multiple passes through the tree.
The DIRDEPS_BUILD visits each directory only once per architecture,
thus makefiles should be able to everything they need in a single pass.
The use of TZS!= when doing make(*install*)
only works if the directory has previously been visited to do zoneinfo
since before the zoneinfo target is run TZS will be empty.
To fix this, have the zoneinfo target capture the list of files to
zoneinfo, and install-zoneinfo use that list.
Rename that target to zonefiles - since that is now what it does.
This is more efficient - we only gather the list of zones when it is
likely to have changed, and allows the makefile to do everything in a
single pass.
This is a follow-up patch to https://reviews.freebsd.org/D42459
that modifies the loader lua to use the correct loader variables
for determining ACPI availability.
This also fixes a bug where ACPI can be inadvertently disabled when
setting System Defaults at the loader menu.
Warner Losh [Mon, 20 Nov 2023 03:48:30 +0000 (20:48 -0700)]
math: Move to const instead of __const
There's no reason to use the __const construct here. This is a left-over
from supporting K&R and ANSI compilers in the original Sun msun. All
other K&R crutches have been removed. Remove these as well. There's no
semantic difference. And there's already several others in math.h.
John Baldwin [Sat, 18 Nov 2023 19:31:07 +0000 (11:31 -0800)]
bsdinstall.8: Clarify the description of ZFSBOOT_FORCE_4K_SECTORS
This variable does not set the exact sector size of the pool, but
controls the minimum sector size. The sector size of the underlying
disks can always be larger than the minium controlled by this knob.
John Baldwin [Sat, 18 Nov 2023 19:08:34 +0000 (11:08 -0800)]
vfs mount: Consistently use ENODEV internally for an invalid fstype
Change vfs_byname_kld to always return an error value of ENODEV to
indicate an unsupported fstype leaving ENOENT to indicate errors such
as a missing mount point or invalid path. This allows nmount(2) to
better distinguish these cases and avoid treating a missing device
node as an invalid fstype after commit 6e8272f317b8.
While here, change mount(2) to return EINVAL instead of ENODEV for an
invalid fstype to match nmount(2).
Gordon Bergling [Sat, 18 Nov 2023 09:09:40 +0000 (10:09 +0100)]
Add a HISTORY section for memcpy(3) and mempcpy(3)
The memcpy() function first appeared in AT&T System V UNIX and was
reimplemented for 4.3BSD-Tahoe. The mempcpy() function first appeared in
FreeBSD 13.1.
Warner Losh [Sat, 18 Nov 2023 04:24:00 +0000 (21:24 -0700)]
nvme: Don't use version to listen for events for ns and fw changes
Instead, use the attribtue bits from the identification data to
determine if we should listen to namespace changes and firmware
activation. Should have no functional change, though we may stop
listening for events that will never happen.
Warner Losh [Sat, 18 Nov 2023 03:46:20 +0000 (20:46 -0700)]
pnpinfo: Remove __P
We don't need to compile on a K&R compiler (and we've long ago lost the
ability to do so). It's not even clear if it ever worked with a pure K&R
compiler, but maybe it once did...
Brooks Davis [Sat, 18 Nov 2023 00:48:14 +0000 (00:48 +0000)]
makesyscalls: don't make syscall.mk by default
We only want to produce syscall.mk for the main syscall table so default
to not producing it (send it to /dev/null) and add a syscalls.conf to
sys/kern to trigger the creation of sys/sys/syscall.mk. This eliminates
the need for entries in other syscalls.conf files and is a cleaner
pattern going forward.
Kristof Provost [Fri, 17 Nov 2023 12:52:34 +0000 (13:52 +0100)]
pf: sctp heartbeats confirm a connection
When we create a new state for multihomed sctp connections (i.e.
based on INIT/INIT_ACK or ASCONF parameters) the new connection will
never see a COOKIE/COOKIE_ACK exchange. We should consider HEARTBEAT_ACK
to be a confirmation that the connection is established.
This ensures that such connections do not time out earlier than
expected.
MFC after: 1 week
Sponsored by: Orange Business Services
Kristof Provost [Thu, 16 Nov 2023 19:55:02 +0000 (20:55 +0100)]
pf: skip urpf check for sctp multihomed states
When we create a new state for multihomed sctp connections (i.e.
based on INIT/INIT_ACK or ASCONF parameters) we cannot know what
interfaces we'll be seeing that traffic on. These states are floating
states, i.e. on "all" interfaces. We cannot do reverse path filtering
for these states, so do not do so.
MFC after: 1 week
Sponsored by: Orange Business Services
Kristof Provost [Thu, 16 Nov 2023 16:06:29 +0000 (17:06 +0100)]
pf: always create multihomed states as floating
When we create a new state for multihomed sctp connections (i.e.
based on INIT/INIT_ACK or ASCONF parameters) we cannot know what
interfaces we'll be seeing that traffic on. Make those states floating,
irrespective of state policy.
MFC after: 1 week
Sponsored by: Orange Business Services
Kirk McKusick [Fri, 17 Nov 2023 22:10:29 +0000 (14:10 -0800)]
Ensure I/O buffers in libufs(3) are 128-byte aligned.
Various disk controllers require their buffers to be aligned to a
cache-line size (128 bytes). For buffers allocated in structures,
ensure that they are 128-byte aligned. Use aligned_malloc to allocate
memory to ensure that the returned memory is 128-byte aligned.
While we are here, we replace the dynamically allocated inode buffer
with a buffer allocated in the uufsd structure just as the superblock
and cylinder group buffers do.
This can be removed if/when the kernel is fixed. Because this problem
has existed on one I/O subsystem or another since the 1990's, we
are probably stuck with dealing with it forever.
The problem most recent showed up in Azure, see:
https://reviews.freebsd.org/D41728
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267654
Before these fixes were applied, it was confirmed that the changes
in this commit also fixed the issue in Azure.
Reviewed-by: Warner Losh, kib Tested-by: Souradeep Chakrabarti of Microsoft (earlier version)
PR: 267654
Differential Revision: https://reviews.freebsd.org/D41724
Brooks Davis [Fri, 17 Nov 2023 22:02:09 +0000 (14:02 -0800)]
freebsd: remove __FBSDID macro use
With FreeBSD's switch to git the $FreeBSD$ string is no longer expanded
and they have mostly been removed upstream. Stop using __FBSDID and
remove the no-longer needed sys/cdefs.h includes.
Reviewed-by: Alexander Motin <mav@FreeBSD.org> Signed-off-by: Brooks Davis <brooks.davis@sri.com>
Closes #15527
Alexander Motin [Fri, 17 Nov 2023 22:00:59 +0000 (17:00 -0500)]
ZIO: Optimize zio_flush()
- Generalize vdev_nowritecache handling by traversing through the
VDEV tree and skipping children ZIOs where not supported.
- Remove intermediate zio_null() in case of several VDEV children.
- Remove children handling from zio_ioctl(). There are no other
use cases for this code beside DKIOCFLUSHWRITECACHED, and would there
be, I doubt they would so straightforward apply to all VDEV children.
Comparing to removed previous optimization this should improve cases
of redundant ZILs/SLOGs.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: George Wilson <george.wilson@delphix.com>
Signed-off-by: Alexander Motin <mav@FreeBSD.org>
Sponsored by: iXsystems, Inc.
Closes #15515
Rob N [Fri, 17 Nov 2023 21:25:53 +0000 (08:25 +1100)]
Consider `dnode_t` allocations in dbuf cache size accounting
Entries in the dbuf cache contribute only the size of the dbuf data to
the cache size. Attached "user" data is not counted. This can lead to
the data currently "owned" by the cache consuming more memory accounting
appears to show. In some cases (eg a metadnode data block with all child
dnode_t slots allocated), the actual size can be as much as 3x as what
the cache believes it to be.
This is arguably correct behaviour, as the cache is only tracking the
size of the dbuf data, not even the overhead of the dbuf_t. On the other
hand, in the above case of dnodes, evicting cached metadnode dbufs is
the only current way to reclaim the dnode objects, and can lead to the
situation where the dbuf cache appears to be comfortably within its
target memory window and yet is holding enormous amounts of slab memory
that cannot be reclaimed.
This commit adds a facility for a dbuf user to artificially inflate the
apparent size of the dbuf for caching purposes. This at least allows for
cache tuning to be adjusted to match something closer to the real memory
overhead.
metadnode dbufs carry a >1KiB allocation per dnode in their user data.
This informs the dbuf cache machinery of that fact, allowing it to make
better decisions when evicting dbufs.
Sponsored-by: Klara, Inc. Sponsored-by: Wasabi Technology, Inc. Reviewed-by: Alexander Motin <mav@FreeBSD.org> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Rob Norris <rob.norris@klarasystems.com>
Closes #15511
Mike Karels [Fri, 17 Nov 2023 18:51:18 +0000 (12:51 -0600)]
khelp: suppress useless warning message on shutdown
If a module (e.g. the ertt hhook for TCP) can't clean up at
shutdown, there is nothing to be done about it. In the ertt case,
cleanup is just shutting down a UMA zone, which doesn't need to be
done. Suppress EBUSY warnings on shutdown.
Gleb Smirnoff [Fri, 17 Nov 2023 17:23:58 +0000 (09:23 -0800)]
ng_ksocket: fix upcall clearing on node shutdown
Note: imho, the proper solution would be to guarantee that upcalls
won't ever be called after soclose(), but this isn't the case, yet.
This change at least makes the node work the way it always worked.
Igor Ostapenko [Fri, 17 Nov 2023 16:04:01 +0000 (17:04 +0100)]
pf: fix dummynet + ipdivert use case
Dummynet re-injects an mbuf with MTAG_IPFW_RULE added, and the same mtag
is used by divert(4) as parameters for packet diversion.
If according to pf rule set a packet should go through dummynet first
and through ipdivert after then mentioned mtag must be removed after
dummynet not to make ipdivert think that this is its input parameters.
At the very beginning ipfw consumes this mtag what means the same
behavior with tag clearing after dummynet.
And after fabf705f4b5a pf passes parameters to ipdivert using its
personal MTAG_PF_DIVERT mtag.
Mark Johnston [Fri, 17 Nov 2023 14:29:28 +0000 (09:29 -0500)]
ktls tests: Relax error checking for shutdown(2) a bit
In my test suite runs I occasionally see shutdown(2) fail with
ECONNRESET rather than ENOTCONN. soshutdown(2) will return ENOTCONN if
the socket has been disconnected (synchronized by the socket lock), and
tcp_usr_shutdown() will return ECONNRESET if the inpcb has been dropped
(synchronized by the inpcb lock). I think it's possible to pass the
first check in soshutdown() but fail the second check in
tcp_usr_shutdown(), so modify the KTLS tests to permit this.
Bjoern A. Zeeb [Fri, 17 Nov 2023 12:31:36 +0000 (12:31 +0000)]
mii: add Vitesse/Microsemi VSC8514
The VSC8514 Quad-Port 10/100/1000BASE-T PHY seems to match the handling
for the VSC8504 (for the little we support of what we could) and while
it works with our generic ukphy add it as vscphy for porper display of
names in the system message buffer and the like (or in case we decide
to implement some extra features).
Bjoern A. Zeeb [Wed, 15 Nov 2023 13:13:22 +0000 (13:13 +0000)]
dpaa2: fdt improve detection for dpmac/phys
'pcs-handles' are not mandatory in the device tree here so do not
enforce them. This allows us to find dpmac entries needed for phys
on the WHLE-LS1 as well.
Bjoern A. Zeeb [Fri, 17 Nov 2023 00:47:11 +0000 (00:47 +0000)]
dpaa2: defer link_state updates until we are up
dpaa2_ni_media_change() was called in early setup stages, before we
were fully setup. That lead to internal driver state being all synched
and fine but hardware state was lost/never setup corrently.
Introduce dpaa2_ni_media_change_locked() so we can avoid reccursive
locking and call "dpaa2_ni_media_change()" instead of mii_mediachg()
as the latter does not setup our state there either.
In order for this all to work, call if_setdrvflagbits() just before
rather than after the above.
Also remove an unecessary direct call to dpaa2_ni_miibus_statchg()
which mii_mediachg() will trigger anyway.
This all fixes a problem [1] that one had to lose the link (either
unplugging/replugging the cable or using ifconfig media none;
ifconfig media auto) to re-trigger the all updates and get the
full state programmed when hardware expected.
Bjoern A. Zeeb [Wed, 15 Nov 2023 11:46:44 +0000 (11:46 +0000)]
dpaa2: make software VLANs usable on dpni
dpni announces IFCAP_VLAN_MTU but internally does not increase the
maximum frame length. Createing a vlan interface on top of a dpni
interface will result in full-sized frames not passing.
Extend the maximum frame length by ETHER_VLAN_ENCAP_LEN to allow at
least for one layer of (software) vlans for now
[tcp] add PRR 6937bis heuristic and retire prr_conservative sysctl
Improve Proportional Rate Reduction (RFC6937) by using a
heuristic, which automatically chooses between
conservative CRB and more aggressive SSRB modes.
Only when snd_una advances (a partial ACK), SSRB may be
used. Also, that ACK must not have any indication of
ongoing loss - using the addition of new holes into the
scoreboard as proxy for such an event.
Notable upstream pull request merges:
#15516 da51bd17e Fix snap_obj_array memory leak in check_filesystem()
#15519 35da34516 L2ARC: Restrict write size to 1/4 of the device
#15529 03e9caaec Add a tunable to disable BRT support
Lock the vnode in the most exclusive lock mode requested, once.
All callers already ensure that vp1 != vp2 or are careful enough to only
unlock once otherwise.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D42642
Instead, use a here document for the input. This allows us to run the
while loop in the main script so we can build the list of asserts in
a shell variable. We then print out the list of asserts at the end of
the loop.
John Baldwin [Thu, 16 Nov 2023 00:53:53 +0000 (16:53 -0800)]
pkg: Allocate a suitably-sized string for the local ABI
Previously the local ABI string was written to an on-stack buffer and
the pointer to that buffer was saved in a global before the function
returned. This had two issues: c[ABI].val pointed to a
no-longer-valid on-stack buffer after config_init returned, and the
string could potentially be truncated. Fix both of those by changing
pkg_get_myabi to return a pointer to a string allocated by asprintf.
Note that the allocated string is left in the global config array
until it is implicitly freed on process exit.
Brooks Davis [Wed, 15 Nov 2023 23:42:37 +0000 (23:42 +0000)]
libc: centralize a few numeric symbols
fabs, __infinity, and __nan are universally implemented so declare them
in gen/Symbol.map.
We would also include __flt_rounds, but it's under FBSD_1.3 on arm so
until that's gone we're stuck with it. Likewise, everyone but i386
implements fp[gs]etmask.
Brooks Davis [Wed, 15 Nov 2023 23:41:35 +0000 (23:41 +0000)]
libc: centralize {_,sig,}{set,long}jmp symbols
These symbols are universally exposed and documented so declare them
centrally. Double- and triple-underscore versions exist on some
platforms, but leave those alone for now.