Tijl Coosemans [Wed, 15 Feb 2023 20:09:51 +0000 (21:09 +0100)]
rc.d: Generate machine-id from hostid_save
rc.d/hostid_save saves a UUID generated by rc.d/hostid in /etc/hostid.
Store the same UUID, without hyphens, in /etc/machine-id. The hypĥens
are removed with a shell function because hostid_save runs before file
systems are mounted so other tools may not be available yet.
This eliminates some duplication between hostid and machine-id and for
virtual machines machine-id now contains the UUID configured in the
hypervisor like it does on Linux.
When CVE-2022-3437 was fixed by changing memcmp to be a constant
time and the workaround for th e compiler was to add "!=0". However
the logic implmented was inverted resulting in CVE-2022-4152.
Colin Percival [Sun, 5 Mar 2023 20:10:57 +0000 (12:10 -0800)]
linux_80211: Don't dequeue lsta if not queued
This fixes an instapanic when restarting wpa_supplicant on my laptop's
iwlwifi device. After this change, iwlwifi enters a nonfunctional
state if wpa_supplicant is restarted, but "service netif restart wlan0"
is enough to get it working again.
Mitchell Horne [Fri, 24 Feb 2023 17:19:54 +0000 (13:19 -0400)]
bcm_dma: don't dereference NULL softc
This file defines a small API to be used by other drivers. If any of
these functions are called before the bcm_dma device has attached we
should handle the error gracefully. Fix a formatting quirk while here.
Reviewed by: manu
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D38756
Mark Millard [Fri, 17 Feb 2023 20:30:35 +0000 (16:30 -0400)]
bcm_dma: attach at an earlier bus pass
The sdhci_bcm driver attach routine relies on bcm_dma already being
attached, in order to allocate a DMA channel. However, both drivers
attached at the default pass so this is not guaranteed. Newer RPI
firmware exposes this assumption, and the result is a NULL-dereference
in bcm_dma_allocate().
Mitchell Horne [Wed, 22 Feb 2023 15:11:15 +0000 (11:11 -0400)]
lockmgr: upgrade panic return checks
We short-circuit lockmgr functions in the face of a kernel panic. Other
lock implementations do this with a SCHEDULER_STOPPED() check, which
covers the additional case where the debugger is active but the system
has not panicked. Update this code to match that behaviour.
Xin LI [Sun, 5 Mar 2023 09:40:13 +0000 (01:40 -0800)]
xz: Improve compatibility with systems without capability mode support
When the kernel is built without capability mode support, or when
using an emulator like qemu-user-static that does not translate
system calls, these calls will return a negative number and set
the errno to ENOSYS. However, this error does not indicate a
real programming or runtime error and is generally ignored by
base system applications built with capability mode sandboxing.
Match this behavior by making xz(1) to ignore ENOSYS errors
when calling capability mode system calls too.
Rick Macklem [Sat, 4 Feb 2023 22:45:23 +0000 (14:45 -0800)]
vfs_mount.c: Free exports structures in vfs_destroy_mount()
During testing of exporting file systems in jails, I
noticed that the export structures on a mount
were not being free'd when the mount is dismounted.
This bug appears to have been in the system for a
very long time. It would have resulted in a slow memory
leak when exported file systems were dismounted.
Prior to r362158, freeing the structures during dismount
would not have been safe, since VFS_CHECKEXP() returned
a pointer into an export structure, which might still have been
used by the NFS server for an in-progress RPC when the file system
is dismounted. r362158 fixed this, so it should now be safe
to free the structures in vfs_mount_destroy(), which is what
this patch does.
Brooks Davis [Fri, 3 Mar 2023 16:20:18 +0000 (16:20 +0000)]
NgATM: deprecate
Support for ATM NICs was removed prior to FreeBSD 12. At the time it
was unclear if this code was still useful without it. Now the time has
come to finish removing support.
Add DREPRECATION NOTICEs to the manpages and gone_in(14, ...) warnings
in the constructors (or module init for ngatmbase).
Ed Maste [Mon, 6 Mar 2023 13:38:17 +0000 (08:38 -0500)]
Enable kernel reproducible builds on stable branch
When the stable/13 branch was created the userland knob (in
share/mk/src.opts.mk) was changed to default to yes, but the kernel
default was not changed. These two should always have the same default.
Regenerate src.conf.5, as the differing defaults previously confused
`makeman`.
Fixes: bfd15705156b ("Create the stable/13 branch")
Sponsored by: The FreeBSD Foundation
Ed Maste [Mon, 27 Feb 2023 19:13:09 +0000 (14:13 -0500)]
g_part_ebr: always create "compat" aliases
The "canonical" EBR partition names like `ada0s4+00002081` are not
particularly meaningful. The "compat" aliases share the same namespace
as the parent MBR, resulting in user-friendly names like `ada0s6`.
These names are consistent with the way Linux names EBR partitions.
We previously provided a sysctl kern.features.geom_part_ebr_compat
(enabled by default) to control the "compat" names. Remove the sysctl
and always create the aliases.
Relnotes: yes
Reviewed by: cem, imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38812
Ed Maste [Tue, 28 Feb 2023 19:17:30 +0000 (14:17 -0500)]
thunderx: fix potential sign extension issue
Coverity reported a sign extension issue on rq->caching << 26 in the
Linux ThunderX driver. (It appears Coverity Scan doesn't build arm64
objects in FreeBSD.)
As done in Linux, add a cast.
Fixes: 3c0086b81391 ("Raw import of ThunderX VNIC networking driver...")
Sponsored by: The FreeBSD Foundation
Ed Maste [Thu, 2 Mar 2023 23:54:52 +0000 (18:54 -0500)]
freebsd-update: use grep -E instead of egrep
GNU egrep emits a warning that it is obsolescent and suggests grep -E
instead. Switch to grep -E in case we end up invoking GNU (e)grep (and
for consistency with other invocations in this file).
Reported by: Steffen Nurpmeso
Sponsored by: The FreeBSD Foundation
Mike Karels [Tue, 28 Feb 2023 13:55:35 +0000 (07:55 -0600)]
growfs_fstab startup script: set dumpdev to AUTO
The growfs_fstab script has been testing dumpdev, and if it is AUTO,
enables dumps on the newly-added swap device for the initial boot.
However, dumpdev defaults to AUTO on main, but NO on stable/13 and
release branches. On the other hand, bsdinstall adds dumpdev="AUTO"
by default (controlled by a menu item). bsdinstall is not used when
booting an SD card or other disk image. Adopt the default from
bsdinstall, and set dumpdev to AUTO in /etc/rc.conf in the
growfs_fstab script if a swap partition has been added, along with
the explanatory comment added by bsdinstall.
Paul Floyd [Fri, 24 Feb 2023 16:29:01 +0000 (11:29 -0500)]
libc: handle zero alignment in memalign()
For compatibility with glibc. The previous code would trigger a division
by zero in roundup() and terminate. Instead, just pass through to
malloc() for align == 0.
Ed Maste [Wed, 14 Dec 2022 17:34:59 +0000 (12:34 -0500)]
freebsd-update: re-edit files if merge conflict markers remain
freebsd-update will open ${EDITOR} if conflicts occur while merging
updates to config files. Inform the user if they've left conflict
markers behind, and go back to editing the file.
PR: 185546
PR: 229689
Reviewed by: delphij
Approved by: re (cperciva, expedited MFC)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D37703
Kristof Provost [Tue, 14 Feb 2023 06:11:38 +0000 (07:11 +0100)]
pfsync: support deferring IPv6 packets
When we send out a deferred packet we must make sure to call
ip6_output() for IPv6 packets. If not we might end up attempting to
ip_fragment() an IPv6 packet, which could lead to us reading outside of
the mbuf.
Ed Maste [Wed, 22 Jun 2022 12:58:04 +0000 (08:58 -0400)]
Add RELRO build knob, default to enabled
Note that lld enables relro by default, so that we already had either
partial or full RELRO, depending on the state of the BIND_NOW knob.
Add a RELRO knob so that the option can be disabled if desired, and so
that builds using the GNU toolchain are equivalent to those using the
standard Clang/LLVM toolchain.
Reviewed by: markj
MFC after: 3 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D35545
Ed Maste [Mon, 13 Feb 2023 17:39:39 +0000 (12:39 -0500)]
Cirrus-CI: use makefs if root size exceeds QEMU's virtual FAT limit
We use QEMU's virtual FAT support to avoid having to create a disk
image because it is much faster, but it has a limit of about 500MB.
Artifacts produced by the GCC 12 CI job exceeded this size.
Add support for creating a FAT partition image and MBR-partitioned disk
image and use it when the file system is too large for QEMU.
In one run the Cirrus-CI LLVM test task took 1m33s using QEMU's virtual
FAT while the GCC task took 6m48s using makefs+mkimg.
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38589
Mark Johnston [Sat, 25 Sep 2021 14:15:31 +0000 (10:15 -0400)]
amd64: Avoid copying td_frame from kernel procs
When creating a new thread, we unconditionally copy td_frame from the
creating thread. For threads which never return to user mode, this is
unnecessary since td_frame just points to the base of the stack or a
random interrupt frame.
If KASAN is configured this copying may also trigger false positives
since the td_frame region may contain poisoned stack regions. It was
not noticed before since thread0 used a dummy proc0_tf trapframe, and
kernel procs are generally created by thread0. Since commit df8dd6025af88a99d34f549fa9591a9b8f9b75b1, though, we call
cpu_thread_alloc(&thread0) when initializing FPU state, which
reinitializes thread0.td_frame.
Work around the problem by not copying the frame unless the copying
thread came from user mode. While here, de-duplicate the copying and
remove redundant re(initialization) of td_frame.
Reported by: syzbot+2ec89312bffbf38d9aec@syzkaller.appspotmail.com
Reviewed by: kib
Fixes: df8dd6025af8
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32057
Reported by: David Leadbeater, G-Research
Reviewed by: gordon
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38648
Zhenlei Huang [Thu, 23 Feb 2023 18:00:09 +0000 (02:00 +0800)]
Delete obsolete Solaris compat header file stdlib.h
This drops function `getexecname()` redirection.
Historically `getexecname()` is a compatibility definition. Since
openzfs has its own implementation of function `getexecname()` in libspl
and has been merged into base, the compat header file stdlib.h is
no longer needed and should not be used.
Also without this fix libspl will end up an incompatible version of
`getprogname()` with libc. In particular, if zfs is enabled, programs
such as pgrep in /rescue can be wrongly statically linked with libspl
and will not function properly.
PR: 269738
Reviewed by: markj
Fixes: 9e5787d2284e Merge OpenZFS support in to HEAD
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D38733
Dimitry Andric [Sat, 25 Feb 2023 15:25:57 +0000 (16:25 +0100)]
Ensure .inc files are regenerated when llvm/clang tblgen binaries change
When doing a fully incremental build (with WITHOUT_CLEAN enabled), from
a commit before llvm 15 was merged (3264f6b88fce), to a commit after
that, a number of .inc files were not regenerated. This could lead to
unexpected compilation errors when these .inc files were included from
llvm-project sources, similar to:
In file included from /usr/src/contrib/llvm-project/clang/lib/CodeGen/CGBuiltin.cpp:8268:
/usr/obj/usr/src/amd64.amd64/lib/clang/libclang/clang/Basic/arm_mve_builtin_cg.inc:279:18: error: no matching constructor for initialization of 'clang::CodeGen::Address'
Address Val2 = Address(Val1, CharUnits::fromQuantity(2));
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work around this by making the .inc files dependent on the tblgen binary
used for generating them. E.g., we can relatively safely assume that if
the binary gets updated, the .inc files must also be updated. (Although
this is not 100% optimal, the gain by complicating things even more is
probaby not worth the effort.)
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D38770
netlink: make the maximum allowed netlink socket buffer runtime tunable.
Dumping large routng tables (>1M paths with multipath) require the socket
buffer which is larger than the currently defined limit.
Allow the limit to be set in runtime, similar to kern.ipc.maxsockbuf.
Reported by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
MFC after: 1 day
Dmitry Chagin [Sun, 26 Feb 2023 13:42:22 +0000 (16:42 +0300)]
linprocfs(4): Fixup process size in the /proc/pid/stat file
According to the Linux sources the kernel exposes a proces virtual
memory size via proc filesystem into the three files - stat, status
and statm. This is the struct mm->total_vm value adjusted to the
corresponding units - bytes, kilobytes and pages.
The fix is based on a fernape@ analysis.
PR: 265937
Reported by: Ray Bellis
MFC after: 3 days
Dmitry Chagin [Tue, 14 Feb 2023 14:46:33 +0000 (17:46 +0300)]
linux(4): Rename linux_timer.h to linux_time.h
To avoid confusing people, rename linux_timer.h to linux_time.h,
as linux_timer.c is the implementation of timer syscalls only,
while linux_time.c contains implementation of all stuff declared
in linux_time.h.
Dmitry Chagin [Tue, 14 Feb 2023 14:46:31 +0000 (17:46 +0300)]
linux(4): Move uselib() to i386
This obsolete system call is not supported by glibc. In ancient libc
versions (before glibc 2.0), uselib() was used to load the shared
libraries with names found in an array of names in the binary.
On Linux, since 3.15, this system call is available only when
the kernel is configured with the CONFIG_USELIB option.
It doesn't look like anyone needs this syscall for others Linuxulators,
so move it to the corresponding MD Linuxulator.
Dmitry Chagin [Tue, 14 Feb 2023 14:46:31 +0000 (17:46 +0300)]
linux(4): Cleanup sys/sysent.h from linux_util
Include sys/sysent.h directly where it needed. The linux_util.h included
in a most source files of the Linuxulator, avoid collecting a rarely used
includes here.
Dmitry Chagin [Tue, 14 Feb 2023 14:46:30 +0000 (17:46 +0300)]
linux(4): Cleanup vm includes from linux_util.h
Include vm headers directly where they needed. The linux_util.h included
in a most source files of the Linuxulator, avoid collecting a rarely used
includes here.
Mark Johnston [Tue, 7 Feb 2023 19:33:27 +0000 (14:33 -0500)]
libdwarf: Add some constants from DWARF 5
This is not exhaustive - DWARF 5 has some new enumeration types not
implemented here - but I think I caught all the ones that are extended
in DWARF 5, plus the new compilation unit type (DW_UT_*), needed when
parsing .debug_info headers.
These were useful when extending libdwarf/ctfconvert/readelf to handle
DWARF generated by gcc 12, which is version 5 by default.
Reviewed by: emaste
MFC after: 3 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38273
Corvin Köhne [Wed, 11 Aug 2021 07:58:15 +0000 (09:58 +0200)]
bhyve: add basic qemu fwcfg implementation
qemu's fwcfg and bhyve's fwctl are both used to configure ovmf. qemu's
fwcfg is much more powerfull than bhyve's fwctl. For that reason, add
support for qemu's fwcfg.
Mina Galić [Tue, 28 Feb 2023 02:58:45 +0000 (19:58 -0700)]
apic: prevent divide by zero in CPU frequency init
If a CPU for some reason returns 0 as CPU frequency, we currently panic
on the resulting divide by zero when trying to initialize the CPU(s) via
APIC. When this happens, we'll fallback to measuring the frequency
instead.
The reason for this is while looping through loose source routing (LSRR)
and strict source routing (SSRR), hlen will become smaller than the IP
header. It may even become negative. This should terminate the loop.
However, when hlen is unsigned, an integer underflow occurs becoming a
large number causing the loop to continue virtually forever until hlen
is either by chance smaller than the lenghth of an IP header or it
segfaults.
Mark Johnston [Mon, 13 Feb 2023 21:24:40 +0000 (16:24 -0500)]
vm_fault: Fix a race in vm_fault_soft_fast()
When vm_fault_soft_fast() creates a mapping, it release the VM map lock
before unbusying the top-level object. Without the map lock, however,
nothing prevents the VM object from being deallocated while still busy.
Fix the problem by unbusying the object before releasing the VM map
lock. If vm_fault_soft_fast() fails to create a mapping, the VM map
lock is not released, so those cases don't need to change.
Reported by: syzkaller
Reviewed by: kib (previous version)
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D38527
* Make nhop_set_blackhole() set all necessary properties for the
nexthop
* Make nexthops blackhole/reject based on the rtm_type netlink
property instead of using rtflags.
Reported by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
MFC after: 3 days
Joerg Wunsch [Sun, 12 Feb 2023 21:26:52 +0000 (22:26 +0100)]
MFC: ARM release build: enable IPv6 SLAAC by default
When building ARM release images, enable IPv6 SLAAC by default in
addition to IPv4 DHCP.
Unlike amd64 (and other desktop/server) releases, ARM releases on SoC
setups are usually deployed by just using the installation image, so
there is no interactive network configuration. Not having IPv6
included by default is kind of an anachronism these days, given that
FreeBSD with the KAME project once pioneered IPv6 technology.
Dmitry Chagin [Tue, 14 Feb 2023 14:46:32 +0000 (17:46 +0300)]
linux(4): Move use_real_names knob to the linux.c
MI linux.[c|h] are the module independent in terms of the Linux emulation
layer (ie, intended for both ISA - 32 & 64 bit), analogue of MD linux.h.
There must be a code here that cannot be placed into the corresponding by
common sense MI source and header files, i.e., code is machine independent,
but ISA dependent.
For the use_real_names knob, the code must be placed into the
linux_socket.[c|h], however linux_socket is ISA dependent.