Mitchell Horne [Fri, 10 Feb 2023 14:26:53 +0000 (10:26 -0400)]
arm64: nexus code tidy-up
Make a pass at the various nexus implementations, fixing some very minor
style issues, obsolete comments, etc.
The method declaration section has become unwieldy in many respects.
Attempt to tame it by:
- Using generated method typedefs
- Grouping methods roughly by category, and then alphabetically.
Mitchell Horne [Mon, 6 Feb 2023 15:57:33 +0000 (11:57 -0400)]
arm: nexus code tidy-up
Make a pass at the various nexus implementations, fixing some very minor
style issues, obsolete comments, etc.
The method declaration section has become unwieldy in many respects.
Attempt to tame it by:
- Using generated method typedefs
- Grouping methods roughly by category, and then alphabetically.
Mitchell Horne [Fri, 10 Feb 2023 14:37:08 +0000 (10:37 -0400)]
powerpc: nexus code tidy-up
Make a pass at the various nexus implementations, fixing some very minor
style issues, obsolete comments, etc.
Update the top-level comment to be closer to other nexus
implementations.
The method declaration section has become unwieldy in many respects.
Attempt to tame it by:
- Using generated method typedefs
- Grouping methods roughly by category, and then alphabetically.
Mitchell Horne [Mon, 6 Feb 2023 15:53:09 +0000 (11:53 -0400)]
riscv: nexus code tidy-up
Make a pass at the various nexus implementations, fixing some very minor
style issues, obsolete comments, etc.
The method declaration section has become unwieldy in many respects.
Attempt to tame it by:
- Using generated method typedefs
- Grouping methods roughly by category, and then alphabetically.
Mitchell Horne [Fri, 10 Feb 2023 14:52:38 +0000 (10:52 -0400)]
x86: nexus code tidy-up
Make a pass at the various nexus implementations, fixing some very minor
style issues, obsolete comments, etc.
The method declaration section has become unwieldy in many respects.
Attempt to tame it by:
- Using generated method typedefs
- Grouping methods roughly by category, and then alphabetically.
Mitchell Horne [Mon, 13 Feb 2023 17:44:03 +0000 (13:44 -0400)]
ofwbus: only allow unit number zero
ofwbus has always been the root of attachment for OFW/FDT platforms. It
may have simplebus children, but we expect only one instance of the
ofwbus driver, added directly by nexus. We may as well ensure this
remains the case.
Mitchell Horne [Mon, 13 Feb 2023 17:43:25 +0000 (13:43 -0400)]
ofwbus: remove arm64 ifdefs
Rather than using the DEVICE_IDENTIFY method, let's have other
ofwbus-using platforms add ofwbus0 explicitly in nexus, like arm64. This
gives them the same flexibility, e.g. if riscv starts supporting ACPI,
and cleans up the #ifdefs.
We were doing this already on riscv, but adjust the 'order' parameters.
The architecture nexus should handle allocation and release of memory and
interrupts. This is to ensure that system-wide resources such as these
are available to all devices, not just children of ofwbus0.
On powerpc this moves the ownership of these resources up one level,
from ofwbus0 to nexus0. Other architectures already have the required
logic in their nexus implementation, so this eliminates the duplication
of resources. An implementation of nexus_adjust_resource() is added for
arm, arm64, and riscv.
As noted by ian@ in the review, resource handling was the main bit of
logic distinguishing ofwbus from simplebus. With some attention to
detail, it should be possible to merge the two in the future.
Mitchell Horne [Thu, 27 May 2021 14:27:40 +0000 (11:27 -0300)]
physmem: add ram0 pseudo-driver
Its purpose is to reserve all I/O space belonging to physical memory
from nexus, preventing it from being handed out by bus_alloc_resource()
to callers such as xenpv_alloc_physmem(), which looks for the first
available free range it can get. This mimics the existing pseudo-driver
on x86.
If needed, the device can be disabled with hint.ram.0.disabled="1" in
/boot/device.hints.
Mitchell Horne [Sun, 5 Dec 2021 15:27:50 +0000 (11:27 -0400)]
arm: add an interrupt rman to nexus
Allow the nexus bus to own and manage interrupt resources. Currently,
interrupt resources on this architecture are managed completely by
ofwbus, but it is desirable that system-wide memory and interrupt
resources be managed by the top-level bus.
This is a pre-requisite to moving this resource management out of
ofwbus.
Ed Maste [Fri, 31 Mar 2023 16:57:15 +0000 (12:57 -0400)]
makefs: remove CD9660MAXPATH #define
It was used only in constructing the host path that contains file
content, which is not related to anything CD9660-specific. PATH_MAX is
the appropriate limit. See OpenBSD commit 299d8950f319.
Obtained from: OpenBSD
Sponsored by: The FreeBSD Foundation
Ed Maste [Thu, 30 Mar 2023 16:45:18 +0000 (12:45 -0400)]
makefs: #define Apple Partition bits
NetBSD defines these in sys/bootblock.h, which we don't have. Add local
defintions in cd9660_eltorito.c (as OpenBSD did) to reduce diffs between
the three makefs implementations.
Obtained from: OpenBSD
Sponsored by: The FreeBSD Foundation
Ed Maste [Thu, 30 Mar 2023 01:33:39 +0000 (21:33 -0400)]
makefs: remove vestigial '?' cases from top-level getopt(3) loop
getopt(3) returns '?' when it encounters a flag not present in the in
the optstring or if a flag is missing its option argument. We can
handle this case with the "default" failure case with no loss of
legibility.
Simon J. Gerraty [Tue, 19 Jul 2022 15:59:53 +0000 (08:59 -0700)]
Add -S option to veriexec
During software installation, use veriexec -S to strictly
enforce certificate validity checks (notBefore, notAfter).
Otherwise ignore certificate validity period.
It is generally unacceptible for the Internet to stop working
just because someone did not upgrade their infrastructure for a decade.
Mitchell Horne [Fri, 31 Mar 2023 15:32:39 +0000 (12:32 -0300)]
arm64/gicv3: correct the size of the distributor resource
Use the GICD_SIZE macro (0x10000), which is half the size of the current
fixed-sized mapping (128 * 1024 == 0x20000).
In ARM64 Hyper-V instances, it seems the Distributor's registers are
located immediately preceding a range of physical memory in the bus
address space. Thus, when ram0 is attaching and attempts to reserve
SYS_RES_MEMORY resources corresponding to its physmem ranges, it fails,
because the first 0x10000 bytes of this range are already owned by gic0.
Mark Johnston [Wed, 5 Apr 2023 20:52:41 +0000 (16:52 -0400)]
netmap: Handle packet batches in generic mode
ifnets are allowed to pass batches of multiple packets to if_input,
linked by the m_nextpkt pointer. iflib_rxeof() sometimes does this, for
example. Netmap's generic mode did not handle this and would only
deliver the first packet in the batch, leaking the rest.
Mark Johnston [Tue, 4 Apr 2023 15:21:51 +0000 (11:21 -0400)]
libdtrace: Do not set SHF_ALLOC on SUNW_dof relocation sections
The section will contain static relocations which do not need to be
preserved after linking, and moreover these relocations may reference
symbols that end up getting removed.
Do not set SHF_ALLOC and instead let the linker decide what needs to be
done.
PR: 258872
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Mark Johnston [Fri, 31 Mar 2023 15:04:37 +0000 (11:04 -0400)]
arm64: Move the initial kernel stack out of the init_pagetables section
init_pagetables is mapped into the segment containing the BSS, but does
not get zeroed by locore. It is used for bootstrap page table pages.
It happens that the bootstrap kernel stack is also placed in that
section, but there's no reason it shouldn't live in the BSS, so move it
there. No functional change intended.
Reviewed by: andrew
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D39367
Mark Johnston [Fri, 31 Mar 2023 13:50:34 +0000 (09:50 -0400)]
arm64: Ensure that thread0's PCB flags are initialized
On arm64, the PCB is stored at the top of the thread stack. For thread0
this comes from the static "initstack" region, which is placed in the
.init_pagetable section, which is not part of the BSS and thus doesn't
get zeroed by locore. (See the comment in ldscript.arm64.) It is thus
possible for the pcb_flags field to be uninitialized, which can result
in PCB_SINGLE_STEP being set.
Fix this by simply initializing the field. A separate commit will move
initstack out of the .init_pagetable section, since it has no reason to
be there, but it is preferable to explicitly initialize PCB fields
anyway. In particular, regular kernel stacks are not zeroed upon
allocation, so we should be consistent here.
Reviewed by: andrew
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D39343
Dave Cottlehuber [Sun, 27 Nov 2022 11:12:02 +0000 (11:12 +0000)]
release/oci: add Oracle Cloud image builder
Provides an OCI (Oracle Cloud Infrastructure) release target for
Oracle's KVM-based VM implementation. Tested using 13.1-RELEASE,
primarily on Ampere CPU on A1.Flex VM shapes, but also works on
amd64 shapes.
- supports cloud-init and custom scripts
- provides a freebsd@ sudo-enabled user
- root user disabled over ssh & console
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
Sponsored by: SkunkWerks, GmbH
Technical assistance from: Oracle
Differential Revision: https://reviews.freebsd.org/D34746
Stefan Eßer [Tue, 14 Feb 2023 12:27:27 +0000 (13:27 +0100)]
kbdcontrol.c: make pre-Unicode compatibility conditional
Support for the full range of Unicode character codes has been added
to the main keymap back in 2009, with compatibility shims added in
2011 (to support an older kbdcontrol command on a new kernel during
an upgrade from FreeBSD-8 to FreeBSD-9).
Unicode support for accented characters that are reached via dead key
combinations has been added just recently, again with compatibility
shims to allow all combinations of old/new kernel and old/new
kbdcontrol command to load and display the keymaps including the dead
key table. (But full Unicode in the dead key table requires both a new
kernel and kbdcontrol command.)
This commit makes the compatibility shims depend on the respective
compatibility ioctls (OGIO_KEYMAP, OPIO_KEYMAP, OGIO_DEADKEYMAP, and
OPIO_DEADKEYMAP) being defined in sys/kbio.h. This is true for all of
them in 13-STABLE, none in 12-STABLE (as of now), and will become
optional due to a follow-up commit to sys/kbio.h in -CURRENT.
This commit is the only part of review D38465 that should be merged
back to 12-STABLE and 13-STABLE.
Ed Maste [Fri, 24 Mar 2023 17:53:59 +0000 (13:53 -0400)]
makefs: emit NM records for all directory entries
We previously attempted to emit Rock Ridge NM records only when the name
represented by the Rock Ridge extensions would actually differ. We would
omit the record for an all-upper-case directory name, however Linux (and
perhaps other operating systems) map names with no NM record to
lowercase.
This affected only directories, as file names have an implicit ";1"
version number appended and thus always differ. To solve, just emit NM
records for all entries other than DOT and DOTDOT .
We could continue to omit the NM record for directories that would avoid
mapping (for example, one named 1234.567) but this does not seem worth
the complexity.
PR: 203531
Reported by: Thomas Schmitt <scdbackup@gmx.net
Reviewed by: kevans
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39258
Ed Maste [Thu, 23 Mar 2023 17:02:44 +0000 (13:02 -0400)]
makefs: correct El Torito bood record
The boot catalog pointer is a DWord, but we previously populated it via
cd9660_bothendian_dword which overwrote four unused bytes following it.
See El Torito 1.0 (1995) Figure 7 for details.
PR: 203531, 203646
Reported by: Coverity Scan
Reported by: Thomas Schmitt <scdbackup@gmx.net>
Reviewed by: kevans
CID: 977470
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39231
ifconfig: Fix configuring if_bridge with additional operating parameters
For clone create and rename operations, the interface name get back can be
different from the one passed to ioctl(). Use the interface name we get back
so that ifconfig will not return unexpected ENXIO.
From static code analysis, some device drivers (cxgbe, mlx4, mthca, and qlnx)
do not enter net epoch before lagg_input_infiniband(). If IPoIB interface is a
member of lagg(4) interface, and after returning from lagg_input_infiniband()
the receiving interface of mbuf is set to lagg(4) interface, then when
concurrently destroying the lagg(4) interface, there is a small window that the
interface gets destroyed and becomes invalid before infiniband_input() re-enter
net epoch, thus leading use-after-free.
Widen NET_EPOCH coverage to prevent use-after-free.
Different lagg protocols have different means and policies to process incoming
traffic. For example, for failover protocol, by default received traffic is only
accepted when they are received through the active port. For lacp protocol, LACP
control messages are tapped off, also traffic will be dropped if they are
received through the port which is not in collecting state or is not joined to
the active aggregator. It confuses if user dump and see inbound traffic on
lagg(4) interfaces but they are actually silently dropped and not passed into
the net stack.
Tap traffic after protocol processing so that user will have consistent view of
the inbound traffic, meanwhile mbuf is set with correct receiving interface and
bpf(4) will diagnose the right direction of inbound packets.
Ihor Antonov [Thu, 23 Mar 2023 02:37:12 +0000 (21:37 -0500)]
daemon: decouple init logic from main loop
main() func contained both initialization and main loop logic.
This made certain operations like restarting problematic and
required dirty hacks in form of goto jumps.
This commit moves the main loop logic into daemon_eventloop(),
cleans up main, and makes restart logic clear: daemon_mainloop()
is run in a loop with a restart condition checked at the end.
Kyle Evans [Mon, 20 Mar 2023 19:19:35 +0000 (14:19 -0500)]
pkill: use an ARG_MAX size buffer for argument matching
Right now pkill/pgrep cut off at _POSIX2_LINE_MAX (2048), but argument
strings can be much larger (ARG_MAX is 256K/512K). Stop arbitrarily
cutting the search off at 2K, rather than documenting the limit.
Reviewed by: allanjude (earlier version), des
Sponsored by: Klara, Inc.
Ihor Antonov [Sun, 12 Mar 2023 16:07:34 +0000 (10:07 -0600)]
daemon: move variables into struct daemon_state
The fact that most of the daemon's state is stored on the stack
of the main() makes it hard to split the logic smaller chunks.
Which in turn leads to huge main func that does a a lot of things.
struct log_params existed because some variables need to be passed
into other functions together.
This change renames struct log_params into daemon_state
and moves the rest of the variables into it. This is a necessary
preparation step for further refactroing.