Jamie Gritton [Tue, 16 Feb 2021 19:19:13 +0000 (11:19 -0800)]
MFC jail: Handle a possible race between jail_remove(2) and fork(2)
jail_remove(2) includes a loop that sends SIGKILL to all processes
in a jail, but skips processes in PRS_NEW state. Thus it is possible
the a process in mid-fork(2) during jail removal can survive the jail
being removed.
Add a prison flag PR_REMOVE, which is checked before the new process
returns. If the jail is being removed, the process will then exit.
Also check this flag in jail_attach(2) which has a similar issue.
NOTE 1: There is no need to dump and reload repositories, and the
working copy format is still the same as Subversion 1.8 through 1.13.
NOTE 2: The upstream release also contains a fix for a security issue in
mod_dav_svn (CVE-2020-17525), but since we do not build or use any
Apache modules, it is not an issue for the FreeBSD base system.
Dimitry Andric [Wed, 10 Feb 2021 22:28:43 +0000 (23:28 +0100)]
Fix incorrect hypotl(3) result with subnormal numbers
This adjusts the factor used to scale the subnormal numbers, so it
becomes the right value after adjusting its exponent. Thanks to Steve
Kargl for finding the most elegant fix.
Also enable the hypot tests, and add a test case for this bug.
Fix lib/msun/test builds on platforms without 80-bit long doubles
After d3338f3355a612cf385632291f46c5777bba8d18, the lib/msun test case
'hypotl_near_underflow' would fail to compile on platforms where long
doubles weren't 80 bit, like on x86. Disable this particular test on
such platforms for now.
MFC 12148d4300db:
Fix for locking order reversal in USB audio driver, when using mmap().
Locking the second lock which causes the LOR, can be skipped because
the code updating the shared variables is always executing from the
same USB thread.
lock order reversal:
1st 0xfffff80005cc3840 pcm7:play:dsp7.p0 (pcm play channel, sleep mutex)
@ usb_transfer.c:2342
2nd 0xfffff80005cc3860 pcm7:record:dsp7.r0 (pcm record channel, sleep mutex)
@ uaudio.c:2317
lock order pcm record channel -> pcm play channel established at:
witness_checkorder+0x461
__mtx_lock_flags+0x98
dsp_mmap_single+0x151
vm_mmap_cdev+0x65
devfs_mmap_f+0x143
kern_mmap_req+0x594
sys_mmap+0x46
amd64_syscall+0x12e
fast_syscall_common+0xf8
lock order pcm play channel -> pcm record channel attempted at:
witness_checkorder+0xd82
__mtx_lock_flags+0x98
uaudio_chan_play_callback+0xeb
usbd_callback_wrapper+0x7ec
usb_command_wrapper+0x7e
usb_callback_proc+0x8e
usb_process+0xf3
fork_exit+0x80
fork_trampoline+0xe
Found by: Stefan Ehmann <shoesoft@gmx.net>
Sponsored by: Mellanox Technologies // NVIDIA Networking
Martin Matuska [Mon, 15 Feb 2021 08:10:01 +0000 (09:10 +0100)]
zfs: Avoid updating the L2ARC device header unnecessarily
From openzfs-master 0ae184a6b commit message:
If we do not write any buffers to the cache device and the evict hand
has not advanced do not update the cache device header.
Martin Matuska [Mon, 15 Feb 2021 07:40:27 +0000 (08:40 +0100)]
zfs: fix RAIDZ2/3 not healing parity with 2+ bad disks
From openzfs-master 62d4287f2 commit message:
When scrubbing, (non-sequential) resilvering, or correcting a checksum
error using RAIDZ parity, ZFS should heal any incorrect RAIDZ parity by
overwriting it. For example, if P disks are silently corrupted (P being
the number of failures tolerated; e.g. RAIDZ2 has P=2), `zpool scrub`
should detect and heal all the bad state on these disks, including
parity. This way if there is a subsequent failure we are fully
protected.
With RAIDZ2 or RAIDZ3, a block can have silent damage to a parity
sector, and also damage (silent or known) to a data sector. In this
case the parity should be healed but it is not.
Neel Chauhan [Tue, 2 Feb 2021 21:24:17 +0000 (13:24 -0800)]
Allow setting alias port ranges in libalias and ipfw.
This will allow a system to be a true RFC 6598 NAT444 setup, where each
network segment (e.g. user, subnet) can have their own dedicated port
aliasing ranges.
Kristof Provost [Mon, 8 Feb 2021 09:04:27 +0000 (10:04 +0100)]
Widen ifnet_detach_sxlock coverage
Widen the ifnet_detach_sxlock to cover the entire vnet sysuninit code.
This ensures that we can't end up having the vnet_sysuninit free the UDP
pcb while the detach code is running and trying to purge the UDP pcb.
Toomas Soome [Mon, 8 Feb 2021 18:49:09 +0000 (20:49 +0200)]
loader: remove BORDER_PIXELS
BORDER_PIXELS is left over from picking up the source from illumos
port. Since FreeBSD VT does not use border in terminal size
calculation, there is no reason why should loader use it.
Alex Richardson [Tue, 19 Jan 2021 11:35:07 +0000 (11:35 +0000)]
usr.bin/grep: Fix Address OOB read error
I found this when compiling all the bootstrap tools with -fsanitize=addres:
==65590==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62d000008400 at pc 0x000000473053 bp 0x7ffc1c7dd910 sp 0x7ffc1c7dd0b8
READ of size 32769 at 0x62d000008400 thread T0
#0 0x473052 in regexec (/local/scratch/alr48/cheri/build/freebsd-amd64-build/local/scratch/alr48/cheri/freebsd/amd64.amd64/tmp/legacy/bin/grep+0x473052)
#1 0x4c9cf3 in procline /local/scratch/alr48/cheri/freebsd/usr.bin/grep/util.c:539:8
#2 0x4c8687 in procfile /local/scratch/alr48/cheri/freebsd/usr.bin/grep/util.c:379:18
#3 0x4c6596 in main /local/scratch/alr48/cheri/freebsd/usr.bin/grep/grep.c:714:8
0x62d000008400 is located 0 bytes to the right of 32768-byte region [0x62d000000400,0x62d000008400)
allocated by thread T0 here:
#0 0x493d5d in malloc (/local/scratch/alr48/cheri/build/freebsd-amd64-build/local/scratch/alr48/cheri/freebsd/amd64.amd64/tmp/legacy/bin/grep+0x493d5d)
#1 0x4cad75 in grep_malloc /local/scratch/alr48/cheri/freebsd/usr.bin/grep/util.c:656:13
#2 0x4c8129 in procfile /local/scratch/alr48/cheri/freebsd/usr.bin/grep/util.c
#3 0x4c6596 in main /local/scratch/alr48/cheri/freebsd/usr.bin/grep/grep.c:714:8
SUMMARY: AddressSanitizer: heap-buffer-overflow (/local/scratch/alr48/cheri/build/freebsd-amd64-build/local/scratch/alr48/cheri/freebsd/amd64.amd64/tmp/legacy/bin/grep+0x473052) in regexec
Kyle Evans [Fri, 12 Feb 2021 19:19:43 +0000 (13:19 -0600)]
inetd: fix unix sockaddr's length assignment
unsz was always exactly '1' here due to an unfortunate mispositioning
of closing parenthesis. While it's generally irrelevant because bind(2)
is passed the (accurate) sep->se_ctrladdr_size instead, it's not very
helpful for anything locally that wants to use it rather than assuming
that sep->se_ctrladdr_size perfectly fits the end of sun_path.
Just drop unsz entirely and use the result of SUN_LEN() for it.
Kyle Evans [Wed, 10 Feb 2021 15:10:52 +0000 (09:10 -0600)]
fmtree: add a deprecation notice to the manpage
Note that this mtree(8) is actually installed as fmtree(8), while
mtree(8) is located in ^/contrib/mtree -- thus, the reference to
mtree(8) makes a lot more sense in the context in which folks would
actually notice it. Shout-out to Ravi for pointing out that this may
not be an obvious fact.
Michael Chiu [Mon, 15 Feb 2021 00:38:26 +0000 (00:38 +0000)]
ifconfig: fix incorrect wg allowed-ips netmask
Currently when peer information is displayed with `ifconfig wgN peer ..`
or `ifconfig wgN peer-list`, the netmask of the first `allowed-ips` will
be used as the netmask of all CIDR in `allowed-ips`. For example, if
the list is `192.168.1.0/24, 172.16.0.0/16`, it will display as
`192.168.1.0/24, 172.16.0.0/24`. While this does not affect the actual
functionality, it is very confusing.
57785538c6e0d7e8ca0f161ab95bae10fd304047 change the test for FreeBSD
from __FreeBSD_version to __FreeBSD__. However this test was performed
before sys/param.h was included, therefore __FreeBSD_version was never
defined. As the test was never true opt_random_ip_id.h was never included.
ipfilter: Use the softn (NAT softc) host map size in ip_nat6 calculation.
The ipfilter NAT table host map size is a tunable that defaults to
a macro value defined at build time. HOSTMAP_SIZE is saved in softn
(the ipnat softc) at initialization. It can be tuned (changed) at runtime
using the ipf -T command. If the hostmap_size tunable is adjusted the
calculation to determine where to put new entries in the table was
incorrect. Use the tunable in the NAT softc instead of the static build
time value.
Indentation cleanup resulting from the cleanup of #ifdefs.
The conscious decision was made not to perform any indentation or
whitespace cleanup while cleaning out old redunant #ifdefs. The
reason for this was to avoid confusing future readers of history and
diffs with cosmetic changes, making bisection of any possible bugs
introduced more difficult. This commit cleans up the whitespace
detritus left behind from the previous #ifdef cleanup commits.
In the old days when K&R C and STD C were each in use a workaround
(read hack) was required to allow the same code to work on each
without modification. All C compilers support STD C. We can finally
put the __P prototype to rest.
Mark Johnston [Mon, 8 Feb 2021 14:19:10 +0000 (09:19 -0500)]
armv8crypto: Extract GCM state into a structure
This makes it easier to refactor the GCM code to operate on
crypto_buffer_cursors rather than plain contiguous buffers, with the aim
of minimizing the amount of copying and zeroing done today.
iflib: Free resources in a consistent order during detach
Memory and PCI resources are freed with no particular order. This could
cause use-after-frees when detaching following a failed attach. For
instance, iflib_tx_structures_free() frees ctx->ifc_txqs[] but
iflib_tqg_detach() attempts to access this array. Similarly, adapter
queues gets freed by IFDI_QUEUES_FREE() but IFDI_DETACH() attempts to
access adapter queues to free PCI resources.
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D27634
A BIOS bug may apparently cause the BSP to report that it does not
implement CMCI, with some APs reporting that they do. In this scenario,
avoid a NULL pointer dereference that occurs in cmci_monitor() because
cmc_state was not allocated by the BSP.
Mark Johnston [Thu, 11 Feb 2021 15:16:59 +0000 (10:16 -0500)]
mlx4, mthca: Silence warnings about no-op alignment operations
Since commit 8fa6abb6f4f64f ("Expose clang's alignment builtins and use
them for roundup2/rounddown2"), clang emits warnings for several
alignment operations in these drivers because the operation is a no-op.
The compiler is arguably being too strict here, but in the meantime
let's silence the warnings by conditionally compiling the alignment
operations.
o unit-tests: use private TMPDIR to avoid errors from other users
o avoid strdup in mkTempFile
o always use vfork
o job.c: do not create empty shell files in jobs mode
reduce unnecessary calls to waitpid
o cond.c: fix debug output for comparison operators in conditionals
The lookup for a IPv6 multicast addresses corresponding to
the destination address in the datagram is protected by the
NET_EPOCH section. Access to each PCB is protected by INP_RLOCK
during comparing. But access to socket's so_options field is
not protected. And in some cases it is possible, that PCB
pointer is still valid, but inp_socket is not. The patch wides
lock holding to protect access to inp_socket. It copies locking
strategy from IPv4 UDP handling.
[udp] fix possible mbuf and lock leak in udp_input().
In error case we can leave `inp' locked, also we need to free
mbuf chain `m' in the same case. Release the lock and use `badunlocked'
label to exit with freed mbuf. Also modify UDP error statistic to
match the IPv6 code.
Remove redundant INP_RUNLOCK() from the `if (last == NULL)' block,
there are no ways to reach this point with locked `inp'.
Ed Maste [Fri, 12 Feb 2021 03:21:40 +0000 (22:21 -0500)]
ssh: remove unused variable
This was introduced in 03f6c5cd93ec, which added use of
sysctl net.inet.ip.portrange.reservedhigh instead of IPPORT_RESERVED,
but it appears the rest of that change was lost in some subsequent
update.
The change should probably be restored, but until then there is no
reason to leave an unused variable around.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Ed Maste [Fri, 12 Feb 2021 14:09:00 +0000 (09:09 -0500)]
ssh: remove ssh-hpn leftovers
This was introduced in 8998619212f3a, and left behind when the hpn-ssh
patches were removed in 60c59fad8806. Although Being able to log
SO_RCVBUF in debug mode might have some small value on its own, it's
not worth carrying an extra diff against upstream.
Reviewed by: kevans
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28610
The case of adding interface route by specifying interface
address as the gateway was missed during code refactoring.
Re-add it back by copying non-AF_LINK gateway data when RTF_GATEWAY
is not set.
Mark Johnston [Wed, 10 Feb 2021 16:10:27 +0000 (11:10 -0500)]
vm: Honour the "noreuse" flag to vm_page_unwire_managed()
This flag indicates that the page should be enqueued near the head of
the inactive queue, skipping the LRU queue. It is used when unwiring
pages from the buffer cache following direct I/O or after I/O when
POSIX_FADV_NOREUSE or _DONTNEED advice was specified, or when
sendfile(SF_NOCACHE) completes. For the direct I/O and sendfile cases
we only enqueue the page if we decide not to free it, typically because
it's mapped.
Pass "noreuse" through to vm_page_release_toq() so that we actually
honour the desired LRU policy for these scenarios.
Mark Johnston [Mon, 8 Feb 2021 14:19:07 +0000 (09:19 -0500)]
armv8crypto: Fix some edge cases in the AES-GCM implementation
- We were only hashing up to the first 16 bytes of the AAD.
- When computing the digest during decryption, handle the case where
len == trailer, i.e., len < AES_BLOCK_LEN, properly.
While here:
- trailer is always smaller than AES_BLOCK_LEN, so remove a pair of
unnecessary modulus operations.
- Replace some byte-by-byte loops with memcpy() and memset() calls.
In particular, zero the full block before copying a partial block into
it since we do that elsewhere and it means that the memset() length is
known at compile time.
Michal Meloun [Thu, 21 Jan 2021 14:06:19 +0000 (15:06 +0100)]
dwmmc: Multiple busdma fixes.
- limit maximum segment size to 2048 bytes. Although dwmmc supports a buffer
fragment with a maximum length of 4095 bytes, use the nearest lower power
of two as the maximum fragment size. Otherwise, busdma create excessive
buffer fragments.
- fix off by one error in computation of the maximum data transfer length.
- in addition, reserve two DMA descriptors that can be used by busdma
bouncing. The beginning or end of the buffer can be misaligned.
- Don’t ignore errors passed to bus_dmamap_load() callback function.
- In theory, a DMA engine may be running at time when next dma descriptor is
constructed. Create a full DMA descriptor before OWN bit is set.
Michal Meloun [Sat, 23 Jan 2021 20:19:07 +0000 (21:19 +0100)]
arm64: Initialize VFP control register.
The RW fields in this register reset to architecturally unknown values,
so initialize these to the proper rounding and denormal mode.
MFC after: 1 week
Warner Losh [Mon, 8 Feb 2021 19:29:20 +0000 (12:29 -0700)]
hid: bump HID_ITEM_MAXUSAGES to 8
My YOGA requires a minimum of 7 to parse w/o an error. Since the memory savings
are trivial and the yoga a popular system, bump the default up to 8. There's no
API/ABI issues in doing this. This hid_item struct isn't exported to userland
and the one libusbhid has is different and only shares a name...
MFC After: 3 days
Reviewed by: wulf@
Differential Revision: https://reviews.freebsd.org/D28543
Warner Losh [Mon, 8 Feb 2021 21:43:25 +0000 (14:43 -0700)]
acpi: limit the AMDI0020/AMDI0010 workaround to an option
It appears that production versions of EPYC firmware get the _STA method right
for these nodes. In fact, this workaround breaks on production hardware by
including too many uart nodes. This work around was for pre-release hardware
that wound up not having a large deployment. Move this work around to a kernel
option since the machines that needed it have been powered off and are difficult
to resurrect. Should there be a more significant deployment than is understood,
we can restrict it based on smbios strings.
Discussed with: mmacy@, seanc@, jhb@
MFC After: 3 days
Kyle Evans [Mon, 8 Feb 2021 18:31:17 +0000 (12:31 -0600)]
grep: fix -A handling in conjunction with -m match limitation
The basic issue here is that grep, when given -m 1, would stop all
line processing once it hit the match count and exit immediately. The
problem with exiting immediately is that -A processing only happens when
subsequent lines are processed and do not match.
The fix here is relatively easy; when bsdgrep matches a line, it resets
the 'tail' of the matching context to the value supplied to -A and
dumps anything that's been queued up for -B. After the current line has
been printed and tail is reset, we check our mcount and do what's
needed. Therefore, at the time that we decide we're doing nothing, we
know that 'tail' of the context is correct and we can simply continue
on if there's still more to pick up.
With this change, we still bail out immediately if there's been no -A
flag. If -A was supplied, we signal that we should continue on. However,
subsequent lines will not even bothere to try and process the line. We
have reached the match count, so even if the next line would match then
we must process it if it hadn't. Thus, the loop in procfile() can
short-circuit and just process the line as a non-match until
procmatches() indicates that it's safe to stop.
A test has been added to reflect both that we should be picking up the
next line and that the next line should be considered a non-match even
if it should have been.
Kyle Evans [Thu, 4 Feb 2021 21:26:45 +0000 (15:26 -0600)]
grep: fix null pattern and empty pattern file behavior
The null pattern semantics were terrible because I tried to match gnugrep,
but I got it wrong. Let's unwind that:
- The null pattern should match every line if neither -w nor -x.
- The null pattern should match empty lines if -x.
- The null pattern should not match any lines if -w.
The first two will stop processing (shortcut) even if additional patterns
are specified. In any other case, we will continue processing other
patterns. If no other patterns are specified beside a null pattern, then
we match if neither -w nor -x or set and do not match if either of those
are specified.
The justification for -w is that it should match on a whole word, but the
null pattern deos not have a whole word to match on.
Empty pattern files should never match anything, and more importantly, -v
should cause everything to be written.
Brandon Bergren [Sun, 7 Feb 2021 22:05:41 +0000 (16:05 -0600)]
powerpc64: Fix boot on virtual-mode OF (PowerMac G5)
In 78599c32efed3247d165302a1fbe8d9203e38974, CFI endproc decoration was
added to locore64.S. However, it missed the subtle detail that
__restartkernel_virtual() falls through to __restartkernel(). This was
causing boot failure on PowerMac G5, as it tried to execute the
epilogue as code.
Fix this by branching to __restartkernel() instead of intentionally
running off the end of the function.
While here, add some additional notes on how the virtual mode restart
works.
Antonio Russo [Mon, 8 Feb 2021 17:15:05 +0000 (10:15 -0700)]
Set file mode during zfs_write
Apply https://github.com/openzfs/zfs/pull/11576
Direct commit from upstream openzfs. Full commit message below:
Set file mode during zfs_write
3d40b65 refactored zfs_vnops.c, which shared much code verbatim between
Linux and BSD. After a successful write, the suid/sgid bits are reset,
and the mode to be written is stored in newmode. On Linux, this was
propagated to both the in-memory inode and znode, which is then updated
with sa_update.
3d40b65 accidentally removed the initialization of newmode, which
happened to occur on the same line as the inode update (which has been
moved out of the function).
The uninitialized newmode can be saved to disk, leading to a crash on
stat() of that file, in addition to a merely incorrect file mode.
Reviewed-by: Ryan Moeller <ryan@ixsystems.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Antonio Russo <aerusso@aerusso.net>
Closes #11474
Closes #11576
Obtained from: openzfs/zfs@f8ce8aed0
MFC after: 0 days
Sponsored by: iXsystems, Inc.
John Baldwin [Wed, 3 Feb 2021 22:59:32 +0000 (14:59 -0800)]
serf: Fix the default return value of the BIO control method.
OpenSSL BIO classes provide an abstraction for dealing with I/O.
OpenSSL provides BIO classes for commonly used I/O primitives backed
by file descriptors, sockets, etc. as well as permitting consumers
of OpenSSL to define custom BIO classes.
One of the methods BIO classes implement is a control method invoked
by BIO_ctrl() for various ancilliary tasks somewhat analgous to
fcntl() and ioctl() on file descriptors. According to the BIO_ctrl(3)
manual page, control methods should return 0 for unknown control
requests.
KTLS support in OpenSSL adds new control requests. Two of those new
requests are queries to determine if KTLS is enabled for either
reading or writing. These control reuquest return 1 if KTLS is
enabled and 0 if it is not.
serf includes two custom BIO classes for wrapping I/O requests from
files and from a buffer in memory. These BIO classes both use a
custom control method. However, this custom control method was
returning 1 for unknown or unsupported control requests instead of 0.
As a result, OpenSSL with KTLS believed that these BIOs were using
KTLS and were thus adding headers and doing encryption/decryption in
the BIO. Correcting the return value removes this confusion.
Gleb Smirnoff [Thu, 28 Jan 2021 21:08:48 +0000 (13:08 -0800)]
Catch up with 6edfd179c86: mechanically rename IFCAP_NOMAP to IFCAP_MEXTPG.
Originally IFCAP_NOMAP meant that the mbuf has external storage pointer
that points to unmapped address. Then, this was extended to array of
such pointers. Then, such mbufs were augmented with header/trailer.
Basically, extended mbufs are extended, and set of features is subject
to change. The new name should be generic enough to avoid further
renaming.
Glen Barber [Fri, 5 Feb 2021 16:46:49 +0000 (11:46 -0500)]
release: disable the 'reldoc' target after the ASCIIDoctor switch
The 'reldoc' target includes release-related documentation on
installation medium. Since the switch from XML to ASCIIDoctor,
the file locations have moved, and it will take some time to sort
out how this target should work now.
Peter Grehan [Wed, 3 Feb 2021 09:05:09 +0000 (19:05 +1000)]
Always clamp curve25519 keys prior to use.
This fixes an issue where a private key contained bits that should
have been cleared by the clamping process, but were passed through
to the scalar multiplication routine and resulted in an invalid
public key.
Issue diagnosed (and an initial fix proposed) by shamaz.mazum in
PR 252894.
Piotr Kubaj [Sat, 6 Feb 2021 02:21:55 +0000 (03:21 +0100)]
powerpc64le: readd COMPAT_FREEBSD11 and COMPAT_FREEBSD12
lang/rust needs COMPAT_FREEBSD11 to build, even though powerpc64le itself is supported only since 13.0.
I also corrected a comment, because if we ever have lib32 for powerpc64le, it will be for powerpcle.
Second attempt after revert of a previous commit that affected files
with similar names in unrelated directories.
Thanks go to Martin Birgmaier for reporting the issue and identifying
the cause of git getting confused: files from the root of the vendor
files were associated with files in the FreeBSD base root directory.
Martin Birgmaier points out that to make this cherry-pick succeed,
the option -Xsubtree=contrib/bc has to be passed to prevent files
outside that path to be considered.
Seems that git cherry-pick mis-merges files for this software.
It associates files in completely unrelated sub-trees with same name
files from this package, e.g. README.md and .gitignore.
My attempt to fix the mis-merge was incomplete and wrong.
Therefore I'm reverting the commit that as a result of my failed
attempt at conflict resolution lead to README.md and .gitignore
in the top source directory to be deleted.
This mistake has been carried over to releng/13.0, which now
also lacks README.md and .gitignore in /usr/src.
I'll try to re-apply the failed commit over the next hours and to get
the fix merged to releng/13.0 with re approval.
Glen Barber [Fri, 5 Feb 2021 16:38:27 +0000 (11:38 -0500)]
param.h: fix __FreeBSD_version convention
Note, this has the side effect of __FreeBSD_version going backwards.
If this causes too many problems, I will bump it to 1301500 with
a comment in the file as a reminder for 13.1.
Submitted by: Ka Ho Ng
Sponsored by: Rubicon Communications, LLC ("Netgate")