hier(7): remove entry for non-existent /usr/compat
This is historical (?), but today /compat is the default according to
linux(4). The only remaining reference to /usr/compat in the src tree is
under tools/test/stress2.
Add a next-level entry for /compat/linux.
PR: 261349
Reviewed by: grahamperrin, karels, dchagin
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40876
John Baldwin [Wed, 5 Jul 2023 23:00:47 +0000 (16:00 -0700)]
ddb: Rework macros to make it easier to add new command tables.
- Add new DB_DEFINE_TABLE and DB_DECLARE_TABLE macros to define new
command tables. DB_DECLARE_TABLE is intended for use in headers
similar to MALLOC_DECLARE and SYSCTL_DECL.
DB_DEFINE_TABLE takes three arguments, the name of the parent table,
the command name, and the name of the table itself, e.g.
DB_DEFINE_TABLE(show, foo, show_foo) defines a new "show foo" table.
- DB_TABLE_COMMAND, DB_TABLE_COMMAND_FLAGS, DB_TABLE_ALIAS, and
DB_ALIAS_FLAGS allow new commands and aliases to be defined. These
are similar to the existing DB_COMMAND, etc. except that they take
an initial argument giving the name of the parent table, e.g.:
DB_TABLE_COMMAND(show_foo, bar, db_show_foo_bar)
defines a new "show foo bar" command.
This provides a cleaner interface than the ad-hoc use of internal
macros like _DB_SET that was required previously (e.g. in cxgbe(4)).
This retires DB_FUNC macro as well as the internal _DB_FUNC macro.
Alan Somers [Wed, 5 Jul 2023 22:37:39 +0000 (16:37 -0600)]
Fix the zfsd_autoreplace_001_neg test
It only ever worked by accident.
* Actually set autoreplace=off as stated in the description
* Wait for the removed device to disappear from the pool before
proceeding.
* In the assertion, verify that the new disk does not get added, as
described in the description.
Pierre Pronchery [Fri, 30 Jun 2023 17:23:57 +0000 (19:23 +0200)]
libcrypto: group definitions for libcrypto and fips
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. This
change makes sure the FIPS module matches build instructions used for
libcrypto.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
Pierre Pronchery [Fri, 30 Jun 2023 17:20:31 +0000 (19:20 +0200)]
libcrypto: expand the common Makefile for providers
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. This
change adds mandatory source files to every provider.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
Pierre Pronchery [Thu, 29 Jun 2023 22:24:33 +0000 (00:24 +0200)]
libcrypto: add missing symbols to the fips provider
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. One
such provider, "fips", ships with OpenSSL 3 directly, and groups
algorithms that can be FIPS 140-2 validated.
The import of OpenSSL 3.0.9 was building this provider incorrectly,
missing symbols required for proper operation.
In addition, without the change in OpenSSL's crypto/bn/bn_const.c, the
FIPS module fails loading: `Undefined symbol "ossl_bignum_modp_1536_p"`.
This change is consistent with crypto/bn/bn_dh.c though.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
Pierre Pronchery [Thu, 29 Jun 2023 21:32:59 +0000 (23:32 +0200)]
libcrypto: add missing symbols to the legacy provider
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. One
such provider, "legacy", ships with OpenSSL 3 directly, and groups
obsoleted algorithms that can still optionally be used anyway.
The import of OpenSSL 3.0.9 was building this provider incorrectly,
missing symbols required for proper operation.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
Andrew Turner [Mon, 3 Jul 2023 09:38:10 +0000 (10:38 +0100)]
arm64: Fix a use of update_lower_register
In get_kernel_reg_masked we use update_lower_register to get the lower
value of two registers for a given field. It will return the entire
register value with just the single field updated.
Because of this get_kernel_reg_masked needs to use the returned value
directly rather than ORing each field together. Fix this by updating
the mask and returning that from get_kernel_reg_masked.
Reviewed by: markj
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D40846
Pierre Pronchery [Fri, 30 Jun 2023 17:23:57 +0000 (19:23 +0200)]
libcrypto: group definitions for libcrypto and fips
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. This
change makes sure the FIPS module matches build instructions used for
libcrypto.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
Pierre Pronchery [Fri, 30 Jun 2023 17:20:31 +0000 (19:20 +0200)]
libcrypto: expand the common Makefile for providers
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. This
change adds mandatory source files to every provider.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
Pierre Pronchery [Thu, 29 Jun 2023 22:24:33 +0000 (00:24 +0200)]
libcrypto: add missing symbols to the fips provider
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. One
such provider, "fips", ships with OpenSSL 3 directly, and groups
algorithms that can be FIPS 140-2 validated.
The import of OpenSSL 3.0.9 was building this provider incorrectly,
missing symbols required for proper operation.
In addition, without the change in OpenSSL's crypto/bn/bn_const.c, the
FIPS module fails loading: `Undefined symbol "ossl_bignum_modp_1536_p"`.
This change is consistent with crypto/bn/bn_dh.c though.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
Pierre Pronchery [Thu, 29 Jun 2023 21:32:59 +0000 (23:32 +0200)]
libcrypto: add missing symbols to the legacy provider
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. One
such provider, "legacy", ships with OpenSSL 3 directly, and groups
obsoleted algorithms that can still optionally be used anyway.
The import of OpenSSL 3.0.9 was building this provider incorrectly,
missing symbols required for proper operation.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
When ena_detach is called, we first call ether_ifdetach(),
which destroys internal addresses of ifp. One such address
is ifp->if_addr->ifa_addr. Then during ena_destroy_device(),
if_link_state_change() is called, eventually trying to access
ifp->if_addr->ifa_addr->sa_family. This causes an access
to garbage memory and crashes the kernel.
Ticket [1] was opened to the FreeBSD community to add null
check in the code of if_link_state_change().
A fix was submitted in commit [2], however it was noted
that it is our driver's responsibilty to not call
if_link_state_change() after calling ether_ifdetach().
This commit makes sure if_link_state_change() is not called
after ether_ifdetach().
Fixes: 9b8d05b8ac78 ("Add support for Amazon Elastic Network Adapter (ENA) NIC") Fixes: 30217e2dff10 ("Rework counting of hardware statistics in ENA driver")
MFC after: 2 weeks
Sponsored by: Amazon, Inc.
When we are sending terminating signal to the group, killpg() needs to
guarantee that all group members are to be terminated (it does not need
to ensure that they are terminated on return from killpg()). The
pg_killsx change eliminates the largest window there, but still, if a
multithreaded process is signalled, the following could happen:
- thread 1 is selected for the signal delivery and gets descheduled
- thread 2 waits for pg_killsx lock, obtains it and forks
- thread 1 continue executing and terminates the process
This scenario allows the child to escape still.
To fix it, count the number of signals sent to the process with
killpg(2), in p_killpg_cnt variable, which is incremented in killpg()
and decremented after signal handler frame is created or in exit1()
after single-threading. This way we avoid forking if the termination is
due.
Noted and reviewed by: markj (previous version)
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D40493
If the process group member performs fork(), the child could escape
signalling from killpg(). Prevent it by introducing an sx process group
lock pg_killsx which is taken interruptibly shared around fork. If there
is a pending signal, do the trip through userspace with ERESTART to
handle signal ASTs. The lock is taken exclusively during killpg().
The lock is also locked exclusive when the process changes group
membership, to avoid escaping a signal by this means, by ensuring that
the process group is stable during fork.
Note that the new lock is before proctree lock, so in some situations we
could only do trylocking to obtain it.
This relatively simple approach cannot work for REAP_KILL, because
process potentially belongs to more than one reaper tree by having
sub-reapers.
lib/libc/string: replace ffs/fls implementations with clang builtins
Most architectures we support (except for riscv64) have instructions
to compute these functions very quickly. Replace old code with the
ffs and clz builtin functions, allowing clang to generate good code
for all architectures.
As a consequence, toss out arm and i386 ffs() implementations.
If we're called on an mbuf that's passed through codel before it may
already contain the MTAG_CODEL tag. The code accounts for this and does
not allocate a new mtag. However, it inserts the mtag unconditionally.
That is, it inserts the existing mtag a second time.
When the mbuf later gets freed we iterate over the list of mtags to fee
them one by one, and we'll end up freeing an mtag that's already been
freed.
Only insert the mtag if we've allocated a new one. If we found one
there's no need to insert it again.
See also: https://redmine.pfsense.org/issues/14497
Sponsored by: Rubicon Communications, LLC ("Netgate")
When libc switched to generation of logs as per RFC 5424,
that change broke application ability to insert specific process id
using ident[N] format, the feature existed for decades.
Some processes rely on it (including logger and syslogd).
Later the regression was fixed but the feature remained undocumented.
This change documents it.
Michael Tuexen [Sun, 2 Jul 2023 01:08:51 +0000 (03:08 +0200)]
dtrace: improve siftr probe
Improve consistency of the field names with tcpsinfo_t:
* Use mss instead of max_seg_size.
* Use lport and rport instead of tcp_localport and tcp_foreignport.
Use t_flags instead of flags to improve consistency with t_flags2.
Add laddr and raddr, since the addresses were missing when compared
to the output of siftr.
Reviewed by: cc
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D40834
We have somewhat twisted logic to determine actions for dumpdev
considering three sources of information:
* kenv "dumpdev" tunnable supposed to point to specific device;
* /etc/defaults/rc.conf "dumpdev" variable;
* /etc/rc.conf that may be unset or set to "NO", "AUTO" or device name.
For CURRENT without any setting in kenv or /etc/rc.conf
the default is "AUTO". For STABLE branches the default is "NO".
Current implementation breaks for STABLE branches if kenv points
to specific device but /etc/rc.conf does not set "dumpdev" at all.
Let us fix it commenting out "dumpdev" in /etc/defaults/rc.conf
for STABLE branches and making the code to consult kenv
if "dumpdev" is not set elsewhere.
Ka Ho Ng [Sat, 1 Jul 2023 19:41:53 +0000 (15:41 -0400)]
modules: bzero the modspecific_t
Per https://reviews.llvm.org/D68115, only the first field is
zero-initialized, meanwhile other fields are undef.
The pattern can be observed on clang as well, that when
-ftrivial-auto-var-init=pattern is specified 0xaa is filled for
non-active fields, otherwise they are zero-initialized.
Technically both are acceptable when using clang. However it
would be good to simply bzero the modspecific_t in such case to
be strict to the standard.
MFC with: 2cab2d43b83b
MFC after: 1 day
Sponsored by: Juniper Networks, Inc.
Reviewed by: delphij
Differential Revision: https://reviews.freebsd.org/D40830
John Baldwin [Sat, 1 Jul 2023 19:22:44 +0000 (12:22 -0700)]
sys: Add [u]divmoddi4 intrinsics on i386.
GCC 12 uses these in several places when building the i386 kernel.
They are very similar to [u]divdiv3 except that they return both
the quotient and the remainder.
John Baldwin [Sat, 1 Jul 2023 19:21:13 +0000 (12:21 -0700)]
sys: Switch the kernel's C standard from C99 to GNU99.
This matches the default used in userland, and the kernel already
depends on various GNU extensions to standard C that are supported by
both clang and GCC.
This should be a no-op for clang, but for GCC it enables some GNU
extensions that aren't otherwise enabled. It also enables GCC for
i386 to avoid the need for a floatundidf intrinsic in libkern.
superio+nctgpio: Prepare to support some new (weird) chips
- Increase verbosity to direct i/o code path (iores != 0)
- Fix pin inversion configuration
- Allow forcing the use of indirect access channel via hint.gpio.0.flags=2
- Document the PREFER_INDIRECT_CHANNEL tunable in nctgpio(4)
bios: Don't keep sending BIO_FLUSH after first ENOTSUPP.
When a storage device reports that it does not support cache flush, the
GEOM disk layer by default returns ENOTSUPP in response to a BIO_FLUSH
command.
On AWS, local volumes do not advertise themselves as having write-cache
enabled. When they are selected for L3 on all HDD nodes, the L3
subsystem may inadvertently kick these L3 devices if a BIO_FLUSH command
fails with an ENOTSUPP return code. The fix is to make GEOM disk return
success (0) when this condition occurs and add a sysctl to make this
error handling config-driven
Notable upstream pull request merges:
#14654 Pack our DDT ZAPs a bit denser
#14979 Again fix race between zil_commit() and zil_suspend()
#14985 Some ZIO micro-optimizations
#15000 Fix remount when setting multiple properties
#15004 ddt_addref: remove unnecessary phys fill when refcount is 0
#15007 Do not report bytes skipped by scan as issued
#15023 Enable tuning of ZVOL open timeout value
Michael Tuexen [Sat, 1 Jul 2023 07:50:54 +0000 (09:50 +0200)]
siftr: unbreak dtrace support
This patch adds back some fields needed by the siftr probe, which were
removed in
https://cgit.freebsd.org/src/commit/?id=aa61cff4249c92689d7a1f15db49d65d082184cb
With this fix, you can run dtrace scripts again when the siftr
module is loaded. And the siftr probe works again.
Reviewed by: rscheff
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D40826
csu: Add the prologue and epilogue to the _init and _fini on x86_64
Normally, modern unwinders uses Dwarf information to unwind stack,
however in case when the code is not annotated by Dwarf instructions,
unwinders fallbacks to a frame-pointer based algorithm.
That is allows libunwind to unwind stack from global constructors and
destructors. Also it makes gdb happy as it printed nonexistent frame
before.
rtld: Add a stop indicator to rtld_start to satisfy unwinders on x86_64
The right unwinding stop indicator should be CFI-undefined PC.
https://dwarfstd.org/doc/Dwarf3.pdf - page 118:
If a Return Address register is defined in the virtual unwind table,
and its rule is undefined (for example, by DW_CFA_undefined), then
there is no return address and no call address, and the virtual
unwind of stack activations is complete.
That is allows gdb and libunwind successfully stop when unwinding stack
from global constructors and destructors.
Michael Tuexen [Sat, 1 Jul 2023 07:27:31 +0000 (09:27 +0200)]
dtrace: third update to the siftr probe
This adds the changes corresponding to
https://cgit.freebsd.org/src/commit/?id=60167184abd54ca12c6bf7ab60f2a08b41342f84
to the siftr probe.
This concludes the series up updates.
Reviewed by: rscheff
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D40825
Michael Tuexen [Fri, 30 Jun 2023 22:13:00 +0000 (00:13 +0200)]
siftr: document siftr probe to man page of the tcp provider
This man page documents what is currently implemented in siftr.d.
It doesn't work right now in head, but in stable/13. Follow-up
commits will fix it for head.
Reviewed by: cc, pauamma_gundo.com
MFC after: 3 days
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D40809
Michael Tuexen [Fri, 30 Jun 2023 20:15:47 +0000 (22:15 +0200)]
dtrace: fix constants used by the siftr probe
The constants used in the C code were changed in
https://svnweb.freebsd.org/changeset/base/343646
but changing them also in the dtrace translator was missed.
Reviewed by: cc, rscheff
MFC after: 3 days
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D40805