Apply libc++ fix for <ranges> not compiling at all
Merge commit 44cdca37c01a from llvm git (by Arthur O'Dwyer):
[libc++] Define `namespace views` in its own detail header.
Discovered in the comments on D118748: we would like this namespace
to exist anytime Ranges exists, regardless of whether concepts syntax
is supported. Also, we'd like to fully granularize the <ranges> header,
which means not putting any loose declarations at the top level.
Dimitry Andric [Tue, 15 Mar 2022 20:32:06 +0000 (21:32 +0100)]
Apply libc++ fix for firefox visibility push/pop issue
Merge commit 7ab1ab0db401 from llvm git (by Dimitry Andric):
[libc++] Make __dir_stream visibility declaration consistent
The class `__dir_stream` is currently declared in two places: as a
top-level forward declaration in `directory_iterator.h`, and as a friend
declaration in class `directory_entry`, in `directory_entry.h`.
The former has a `_LIBCPP_HIDDEN` attribute, but the latter does not,
causing the Firefox build to complain about the visibility not matching
the previous declaration. This is because Firefox plays games with
pushing and popping visibility.
Work around this by making both `__dir_stream` declarations consistently
use `_LIBCPP_HIDDEN`.
Dimitry Andric [Thu, 17 Feb 2022 21:49:39 +0000 (22:49 +0100)]
Apply fix for asm constraint error in www/php80-opcache
Merge commit 027c16bef4b7 from llvm git (by Nick Desaulniers):
[X86ISelLowering] permit BlockAddressSDNode "i" constraints for PIC
When building 32b x86 code as PIC, the existing handling of "i"
constraints is conservative since generally we have to go through the
GOT to find references to functions.
But generally, BlockAddresses from C code refer to the Function in the
current TU. Permit BlockAddresses to be used with the "i" constraint
for those cases.
I regressed this in
commit 4edb9983cb8c ("[SelectionDAG] treat X constrained labels as i for asm")
This updates llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and
openmp to llvmorg-14-init-18294-gdb01b123d012, the last commit before
the upstream release/14.x branch was created.
Working on an update for rtw88 baed on wireless-testing I ran into
a build issue with struct ieee802211_sta. Some fields were factored
out into their own struct apparently preparing for MLO (Multi Link
Operation).
In order to be able to update one driver we have to adjust both
rtw88 and iwlwifi (and the ones still out-of-tree) now.
This is mostly a sed-replace job and no functional changes are
intended.
Bjoern A. Zeeb [Wed, 18 May 2022 22:39:57 +0000 (22:39 +0000)]
LinuxKPI: 802.11 updates
Add more values to the ieee80211_min_mpdu_start_spacing enum with
two missing given we do not know how they are called. Also update
the reference while here.
Add struct ieee80211_hdr_3addr and correct the comment on the
ieee80211_hdr to match the one in net80211 to avoid future confusion.
Bjoern A. Zeeb [Wed, 18 May 2022 22:36:31 +0000 (22:36 +0000)]
LinuxKPI: implement pcie_capability_set_word()
Implement pcie_capability_set_word() using the already available
read/write functions.
Also define the completion timeout disable value to our PCI one.
Both needed by a driver update.
Sponsored by: The FreeBSD Foundation
Reviewed by: manu, hselasky
Differential Revision: https://reviews.freebsd.org/D35250
This amongst other things removes the deprecated BCAST_FILTERING option,
which we had disabled before due to firmware issues.
Also prepares us for the next firmware update.
The "enable_ini" module option has become an integer with a
sysctl proc equivalent handler. Disable the module parameter changing
for the moment until we'll have working LinuxKPI support or implement
it as SYSCTL_PROC in FreeBSD directly.
802.11i-2004 did not specify that RSN can be added to the probereq,
only to the proberesp (and others) yet it was added in what seems was b032f27c365b992e9d8e42214183b39acfb8c6ac (multi-BSS support).
802.11-2020 does not list the IE either for probereq so remove it.
Sponsored by: The FreeBSD Foundation
Okayed by: adrian
Differential Revision: https://reviews.freebsd.org/D34893
Bjoern A. Zeeb [Thu, 5 May 2022 22:21:03 +0000 (22:21 +0000)]
net80211: simplify code after STA/AP VAPs traffic hang fix
Combine the comment and double-unsetting of OACTIVE into a single case
after e8de31caceaa36caf5d7b4355072f148e2433b82.
This saves the question of why we do it twice--once right before and
one more time right after the state change check.
Also move the XXX comment about kicking the queue up to where it seems
better suited now.
Sponsored by: The FreeBSD Foundation
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D35135
Adrian Chadd [Tue, 12 Apr 2022 20:20:28 +0000 (13:20 -0700)]
net80211: Fix traffic hang on STA/AP VAPs on a multi-VAP interface
This took an embarrasingly long time to find.
The state changes for a radio with a STA /and/ AP VAP gets a bit messy.
The AP maps are marked as waiting, waiting for the STA AP to find a
channel to use before the AP VAPs become active.
However, the code path that clears the OACTIVE flag on a VAP only runs
during a successful run of ieee80211_newstate_cb().
So here is how it goes:
* the STA VAP goes down and needs to scan;
* the AP vap goes RUN->INIT; but it doesn't YET call ieee80211_newstate_cb();
* meanwhile - a send on the AP VAP causes the VAP to set the OACTIVE flag here;
* then the STA VAP finishes scan and goes to RUN;
* which will call wakeupwaiting() as part of the STA VAP transition to RUN;
* .. then the AP VAP goes INIT->RUN directly via a call to hostap_newstate
in wakeupwaiting rather than it being through the deferred path;
* /then/ the ieee80211_newstate_cb() is called, but it sees the state go
RUN->RUN;
* .. which results in the OACTIVE flag never being cleared.
This clears the OACTIVE flag when a VAP transitions RUN->RUN; the
driver layer or net80211 layer can set it if required in a subsequent
transmit.
The 'failed to write TX skb to HCI' error message is twice in the code.
Print the function name and along with the message and also the reported
error so it can possibly be helpful.
The 'failed to get tx report from firmware' was purposefully changed
away from debugging in the upstream Linux driver in 584dce175f0461d5d9d63952a1e7955678c91086 . Revert that decision and
extend the logging by the actual queue length so we get an idea how
sever the problem is (see PR for a report).
rtw8822c firmware got downgraded in a later commit to 9.9.10:
firmware version 9.9.11 added support for hw_scan and is reportedly
causing more problems than 9.9.10 does.
The license of the firmware matches the previous rtwnfw(4) firmware
files (modulo a Copyright year) and you can find a copy in
sys/contrib/dev/rtw88fw/LICENCE.rtlwifi_firmware.txt.
Add build infrastructure to create the .ko files but do not yet hook
it up to the build until all parts are in the tree.
While our version of the driver has knowledge about the incapablity
of DMA above 4GB we do see errors if people have more than that
often already showing when laoding firmware.
The problem for that is currently believed to be outside this driver
so importing it anyway for now.
Given the lack of full license texts on non-local files this is
imported under the draft policy for handling SPDX files (D29226). [1]
Bjoern A. Zeeb [Thu, 5 May 2022 20:43:34 +0000 (20:43 +0000)]
LinuxKPI: skbuff: add memlimit tunable for 64bit systems
Some drivers, such as Realtek's rtw88, require 32bit DMA in
a single segment. busdma(9) has a hard time providing this
currently for 3-ish pages at large quantities
(see lkpi_pci_nseg1_fail in linux_pci.c e86707418c8e8).
Work around this for now by allowing a tunable to enforce
physical addresses allocation limits on 64bit platforms (ignoring PAE)
using "old-school" contigmalloc(9) to avoid bouncing.
A patch needing a custom kernel compiled was tested in the last weeks
by rtw88 users providing the 32bit limit only hardcoded. The 36bit
limit can be found in iwlwifi so is added as a testing option along.
This is put in as a bandaid for now, so people no longer need to patch
and compile their own kernels to use rtw88 and to allow us to MFC the
driver as well before the amounts of commits to track increases by
much more.
Rick Macklem [Fri, 20 May 2022 21:57:42 +0000 (14:57 -0700)]
rpc.tlsclntd: Add an option to force use of TLS version 1.2
Commit 0b4f2ab0e913 fixes the krpc so that it can use TLS
version 1.3 for NFS-over-TLS, as required by
the draft (someday to be an RFC).
Since FreeBSD 13.0, 13.1 use TLS version 1.2 for
NFS-over-TLS mounts, this command line option
may be used so that NFS-over-TLS mounts to 13.0, 13.1
servers will still work.
Without the command line option, NFS-over-TLS mounts
will use TLS version 1.3.
Rick Macklem [Fri, 20 May 2022 21:44:50 +0000 (14:44 -0700)]
rpc.tlsservd: Add an option to allow TLS version 1.2
Commit 0b4f2ab0e913 fixes the krpc so that it can use TLS
version 1.3 for NFS-over-TLS, as required by
the draft (someday to be an RFC).
Since FreeBSD 13.0, 13.1 use TLS version 1.2 for
NFS-over-TLS mounts, this command line option
may be used so that mounts from 13.0, 13.1 will still work.
Without the command line option, only TLS version 1.3
mounts are permitted.
Rick Macklem [Thu, 5 May 2022 22:54:14 +0000 (15:54 -0700)]
rpc.tlsservd: Add a -C command line option for preferred_ciphers
rpc.tlsclntd has a -C command line option for setting
preferred_ciphers. Testing at a recent IETF NFSv4 testing
event showed that setting preferred_ciphers is not normally
needed for the rpc.tlsservd.
This patch modifies rpc.tlsservd to not specify preferred_ciphers
by default, but provides the same -C option as rpc.tlsclntd to
set preferred_ciphers, in case it is needed.
The man page update will be done as a separate commit.
LinuxKPI: Switch irq_work implementation back to standard taskqueue
from fast one as dmabuf does not run callbacks from critical sections
since drm-kmod 5.7.
Consumers which requires fair irq_work like drm-kmod 5.4 must #define
LKPI_IRQ_WORK_USE_FAST_TQ somewhere in source file before linux/irq_work.h
inclusion to enable old behavior.
LinuxKPI: Implement kthread_worker related functions
Kthread worker is a single thread workqueue which can be used in cases
where specific kthread association is necessary, for example, when it
should have RT priority or be assigned to certain cgroup.
This change implements Linux v4.9 interface which mostly hides kthread
internals from users thus allowing to use ordinary taskqueue(9) KPI.
As kthread worker prohibits enqueueing of already pending or canceling
tasks some minimal changes to taskqueue(9) were done.
taskqueue_enqueue_flags() was added to taskqueue KPI which accepts extra
flags parameter. It contains one or more of the following flags:
TASKQUEUE_FAIL_IF_PENDING - taskqueue_enqueue_flags() fails if the task
is already scheduled to execution. EEXIST is returned and the
ta_pending counter value remains unchanged.
TASKQUEUE_FAIL_IF_CANCELING - taskqueue_enqueue_flags() fails if the
task is in the canceling state and ECANCELED is returned.
Rick Macklem [Sun, 15 May 2022 18:51:56 +0000 (11:51 -0700)]
krpc: Fix NFS-over-TLS for KTLS1.3
When NFS-over-TLS uses KTLS1.3, the client can receive
post-handshake handshake records. These records can be
safely thown away, but are not handled correctly via the
rpctls_ct_handlerecord() upcall to the daemon.
Commit 373511338d95 changed soreceive_generic() so that it
will only return ENXIO for Alert records when MSG_TLSAPPDATA
is specified. As such, the post-handshake handshake
records will be returned to the krpc.
This patch modifies the krpc so that it will throw
these records away, which seems sufficient to make
NFS-over-TLS work with KTLS1.3. This change has
no effect on the use of KTLS1.2, since it does not
generate post-handshake handshake records.
Dimitry Andric [Sat, 28 May 2022 21:26:37 +0000 (23:26 +0200)]
Apply clang fix for assertion failure building putty 0.77 on i386
Merge commit 45084eab5e63 from llvm git (by Arthur Eubanks):
[clang] Fix some clang->llvm type cache invalidation issues
Take the following as an example
struct z {
z (*p)();
};
z f();
When we attempt to get the LLVM type of f, we recurse into z. z itself
has a function pointer with the same type as f. Given the recursion,
Clang simply treats z::p as a pointer to an empty struct `{}*`. The
LLVM type of f is as expected. So we have two different potential
LLVM types for a given Clang type. If we store one of those into the
cache, when we access the cache with a different context (e.g. we
are/aren't recursing on z) we may get an incorrect result. There is some
attempt to clear the cache in these cases, but it doesn't seem to handle
all cases.
This change makes it so we only use the cache when we are not in any
sort of function context, i.e. `noRecordsBeingLaidOut() &&
FunctionsBeingProcessed.empty()`, which are the cases where we may
decide to choose a different LLVM type for a given Clang type. LLVM
types for builtin types are never recursive so they're always ok.
This allows us to clear the type cache less often (as seen with the
removal of one of the calls to `TypeCache.clear()`). We
still need to clear it when we use a placeholder type then replace it
later with the final type and other dependent types need to be
recalculated.
I've added a check that the cached type matches what we compute. It
triggered in this test case without the fix. It's currently not
check-clang clean so it's not on by default for something like expensive
checks builds.
This change uncovered another issue where the LLVM types for an argument
and its local temporary don't match. For example in type-cache-3, when
expanding z::dc's argument into a temporary alloca, we ConvertType() the
type of z::p which is `void ({}*)*`, which doesn't match the alloca GEP
type of `{}*`.
Dimitry Andric [Fri, 27 May 2022 17:43:39 +0000 (19:43 +0200)]
Apply clang fix for assertion failure building webkit2-gtk
Merge commit 30baa5d2a450 from llvm git (by Richard Smith):
PR45879: Fix assert when constant evaluating union assignment.
Consider the form of the first operand of a class assignment not the
second operand when implicitly starting the lifetimes of union members.
Also add a missing check that the assignment call actually came from a
syntactic assignment, not from a direct call to `operator=`.
Dimitry Andric [Sat, 14 May 2022 20:07:01 +0000 (22:07 +0200)]
Avoid adding -d to kernel module link command lines for lld >= 14
Since 0b3178a45cd0 we have added '-d' to the link command line for
kernel modules, so if any unexpected common symbols turn up (even though
we use -fno-common in CFLAGS), storage will be allocated in in the
module itself.
However, with lld this option did not have any effect since ~2017, and
as of lld 14 it warns: "-d, -dc, -dp, and --[no-]define-common will be
removed. See https://github.com/llvm/llvm-project/issues/53660"
Add a linker type and version check, to avoid adding the option for lld
14 and later.
When running binaries compiled with libasan in PIE and with ALSR on,
the previous code always print the WARNING message, the new code only
printed it if the run is made with the right verbosity
Before this change, many unit test will always fail because of the extra
message which is printed
Mateusz Guzik [Sun, 27 Mar 2022 18:01:38 +0000 (18:01 +0000)]
clang: Skip attempts to access /proc/self/fd
In contrast to Linux it does not provide entries which can be readlinked
-- these are just regular files, not giving the expected outcome. That's
on top of procfs not being mounted by default to begin with.
Reviewed by: dim
Differential Revision: https://reviews.freebsd.org/D34684
Export _Unwind_Complete and _Unwind_VRS_Pop from arm's libgcc_s
Apparently some ports on arm require these symbols, and while they were
available in llvm's libunwind, they were never exported via the arm
specific Symbol.map. Put them in the same version block as gcc does
(GCC_3.5).
Reported by: Robert Clausecker <fuz_at_fuz.su>
MFC after: 3 days
Rick Macklem [Sat, 14 May 2022 19:56:50 +0000 (12:56 -0700)]
uipc_socket.c: Modify MSG_TLSAPPDATA to only do Alert Records
Without this patch, the MSG_TLSAPPDATA flag would cause
soreceive_generic() to return ENXIO for any non-application
data record in a TLS receive stream.
This works ok for TLS1.2, since Alert records appear to be
the only non-application data records received.
However, for TLS1.3, there can be post-handshake handshake
records, such as NewSessionKey sent to the client from the
server. These handshake records cannot be handled by the
upcall which does an SSL_read() with length == 0.
It appears that the client can simply throw away these
NewSessionKey records, but to do so, it needs to receive
them within the kernel.
This patch modifies the semantics of MSG_TLSAPPDATA slightly,
so that it only applies to Alert records and not Handshake
records. It is needed to allow the krpc to work with KTLS1.3.
Kristof Provost [Sun, 27 Mar 2022 18:23:25 +0000 (20:23 +0200)]
if: avoid interface destroy race
When we destroy an interface while the jail containing it is being
destroyed we risk seeing a race between if_vmove() and the destruction
code, which results in us trying to move a destroyed interface.
Protect against this by using the ifnet_detach_sxlock to also covert
if_vmove() (and not just detach).
Mitchell Horne [Sat, 14 May 2022 13:25:21 +0000 (10:25 -0300)]
dumpon: warn if the configured netdump link is down
Previously we expected the DIOCSKERNELDUMP ioctl to return ENXIO if the
interface was down, but it does not actually do this. Grab the link
status using getifaddrs(3) instead, and downgrade this case from an
error to a warning; the user might bring the link back up at a later
time.
Reviewed by: cem
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D35196
Mitchell Horne [Sat, 14 May 2022 13:23:08 +0000 (10:23 -0300)]
debugnet: fix an errant assertion
We may call debugnet_free() before g_debugnet_pcb_inuse is true,
specifically in the cases where the interface is down or does not
support debugnet. pcb->dp_drv_input is used to hold the real driver
if_input callback while debugnet is in use, so we can check the status
of this field in the assertion.
This can be triggered trivially by trying to configure netdump on an
unsupported interface at the ddb prompt.
Initializing the dp_drv_input field to NULL explicitly is not necessary
but helps display the intent.
Mitchell Horne [Sat, 14 May 2022 13:23:58 +0000 (10:23 -0300)]
netdump: check the support status of the interface
If the interface does not support debugnet(4) we should bail early,
rather than having the user find this out at the time of the panic.
dumpon(8) already expects this return value and will print a helpful
error message.
Mark Johnston [Fri, 20 May 2022 14:17:35 +0000 (10:17 -0400)]
libsa: Make the nvlist implementation more self-contained
Move declarations into a new nvlist.h rather than putting everything in
libzfs.h. This makes this nvlist code easier to reuse elsewhere. In
particular, the nvlist implementation in sys/contrib/libnv does not
provide XDR encoding, but this is needed when reading from or writing to
ZFS pools.
Also:
- Remove references to boolean_t. It has to be a 32-bit int here, so
just reference the underlying type.
- Add includes needed when compiling the nvlist code outside of stand/.
No functional change intended.
Reviewed by: tsoome
Sponsored by: The FreeBSD Foundation
Mark Johnston [Fri, 20 May 2022 14:15:00 +0000 (10:15 -0400)]
libsa: Fix a bug in nvlist creation
When adding an entry to an nvlist, the data buffer might need to be
resized. When this happens, the XDR encoder's notion of the buffer size
also needs to be updated, otherwise the operation may erroneously fail.
Reviewed by: tsoome, imp
Sponsored by: The FreeBSD Foundation
Mark Johnston [Fri, 20 May 2022 14:18:10 +0000 (10:18 -0400)]
bitstring_test: Add regression tests for bit_ff(c|s)_area_at()
Validate the cases where a match can be found immediately and where no
match can be found. This extends the existing test cases and is enough
to catch the bug fixed in commit 6e7a585348d5 ("bitstring: fix ff_area()
when start!=0").
Reviewed by: dougm
Sponsored by: The FreeBSD Foundation
Mike Karels [Fri, 20 May 2022 14:16:01 +0000 (09:16 -0500)]
ping: if -S srcaddr uses a numeric address, use that protocol
The command "ping -S dotted.quad hostname" fails on dual-stack hosts
with the confusing message "ping: invalid source address: Name does
not resolve" because IPv6 is selected in preference. If the argument
to -S is numeric (likely), select the corresponding address family,
as if -4 or -6 was specified. Add tests that either IPv4 or IPv6 can
be forced via a -S parameter.
Ed Maste [Thu, 12 May 2022 14:49:30 +0000 (10:49 -0400)]
Hide -fuse-ld= not supported message for non-build targets
In some build configurations a warning about (an absolute path for)
-fuse-ld= not being supported by GCC was emitted during cleandir or
other non-build make targets.
For these non-build targets COMPILER_TYPE is set to "none" but we
treated the .else case for COMPILER_TYPE==clang as implying gcc.
Check instead for COMPILER_TYPE==gcc.
PR: 263913
Reported by: pstef
Reviewed by: pstef
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Mark Johnston [Fri, 29 Apr 2022 13:18:02 +0000 (09:18 -0400)]
makefs: Fix warnings and reset WARNS to the default
Leave -Wcast-align disabled, at least for now, since there are numerous
instances of that warning in places where buffer pointers are cast to
pointers to various filesystem structures. Fixing this properly would
be too much work for too little gain.
Rick Macklem [Fri, 6 May 2022 21:03:43 +0000 (14:03 -0700)]
rpc.tlsservd: Add logging of TLS version and cipher used
This patch adds logging of the version of TLS and cipher
negotiated successfully by the TLS handshake for each client,
if the "-v" command line option has been specified.
This information may be useful for monitoring and debugging
NFS-over-TLS mounts.
Mark Johnston [Fri, 20 May 2022 14:11:31 +0000 (10:11 -0400)]
cpuset: Fix the KASAN and KMSAN builds
Rename the "copyin" and "copyout" fields of struct cpuset_copy_cb to
something less generic, since sanitizers define interceptors for
copyin() and copyout() using #define.
Reported by: syzbot+2db5d644097fc698fb6f@syzkaller.appspotmail.com
Fixes: 47a57144af25 ("cpuset: Byte swap cpuset for compat32 on big endian architectures")
Sponsored by: The FreeBSD Foundation
Justin Hibbits [Thu, 12 May 2022 20:38:22 +0000 (15:38 -0500)]
cpuset: Byte swap cpuset for compat32 on big endian architectures
Summary:
BITSET uses long as its basic underlying type, which is dependent on the
compile type, meaning on 32-bit builds the basic type is 32 bits, but on
64-bit builds it's 64 bits. On little endian architectures this doesn't
matter, because the LSB is always at the low bit, so the words get
effectively concatenated moving between 32-bit and 64-bit, but on
big-endian architectures it throws a wrench in, as setting bit 0 in
32-bit mode is equivalent to setting bit 32 in 64-bit mode. To
demonstrate:
32-bit mode:
BIT_SET(foo, 0): 0x00000001
64-bit sees: 0x0000000100000000
cpuset is the only system interface that uses bitsets, so solve this
by swapping the integer sub-components at the copyin/copyout points.
Alan Somers [Wed, 6 Apr 2022 20:03:11 +0000 (14:03 -0600)]
Fix overflow errors in sbttous and sbttoms
Both of these functions would overflow for very large inputs. Add tests
for them. Also, add tests for the inverse functions, *stosbt, whose
overflow errors were fixed by 4c30b9ecd47.
Alan Somers [Thu, 5 May 2022 21:35:23 +0000 (15:35 -0600)]
Correctly measure system load averages > 1024
The old fixed-point arithmetic used for calculating load averages had an
overflow at 1024. So on systems with extremely high load, the observed
load average would actually fall back to 0 and shoot up again, creating
a kind of sawtooth graph.
Fix this by using 64-bit math internally, while still reporting the load
average to userspace as a 32-bit number.
Alan Somers [Fri, 29 Apr 2022 16:43:47 +0000 (10:43 -0600)]
fusefs: use the fsname mount option if set
The daemon can specify fsname=XXX in its mount options. If so, the file
system should report f_mntfromname as XXX during statfs. This will show
up in the output of commands like mount and df.
Submitted by: Ali Abdallah <ali.abdallah@suse.com>
Differential Revision: https://reviews.freebsd.org/D35090
Alan Somers [Fri, 29 Apr 2022 13:59:29 +0000 (07:59 -0600)]
fusefs: add a test for the subtype= option
At mount time server can set, for example, "subtype=xfs", so that
mount(8) will later show the mountpoint's file system as "fusefs.xfs".
fusefs has had this feature ever since the original GSoC commit in 2012,
but there's never been a test for it.
Mike Karels [Mon, 9 May 2022 12:19:52 +0000 (07:19 -0500)]
genet: fix output packet corruption in uncommon case
The code for the "shift" block in the COPY macro set the pointer for
the next copy block to the wrong value. In this case, the link-layer
header would be overwritten by the network-layer header. This case is
difficult or impossible to exercise in the current driver without
changing the value of the hw.genet.tx_hdr_min sysctl. Correct the
pointer. While here, remove a line in the macro that was marked
"unneeded", which was actually wrong.
Piotr Kubaj [Tue, 17 May 2022 06:39:29 +0000 (08:39 +0200)]
powerpc: enable supported sanitizers on powerpc64*
1. Merge LLVM's 315d792130258a9b7250494be8d002ebb427b08f, adding support
for FreeBSD/powerpc64*.
2. Add sanitizer list to lib/libclang_rt/Makefile, taken from the list of
libraries that llvm-devel port builds.
3. powerpc64le supports the same sanitizers that powerpc64, but powerpc64le
also supports xray* sanitizers.
4. lib/libclang_rt/xray/Makefile hardcodes amd64-specific files, so that needs
to be conditionalized.
5. Sanitizers are not enabled for powerpc, because powerpc supports only
builtins and profile.
Reviewed by: dim
Differential Revision: https://reviews.freebsd.org/D35228
Relnotes: yes
MFC after: 3 days
Rick Macklem [Wed, 4 May 2022 20:52:33 +0000 (13:52 -0700)]
nfsd: Fix handling of Open/Create for the pNFS server
When the MDS of a pNFS service receives an Open/Create
and the file already exists, it must do a Setattr of
size == 0. Without this patch, this was eroneously
done via a VOP_SETAATR() call, which would set the
length of the MDS file to 0 (which is already is,
since all data lives on the DSs).
This patch fixes the problem by doing a nfsvno_setattr()
instead of VOP_SETATTR(), which knows to do a proxied
Setattr on the DSs.
For a non-pNFS server, the change has no effect, since
nfsvno_setattr() only does a VOP_SETATTR() for that case.
This was found during a recent IETF NFSv4 testing event.
Kevin Bowling [Tue, 17 May 2022 03:15:34 +0000 (20:15 -0700)]
igc: Increase rx_buffer_size local variable to 32b
Apply 6987c47569b377f4b6eba9966afdedfb1b39fca8 to igc. This is not
expected to have any benefit on current parts with current observed PBA
sizes but will avoid surprises if they are increased in future chips.
Rick Macklem [Wed, 4 May 2022 20:58:22 +0000 (13:58 -0700)]
nfsd: Add a sanity check for Owner/OwnerGroup string length
Robert Morris reported that, if a client sends an absurdly
large Owner/OwnerGroup string, the kernel malloc() for the
large size string can block forever.
This patch adds a sanity limit for Owner/OwnerGroup string
length. Since the RFCs do not specify any limit and FreeBSD
can handle a group name greater than 1Kbyte, the limit is
set at a generous 10Kbytes.
John Baldwin [Wed, 27 Apr 2022 19:18:52 +0000 (12:18 -0700)]
setkey(8): Clarify language around AEAD ciphers.
AEAD ciphers for IPsec combine both encryption and authentication. As
such, ESP configurations using an AEAD cipher should not use a
seperate authentication algorithm via -A. However, this was not
apparent from the setkey manpage and 12.x and earlier did not perform
sufficient argument validation permitting users to pair an explicit -A
such as SHA256-HMAC with AES-GCM. (The result was a non-standard
combination of AES-CTR with the specified MAC, but with the wrong
initial block counter (and thus different keystream) compared to using
AES-CTR as the cipher.)
Attempt to clarify this in the manpage by explicitly calling out AEAD
ciphers (currently only AES-GCM) and noting that AEAD ciphers should
not use -A.
While here, explicitly note which authentication algorithms can be
used with esp vs esp-old. Also add subsection headings for the
different algorithm lists and tidy some language.
I did not convert the tables to column lists (Bl -column) though that
would probably be more correct than using literal blocks (Bd
-literal).
John Baldwin [Thu, 5 May 2022 23:40:04 +0000 (16:40 -0700)]
pbio: Add locking and remove D_NEEDGIANT.
Use a sx lock to permit uiomove directly into/out of the the per-port
buffers. In addition, the sx lock provides a stronger guarantee that
I think this driver wants which is to single-thread read and write
calls even while paused. Finally, replace tsleep with dummy wait
channels with calls to pause_sig to more clearly communicate the
intent.