Simon J. Gerraty [Fri, 13 Sep 2019 05:54:09 +0000 (05:54 +0000)]
Use file destdir for stage_as sets
We cannot use file (without :T) to name targets
but we can use the destination directory (with / replaced by _)
This has the benefit of minimizing the targets created.
r351540:
cxgbe/t4_tom: Initialize all TOE connection parameters in one place.
Remove now-redundant items from toepcb and synq_entry and the code to
support them.
Let the driver calculate tx_align, rx_coalesce, and sndbuf by default.
cxgbe/t4_tom: Limit work requests with immediate payload to a single
descriptor. The per-tid tx credits are in demand during active Tx and
it's best not to use too many just for payload.
Alexander Motin [Wed, 11 Sep 2019 23:45:58 +0000 (23:45 +0000)]
MFC r348268 (by sef), r348293 (by cem):
Add an AESNI-optimized version of the CCM/CBC cryptographic and authentication
code. The primary client of this is probably going to be ZFS encryption.
Right now, aesni_cipher_alloc does a bit of special-casing
for CRYPTO_F_IOV, to not do any allocation if the first uio
is large enough for the requested size. While working on ZFS
crypto port, I ran into horrible performance because the code
uses scatter-gather, and many of the times the data to encrypt
was in the second entry. This code looks through the list, and
tries to see if there is a single uio that can contain the
requested data, and, if so, uses that.
This has a slight impact on the current consumers, in that the
check is a little more complicated for the ones that use
CRYPTO_F_IOV -- but none of them meet the criteria for testing
more than one.
MFCr340141:
libcasper: fix limitations in dns service
The getaddrinfo(3) and gethostbyname(3) are used to return the address for a
given hostname. The getnameinfo(3) and gethostbyaddr(3) are used to return
hostname for a given address. Right now in casper, we have two limitations:
- NAME which allows resolving DNS names.
- ADDR which allows to do revert DNS lookups.
Before this change the rights was mixed up:
NAME - getnameinfo(3) and gethostbyname(3)
ADDR - gethostbyaddr(3) and getaddrinfo(3)
Which no matters on limitation allowed us to resolve DNS names and do DNS
lookups basically by using a different set of functions.
Now the NAME type allows getaddrinfo(3) and gethostbyname (3)functions,
and the ADDR names allow to use gethostbyaddr(3) and getnameinfo(3) functions.
MFCr350612
procdesc: fix reparenting when the debugger is attached
The process is reparented to the debugger while it is attached.
B B
/ ----> |
A A D
Every time when the process is reparented, it is added to the orphan list
of the previous parent:
A->orphan = B
D->orphan = NULL
When the A process will close the process descriptor to the B process,
the B process will be reparented to the init process.
B B - init
| ---->
A D A D
A->orphan = B
D->orphan = B
In this scenario, the B process is in the orphan list of A and D.
When the last process descriptor is closed instead of reparenting
it to the reaper let it stay with the debugger process and set
our previews parent to the reaper.
Add test case for this situation.
Notice that without this patch the kernel will crash with this test case:
panic: orphan 0xfffff8000e990530 of 0xfffff8000e990000 has unexpected oppid 1
MFCr350610:
exit1: postpone clearing P_TRACED flag until the proctree lock is acquired
In case of the process being debugged. The P_TRACED is cleared very early,
which would make procdesc_close() not calling proc_clear_orphan().
That would result in the debugged process can not be able to collect
status of the process with process descriptor.
- Add functions for creating and merging sysfs groups.
- Add sysfs_streq function to compare strings ignoring newline from the
sysctl userland call.
- Add a call to sysfs_create_groups in device_add.
- Remove duplicate header include.
- Bump __FreeBSD_version.
ng_ubt(4): do not attach Intel Wireless 8260/8265 in bootloader mode.
Add helper function for synchronous execution of HCI commands at probe
stage and use this function to check firmware state of Intel Wireless
8260/8265 bluetooth devices found in many post 2016 year laptops.
Attempt to initialize FreeBSD bluetooth stack while such a device is in
bootloader mode locks the adapter hardly so it requires power on/off
cycle to restore.
This change blocks ng_ubt attachment unless operational firmware is
loaded thus preventing the lock up.
The ancient-gcc -Wno-error series hasn't been MFC'd yet to this branch and
some GCC builds seem to have raised a false-positive that wasn't caught due
to -Wno-error on head. Back it out for now, will reapply when r352092
becomes eligible for MFC...
r348296 ("add description for create subcommand") apparently failed to merge
in the SYNOPSIS addition somehow... correct this mistake now. This is a
direct commit to stable/12 for a misfire on previous MFC.
Pull in r371111 from upstream llvm trunk (by Eli Friedman):
[IfConversion] Fix diamond conversion with unanalyzable branches.
The code was incorrectly counting the number of identical
instructions, and therefore tried to predicate an instruction which
should not have been predicated. This could have various effects: a
compiler crash, an assembler failure, a miscompile, or just
generating an extra, unnecessary instruction.
Instead of depending on TargetInstrInfo::removeBranch, which only
works on analyzable branches, just remove all branch instructions.
Fixes https://bugs.llvm.org/show_bug.cgi?id=43121 and
https://bugs.llvm.org/show_bug.cgi?id=41121 .
This should fix "Unable to predicate BX killed renamable $r0" errors
when building the lang/spidermonkey170 and lang/spidermonkey38 ports for
armv7 and armv6.
MFC r351813: bectl(8): implement sorting for 'bectl list' output
Allow 'bectl list' to sort output by a given property name. The property
name is passed in using a command-line flag, '-c' for ascending order and
'-C' for descending order. The properties allowed to sort by are:
- name (the default output, even if '-c' or '-C' are not used)
- creation
- origin
- used
- usedds
- usedsnap
- usedrefreserv
The default output for 'bectl list' is now ascending alphabetical order of
BE name.
To sort by creation time from earliest to latest, the command would be
'bectl list -c creation'
Bail out if one of the files scheduled to go to the FS image we are
making cannot be read (e.g. EPERM). Previous behaviour of issuing a
warning but still proceeeding and returning success was definitely not
correct: masking out error condition as well as making a slighly
inconsistent FS where attempt to access the file in question ends up in
EBADF. (More details in review D18584.)
MFC r351797: (Optional) Allow more nesting of GEOM partitioning schemes
GEOM is supposed to be topology-agnostic, but the GPT and BSD partition code
has arbitrary restrictions on nesting that are annoying in cases such as
running VMs on raw partitions (since the VM's partitioning scheme is not
visible to the host).
This patch adds sysctls to disable the restrictions except in the case of
BSD label (and similar) partitions with offset 0 (where we need to avoid
recursively recognizing the label).
The symbol version for _mcount was removed 12 years ago in r169525 from
gmon/Symbol.map, to be added to the per-arch Symbol.map. mips was overlooked
in this, so _mcount has no symver. Add it back to where it should have been,
rather than where it would go if it were added today, since we're correcting
a historical mistake.
Additionally, _mcount is getting thrown into .mdebug.abi32 in the llvm80/90
world as it's not getting explicitly thrown into .text, so do this now. This
fixes the libc build that was previously failing due to relocations in
.mdebug.abi32. This is specifically due to the way clang's integrated AS
works and that they emit the .mdebug.abiNN section early in the process. An
LLVM bug has been submitted (and since committed) and an agreement has been
made that the mips backend should switch to .text following .mdebug.abiNN
for compatibility.
Ed Maste [Mon, 9 Sep 2019 17:32:40 +0000 (17:32 +0000)]
makefs: add msdosfs (FAT) support
MFC r351232: makefs.8: expand description of image size
Submitted by: ryan_freqlabs.com, Siva Mahadevan
MFC r351273: makefs: add msdosfs (FAT) support
Add FAT support to makefs by copying some files from sys/fs/msdosfs/ and
updating others with changes from NetBSD.
The six files copied from sys/fs/msdosfs at r348251 and modified are:
denode.h direntry.h fat.h msdosfs_fat.c msdosfs_lookup.c msdosfsmount.h
I would prefer to avoid the duplication, but reluctance to doing so was
expressed in a previous review (D11197); for now copy the files and
revisit in the future.
When processing mtree(5) MANIFEST files, makefs(8) previously threw an
error if it encountered an entry whose "time" attribute contained a
non-zero subsecond component (e.g. time=1551620152.987220000).
Update the handling logic to properly assign the subsecond component if
built with nanosecond support, or silently discard it otherwise.
Also, re-enable the time attribute for the kyua tests.
Bounds check again after advancing cp, otherwise we have a possible
heap buffer overflow. This was discovered by a Google fuzzer test.
This can lead to remote denial of service. User interaction and
execution privileges are not a prerequisite for exploitation.
Reported by: enh at Google, to FreeBSD by maya@NetBSD.org
Obtained from: enh at Google
See also: NetBSD ns_name.c r1.12
Reviewed by: delphij, ume
MFC after: 3 days
https://android-review.googlesource.com/c/platform/bionic/+/1093130
Differential Revision: https://reviews.freebsd.org/D21523
Michael Tuexen [Sat, 7 Sep 2019 19:58:06 +0000 (19:58 +0000)]
Improve DSACK support:
MFC This is the second in a number of patches needed to
get BBRv1 into the tree. This fixes the DSACK bug but
is also needed by BBR. We have yet to go two more
one will be for the pacing code (tcp_ratelimit.c) and
the second will be for the new updated LRO code that
allows a transport to know the arrival times of packets
and (tcp_lro.c). After that we should finally be able
Improve DSACK support.
MFC r349987 from rrs@:
This is the second in a number of patches needed to
get BBRv1 into the tree. This fixes the DSACK bug but
is also needed by BBR. We have yet to go two more
one will be for the pacing code (tcp_ratelimit.c) and
the second will be for the new updated LRO code that
allows a transport to know the arrival times of packets
and (tcp_lro.c). After that we should finally be able
to get BBRv1 into head.
This required manual tweaking to address merge conflicts.
MFC r351725:
This patch improves the DSACK handling to conform with RFC 2883.
The lowest SACK block is used when multiple Blocks would be elegible as
DSACK blocks ACK blocks get reordered - while maintaining the ordering of
SACK blocks not relevant in the DSACK context is maintained.
This required manual tweaking to address merge conflicts.
MFC r351801:
Fix the SACK block generation in the base TCP stack by bringing it in
sync with the RACK stack.
MFC r351631
Earliest reference to /dev/null I can find is in v4 sh(1) and nulldev in
nsys/ken/subr.c
via TUHS archive
https://minnie.tuhs.org/cgi-bin/utree.pl?file=V4
Michael Tuexen [Sat, 7 Sep 2019 12:19:07 +0000 (12:19 +0000)]
MFC r351654:
Improve the handling of state cookie parameters in INIT-ACK chunks.
This fixes problem with parameters indicating a zero length or partial
parameters after an unknown parameter indicating to stop processing. It
also fixes a problem with state cookie parameters after unknown
parametes indicating to stop porcessing.
Thanks to Mark Wodrich from Google for finding two of these issues
by fuzz testing the userland stack and reporting them in
https://github.com/sctplab/usrsctp/issues/351
and
https://github.com/sctplab/usrsctp/issues/352
Michael Tuexen [Sat, 7 Sep 2019 12:13:58 +0000 (12:13 +0000)]
MFC r351638:
Improve the handling of illegal sequence number combinations in received
data chunks. Abort the association if there are data chunks with larger
fragement sequence numbers than the fragement sequence of the last
fragment.
Thanks to Mark Wodrich from Google who found this issue by fuzz testing
the userland stack and reporting this issue in
https://github.com/sctplab/usrsctp/issues/355
Michael Tuexen [Sat, 7 Sep 2019 11:52:35 +0000 (11:52 +0000)]
MFC r350520:
Fix the reporting of multiple unknown parameters in an received INIT
chunk. This also plugs an potential mbuf leak.
Thanks to Felix Weinrank for reporting this issue found by fuzz-testing
the userland stack.
Michael Tuexen [Sat, 7 Sep 2019 11:51:07 +0000 (11:51 +0000)]
MFC r350508:
When responding with an ABORT to an INIT chunk containing a
HOSTNAME parameter or a parameter with an illegal length, only
include an error cause indicating why the ABORT was sent.
This also fixes an mbuf leak which could occur.
Michael Tuexen [Sat, 7 Sep 2019 11:46:49 +0000 (11:46 +0000)]
MFC r350404:
When performing after_idle() or post_recovery(), don't disable the
DCTCP specific methods. Also fallthrough NewReno for non ECN capable
TCP connections and improve the integer arithmetic.
Obtained from: Richard Scheffenegger
Differential Revision: https://reviews.freebsd.org/D20550
Michael Tuexen [Sat, 7 Sep 2019 11:33:27 +0000 (11:33 +0000)]
MFC r350403:
* Improve input validation of sysctl parameters for DCTPC.
* Initialize the alpha parameter to a conservative value (like Linux)
* Improve handling of arithmetic.
* Improve man-page
Obtained from: Richard Scheffenegger
Differential Revision: https://reviews.freebsd.org/D20549
Michael Tuexen [Sat, 7 Sep 2019 11:31:05 +0000 (11:31 +0000)]
MFC r350265:
Add a sysctl variable ts_offset_per_conn to change the computation
of the TCP TS offset from taking the IP addresses and the TCP port
numbers into account to a version just taking only the IP addresses
into account. This works around broken middleboxes or endpoints.
The default is to keep the behaviour, which is also the behaviour
recommended in RFC 7323.
Michael Tuexen [Sat, 7 Sep 2019 10:49:37 +0000 (10:49 +0000)]
MFC r349989:
Improve the input validation for l_linger.
When using the SOL_SOCKET level socket option SO_LINGER, the structure
struct linger is used as the option value. The component l_linger is of
type int, but internally copied to the field so_linger of the structure
struct socket. The type of so_linger is short, but it is assumed to be
non-negative and the value is used to compute ticks to be stored in a
variable of type int.
Therefore, perform input validation on l_linger similar to the one
performed by NetBSD and OpenBSD.
Thanks to syzkaller for making me aware of this issue.
Thanks to markj@ for pointing out that a similar check should be added
to so_linger_set().
Michael Tuexen [Sat, 7 Sep 2019 10:47:43 +0000 (10:47 +0000)]
MFC r349986:
When calling sctp_initialize_auth_params(), the inp must have at
least a read lock. To avoid more complex locking dances, just
call it in sctp_aloc_assoc() when the write lock is still held.
Michael Tuexen [Sat, 7 Sep 2019 10:39:49 +0000 (10:39 +0000)]
MFC r349228:
The variable names in the description of the port number usage is
inconsistent. This patch fixes that and improves the precision of
the description.
Thanks to Tom Marcoen for reporting the issue and providing an
initial patch, on which this change is based.
Mike Karels [Fri, 6 Sep 2019 21:53:04 +0000 (21:53 +0000)]
MFC r351379 r351385 r351592:
Change w(1) to compute FROM (host) field size dynamically
It's nice to be able to display a full IPv6 host address if
needed, but it's also nice to display more than 3 characters of a command
line. Compute the needed size for the FROM column in an earlier pass,
and determine the maximum, then print what fits for the command.
Fix address annotation in xml output from w
The libxo xml feature of adding an annotation with the "original"
address from the utmpx file if it is different than the final "from"
field was broken by r351379. This was pointed out by the gcc error
that save_p might be used uninitialized. Save the original address
as needed in each entry, don't just use the last one from the previous
loop.
Alan Somers [Fri, 6 Sep 2019 20:16:08 +0000 (20:16 +0000)]
MFC r350858-r350859, r350987, r351170
r350858:
ping6: Add missing static keyword for a global variable
This fixes -Wmissing-variable-declarations error when compiled with
WARNS=6.
Submitted by: Ján Sučan <sucanjan@gmail.com>
Sponsored by: Google, inc. (Google Summer of Code 2019)
Differential Revision: https://reviews.freebsd.org/D21214
r350859:
ping6: Remove unnecessary level of indirection from dnsdecode() parameter
The `sp' pointer doesn't need to be modified in the caller of
dnsdecode().
This fixes -Wcast-qual error (`must have all intermediate pointers
const qualified to be safe') when compiled with WARNS=6.
Submitted by: Ján Sučan <sucanjan@gmail.com>
Sponsored by: Google, inc. (Google Summer of Code 2019)
Differential Revision: https://reviews.freebsd.org/D21215
r350987:
ping6: Fix data type of a variable for a packet sequence number
Submitted by: Ján Sučan <sucanjan@gmail.com>
Sponsored by: Google, inc. (Google Summer of Code 2019)
Differential Revision: https://reviews.freebsd.org/D21218
r351170:
ping6: Fix dnsdecode() bug introduced by r350859
Revision 350859 removed level of indirection that was needed for setting the
caller's `cp' pointer. dnsdecode() uses return value to indicate error or
success. It returns pointer to a buffer holding a decompressed DNS name or
NULL. The caller uses that value only to find out the result, not for accessing
the buffer.
We use the return value to propagate the new value of `cp' pointer to
the caller instead of using an output argument.
Submitted by: Ján Sučan <sucanjan@gmail.com>
MFC-With: 350859
Sponsored by: Google, Inc (Google Summer of Code 2019)
Differential Revision: https://reviews.freebsd.org/D21266
Alan Somers [Fri, 6 Sep 2019 19:36:41 +0000 (19:36 +0000)]
MFC r350453:
Add a CXXWARNFLAGS variable
Some warning flags are valid for C++ but not C. GCC 8 complains if you pass
such flags when building a C file. Using a separate variable for these
flags allows building both C and C++ files in the same directory (such as
the fusefs tests) under GCC.
Reviewed by: cem, emaste
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D21116