Older entries in this file are left alone as hard-coding lib32 as
they're not worth the churn; downstreams will have already moved past
them (in particular, CheriBSD, which adds additional libcompats).
bsd.compat.mk Extract _ALL_LIBCOMPATS and add related variables
Adding these to a new bsd.compat.pre.mk will allow other parts of the
tree to iterate over the set of possible libcompats (upper and/or lower)
rather than having to hard-code the list.
Mike Karels [Wed, 26 Jul 2023 15:56:52 +0000 (10:56 -0500)]
netstat -i: compute most field widths dynamically
The network and address fields were sometimes truncated for netstat -i
without -W, and often much too wide for netstat -i with the -W option.
Fields such as normal packet counts often overflowed. As a result,
columns didn't line up, and large white spaces made it harder to
follow a line across the display. Change the code to compute the
required field sizes for network, address, and various packet counts.
Hoist the code to format network and address into a subroutine that
can be called twice, once to measure the required field widths,
and once to emit the values. Use separate field widths for input
and output packets, byte counts, and error and drop counters.
These are left at defaults (the preceding values) with the -h
option, in which case the fields have a limited total width.
An extra space is included between the Network and Address, which
otherwise seemed too close.
Change the mention of -W with -i in the man page to say that most
field widths are computed dynamically in this case.
When we are sending terminating signal to the group, killpg() needs
to guarantee that all group members are to be terminated (it does not
need to ensure that they are terminated on return from killpg()). The
pg_killsx change eliminates the largest window there, but still, if
a multithreaded process is signalled, the following could happen:
- thread 1 is selected for the signal delivery and gets descheduled
- thread 2 waits for pg_killsx lock, obtains it and forks
- thread 1 continue executing and terminates the process
This scenario allows the child to escape still.
Fix it by single-threading forking parent if a conflict with pg_killsx
is noted. We try to lock pg_killsx without sleeping, and failure to
acquire it means that a parallel killpg(2) is executed. Then, stop
other threads for running and in particular, receive signals, to avoid
the situation explained above.
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D41128
There is still a leakage of the p_killpg_cnt, some but not all sources
of which were identified.
Second, and more important, is that there is a fundamental issue with
blocked signals having KSI_KILLPG flag set. Queueing of such signal
increments p_killpg_cnt, but it cannot be decremented until the signal
is delivered. If, for instance, a single-threaded process with blocked
signal receives killpg-kill and executes fork(2), the fork enter check
returns with ERESTART. And since signal is blocked, the condition
cannot be cleared.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D41128
Marius Strobl [Wed, 26 Jul 2023 11:08:37 +0000 (13:08 +0200)]
base: Remove support for the VTOC8 partitioning scheme
The removal of the sparc64 support in February 2020 obsoleted the
VTOC8 partitioning scheme as no other FreeBSD platform makes use
of it. Moreover, the code is bitrotting as nothing defines e. g.
LOADER_VTOC8_SUPPORT any more and, thus, should go now, too. With
this change, the following commits are reverted as far as VTOC8
is concerned and parts haven't already previously been deleted
along with prior sparc64 removals: 094fcb157d4c98211899cf09d06e2cf19149b7e0 a7d366e9589c95feda6f3bc78c59c6355d51f126 ba8d50d08b9df4e8213f9a6997ff6792ecebcd9b
Marius Strobl [Sun, 23 Jul 2023 16:58:42 +0000 (18:58 +0200)]
gif(4): Assert that gif_output() isn't called for EtherIP
With the current implementation of if_bridge(4), bridge_enqueue()
calls gif_transmit() only. Ensure it stays that way so that the
expectations in both drivers are either met or changed accordingly.
The code added in c89c8a1029860182eece5d51ec09119b9500e5a1 in order
to compensate possible misalignment caused by prepending the IP4/6
header with an EtherIP one got broken at some point by a rewrite of
gif(4). For better or worse, 8018ac153f7671699ca008f31c0fad9caef2f531
relaxed the alignment of struct ip from 32 bit to 16 bit, though. As
a result, a 16 bit offset of the IPv4 header induced by the addition
of the 16 bit EtherIP one no longer is a problem in the first place.
The alignment of struct ip6_hdr currently is even only 8 bit, making
it even less problematic with regards to possible misalignment.
Thus, remove the code for handling misalignment in in{,6}_gif_output()
altogether again.
While at it, replace the 3 bcopy(9) calls in gif(4) with memcpy(9) as
there's no need to handle overlap here.
Add quitclean command to fsdb(8) to request a filesystem not be marked dirty.
A new command, quitclean, is added to fsdb(8) to request that the
filesystem not be marked as needing a full fsck(8). This is useful
when creating deliberately bad filesystem images to be used to check
that fsck is properly able to clean them up.
MFC-after: 1 week Sponsored-by: The FreeBSD Foundation
Have fsdb(8) only mark a filesystem dirty when it is modified.
Until this update, the fsdb(8) command always marked a filesystem
as needing a full fsck unless it was run with the -n flag which
allowed no changes to be made.
This change tracks modifications to the filesystem. Two types of
changes are tracked. The first type of changes are those that are
not critical to the integrity of the filesystem such as changes to
owner, group, time stamps, access mode, and generation number. The
second type of changes are those that do affect the integrity of
the filesystem including zeroing inodes, changing block pointers,
directory entries, link counts, file lengths, file types, and file
flags.
When quitting having made no changes or only changes to data that
is not critical to filesystem integrity, the clean state of the
filesystem is left unchanged. But if filesystem critical data are
changed then fsdb will set the unclean flag which will require a
full fsck to be run before the filesystem can be mounted.
MFC-after: 1 week Sponsored-by: The FreeBSD Foundation
mac_ipacl: new MAC policy module to limit jail/vnet IP configuration
The mac_ipacl policy module enables fine-grained control over IP address
configuration within VNET jails from the base system.
It allows the root user to define rules governing IP addresses for
jails and their interfaces using the sysctl interface.
Mike Karels [Tue, 25 Jul 2023 23:59:52 +0000 (18:59 -0500)]
arm64 lib32: enable building of lib32 on arm64
Enable LIB32 option on aarch64, defaulting to YES; it had defaulted
to "broken". Add required variables for how to compile lib32 on
arm. Use /usr/include/arm for armv7 (32-bit) headers, analogous to
/usr/include/i386 on amd64. Omit libomp from lib32; it is not
supported on armv7.
Mike Karels [Tue, 25 Jul 2023 23:59:26 +0000 (18:59 -0500)]
arm64 lib32: prepare arm64 headers to redirect to arm
In order to compile lib32 libraries and other 32-bit code on arm64,
<machine/foo.h> needs to be redirected to an arm header rather
than arm64 when building with -m32. Ifdef the arm64 headers that
are installed in /usr/include/machine and used by user-level software
(including references from /usr/include/*.h) so that if __arm__ is
defined when including the arm64 version, <arm/foo.h> is included
rather than using the rest of the file's contents. Some arm headers
had no arm64 equivalent; headers were added just to do the redirection.
These files use #error if __arm__ is not defined to guard against
confusion. Also add an include/arm Makefile, and modify Makefiles
as needed to install everything, including the arm files in
/usr/include/arm. fenv.h comes from lib/msun/arm/fenv.h.
The new arm64 headers are:
acle-compat.h
cpuinfo.h
sysreg.h
Mike Karels [Tue, 25 Jul 2023 23:58:51 +0000 (18:58 -0500)]
arm64 lib32: change clang to allow -m32 on arm64
The FreeBSD driver support for clang tested explicitly for 32-bit
Intel, MIPS, or PowerPC targets where /usr/lib32/libcrt1.o was
present to decide whether -m32 should use /usr/lib32. At jrtc27's
suggestion, simply test for a 32-bit platform rather than adding
arm to the list. Upstreamed as
https://github.com/llvm/llvm-project/commit/3450272fc281979388bb845a9fffb59b42cc2e7e
Bump the freebsd version to force a bootstrap build. This is one
step in adding support for -m32 on arm64.
Reviewed by: jrtc27, brooks, dim
Differential Revision: https://reviews.freebsd.org/D40943
Mike Karels [Tue, 25 Jul 2023 23:58:29 +0000 (18:58 -0500)]
Makefile.inc1: add LIBCOMPAT_INCLUDE_DIRS to reduce arch ifdefs
In preparation for adding support for building lib32 on arm64,
add a list of architecture-specific include directories,
LIBCOMPAT_INCLUDE_DIRS, then replace the architecture-specific
ifdefs throughout the file with simple loops. Another commit
will add a definition of LIBCOMPAT_INCLUDE_DIRS for aarch64.
vmm and libvmmapi already have handlers for that. When adding debug
cpus, they were only used for the debug stub. Over time, they were
reused by other parts like snapshots or idle APs.
Corvin Köhne [Fri, 23 Jun 2023 06:31:38 +0000 (08:31 +0200)]
bhyve: do not hold CRB mutex when executing TPM commands
TPM commands can take up to several seconds to execute. If we hold the
CRB mutex while executing the command, MMIO accesses could be blocked
for a long time. Therefore, just copy all required values and work on
the copied values.
RELNOTES: add a note about lua config files in loader
Scripted configuration can make safer some use-cases that currently use
local.lua, but don't actually need to access external resources to make
their changes. Let's note the new feature in RELNOTES.
Mark Johnston [Mon, 24 Jul 2023 22:47:42 +0000 (18:47 -0400)]
amd64: Use a larger boot stack
With sanitizers enabled, it becomes possible to overflow the stack when
only a single page is used. Follow arm64's example and use the default
kernel stack size instead. This is a bit wasteful, but without a guard
page, overflow merely corrupts adjacent .bss entries and is thus
difficult to debug.
Note, with a GENERIC kernel we already consume over half of the
available boot stack space, see the review for an example.
Reviewed by: kib
Reported by: Jenkins
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41166
vnode read(2)/write(2): acquire rangelock regardless of do_vn_io_fault()
To ensure atomicity of reads against parallel writes and truncates,
vnode lock was not enough at least since introduction of vn_io_fault().
That code only take rangelock when it was possible that vn_read() and
vn_write() could drop the vnode lock.
At least since the introduction of VOP_READ_PGCACHE() which generally
does not lock the vnode at all, rangelocks become required even
for filesystems that do not need vn_io_fault() workaround. For
instance, tmpfs.
PR: 272678
Analyzed and reviewed by: Andrew Gierth <andrew@tao11.riddles.org.uk>
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D41158
Marius Strobl [Mon, 24 Jul 2023 17:26:06 +0000 (10:26 -0700)]
bus_dma: Trim CAM includes from subr_bus_dma.c
These are no longer needed after commit c5312bd79e66. This did
require adding an include of <sys/limits.h> instead for SIZE_T_MAX
which previously was dragged in via header pollution.
Andrew Turner [Mon, 24 Jul 2023 16:58:13 +0000 (17:58 +0100)]
arm: Move contents of atomic-v6.h into atomic.h
Previously we had an armv4/v5 and armv6/v7 implementation of the atomic
operations. As we have removed armv4/v5 support we can now merge the
armv6/v7 code into atomic.h
Reviewed by: imp
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D41135
Martin Matuska [Mon, 24 Jul 2023 05:42:43 +0000 (07:42 +0200)]
libarchive: merge from vendor branch
Libarchive 3.7.0
Important changes (relevant to FreeBSD):
#1814 Do not account for NULL terminator when comparing with "TRAILER!!!"
#1818 Add ability to produce multi-frame zstd archives
#1840 year 2038 fix for pax archives on platforms with 64-bit time_t
#1860 Make single bit bitfields unsigned to avoid clang 16 warning
#1869 Fix FreeBSD builds with WARNS=6
#1873 bsdunzip ported to libarchive from FreeBSD
#1894 read support for zstd compression in 7zip archives
#1918 ARM64 filter support in 7zip archives
Whilst ^ and $ are supported with C, those are special cases, and
general regex syntax like groups and alternations are not. Use the
correct modifier so we get a version number out that's not 0 (which is
what happens when it can't be parsed by the later code).
The upcoming Xcode 15 introduces a new linker (called ld-prime or ld-new
in some documentation) to replace the classic ld64, which we need to
handle.
Previously, the linker would identify itself as:
@(#)PROGRAM:ld PROJECT:ld64-<version>
Now, there are two cases. When the classic ld64 is in use, it identifies
itself as:
@(#)PROGRAM:ld-classic PROJECT:ld64-<version>
When the new linker is in use, it identifies itself as:
@(#)PROGRAM:ld PROJECT:dyld-<version>
Thus, tweak the detection to allow a -classic suffix in the PROGRAM
string and to allow a dyld- prefix instead of an ld64- prefix on the
version number in the PROJECT string.
Move LIBADD lines from usr.bin/clang/*/Makefile one level up
Some utilities under usr.bin/clang were only linked to libz, while most
others were linked to libz and libzstd. Make this consistent, and remove
repetition, by moving these LIBADD lines to usr.bin/clang/clang.prog.mk
and usr.bin/clang/clang.prog.mk.
Merge commit 2b0f5df7b4e0 from llvm-project (by Jessica Clarke):
[builtins][Mips] Un-break FreeBSD build of __clear_cache
Commit 674a17e9bbe8 ("MIPS/compiler_rt: use synci to flush icache on
r6") completely removed the OS-specific guards under the guise of "For
pre-r6, we can use cacheflush libc function, which is same on Linux and
FreeBSD." However, the code in question had guards for Linux and
OpenBSD, not Linux and FreeBSD, and FreeBSD does not have a cacheflush
libc function as claimed, so this was neither the statement they
intended to make nor was it sufficient justification for making the code
completely unconditional. Whilst the upcoming FreeBSD 14 release has
dropped support for MIPS, FreeBSD 13 has support for it.
Fix this by only calling cacheflush on the OSes where it was previously
called, and not on other OSes where it either definitely isn't available
(FreeBSD) or is unknown (any other OS than the three mentioned in this
commit).
This is only needed for MFC'ing, as mips has been removed from
14-CURRENT.
Alan Cox [Sat, 22 Jul 2023 17:55:43 +0000 (12:55 -0500)]
arm64 pmap: Retire PMAP_INLINE
Neither of the remaining callers to pmap_kremove() warrant inlining.
Those calls rarely occur. In other words, we were optimizing for the
uncommon case.
Kevin Bowling [Sat, 22 Jul 2023 18:33:27 +0000 (11:33 -0700)]
e1000: lem(4)/em(4) ifcaps, TSO and hwcsum fixes
* em(4) obey administrative ifcaps for using hwcsum offload
* em(4) obey administrative ifcaps for hw vlan receive tagging
* em(4) add additional TSO6 ifcap, but disabled by default as is TSO4
* lem(4) obey administrative ifcaps for using hwcsum offload
* lem(4) add support for hw vlan receive tagging
* lem(4) Add ifcaps for TSO offload experimentation, but disabled by
default due to errata and possibly missing txrx code.
* lem(4) disable HWCSUM ifcaps by default on 82547 due to errata around
full duplex links. It may still be administratively enabled.
Alan Cox [Sun, 16 Jul 2023 20:58:04 +0000 (15:58 -0500)]
arm64/riscv pmap: Initialize the pmap's pm_pvchunk field
I believe that there are two reasons that the missing TAILQ
initialization operations haven't caused a problem. First, the TAILQ
head's first field is being initialized to zeroes elsewhere. Second,
the first access to the TAILQ head's last field is by
TAILQ_INSERT_HEAD(), which assigns to the last field without reading
it when the first field is NULL.
ip output: ensure that mbufs are mapped if ipsec is enabled
Ipsec needs access to packet headers to determine if a policy is
applicable. It seems that typically IP headers are mapped, but the code
is arguably needs to check this before blindly accessing them. Then,
operations like m_unshare() and m_makespace() are not yet ready for
unmapped mbufs.
Ensure that the packet is mapped before calling into IPSEC_OUTPUT().
Warner Losh [Fri, 21 Jul 2023 16:11:37 +0000 (10:11 -0600)]
cam_periph: Comment about why we need to reset cbfcnp
Just spent a few minutes puzzling out why we do this. Add a comment to
remind my future self (and other intersted folk) why we do the reset
here when we'd set it a few lines above.