netlink: automatically fill sin6_scope_id in the default snl(3) parsers.
Add the optional post-parse hook to the snl(3) parser declaration.
Use this hook to automatically add the interface indexes to the
link-local sockaddrs.
netlink: use consistent variable lifetime in the default snl(3) parsers.
Currently, parsers use original strings/nla pointers instead of
duplicating them. These pointers refer to the temporary packet buffer,
which can be silently rewritten when the next message is read.
Instead, duplicate all string/nla attributes using snl_allocz(3) to
give control over variable lifetime to the user.
Ed Maste [Tue, 9 May 2023 12:44:23 +0000 (08:44 -0400)]
libfido2: specify OpenSSL 1.1 API
OPENSSL_API_COMPAT can be used to specify the OpenSSL API version in
use for the purpose of hiding deprecated interfaces and enabling
the appropriate deprecation notices.
This change is a NFC while we're still using OpenSSL 1.1.1 but will
avoid deprecation warnings upon the switch to OpenSSL 3.0. A future
libfido2 update may switch to use OpenSSL 3.0 APIs.
Bojan Novković [Tue, 9 May 2023 07:02:04 +0000 (09:02 +0200)]
bhyve: fix vCPU single-stepping on VMX
This patch fixes virtual machine single stepping on VMX hosts.
Currently, when using bhyve's gdb stub, each attempt at single-stepping
a vCPU lands in a timer interrupt. The current single-stepping mechanism
uses the Monitor Trap Flag feature to cause VMEXIT after a single
instruction is executed. Unfortunately, the SDM states that MTF causes
VMEXITs for the next instruction that gets executed, which is often not
what the person using the debugger expects. [1]
This patch adds a new VM capability that masks interrupts on a vCPU by
blocking interrupt injection and modifies the gdb stub to use the newly
added capability while single-stepping a vCPU.
Yuri Pankov [Tue, 9 May 2023 08:00:32 +0000 (10:00 +0200)]
em(4): update sysctl list, mention iflib(4)
Some of the settings, e.g. disabling/enabling msix, are now handled
as generic iflib variables; mention iflib explicitly in tunables
section (in addition to SEE ALSO).
Kyle Evans [Tue, 9 May 2023 03:45:12 +0000 (22:45 -0500)]
acl(3): improve discoverability of acl_get_perm_np(3)
- Mention it in acl(3) as an available function, xref
- Mention it in acl_get_permset(3), as acl_get_perm_np(3) is a natural
follow-up to acl_get_permset(3)
Ed Maste [Mon, 8 May 2023 12:09:26 +0000 (08:09 -0400)]
bhyve: specify OpenSSL 1.1 API
OPENSSL_API_COMPAT can be used to specify the OpenSSL API version in
use for the purpose of hiding deprecated interfaces and enabling
the appropriate deprecation notices.
This change is a NFC while we're still using OpenSSL 1.1.1 but will
avoid deprecation warnings upon the switch to OpenSSL 3.0. A future
change can then switch bhyve to use OpenSSL 3.0 APIs.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39998
Ed Maste [Tue, 2 May 2023 20:57:12 +0000 (16:57 -0400)]
cpuset: increase userland maximum size to 1024
Hardware with more than 256 CPU cores is now available and will become
increasingly common. Bump CPU_MAXSIZE (used for userland cpuset_t
sizing) to 1024 to define the ABI for FreeBSD 14.
PR: 269572, 271213 [exp-run]
Reviewed by: mjg, jhb
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39941
Kristof Provost [Mon, 8 May 2023 15:44:47 +0000 (17:44 +0200)]
if_ovpn tests: fix route_to test case
* Move the .254 address to the tunnel device so we reply through the
tunnel.
* Remove the network route to 'break' routing, which we then 'fix' with
pf's route-to, which is the functionality we wanted to test in the
first place.
Kristof Provost [Mon, 8 May 2023 14:41:48 +0000 (16:41 +0200)]
if_ovpn: notify userspace when we've used half of the sequence numbers
OpenVPN uses the sequence number (as well as a userspace supplied nonce)
to build the IV. This means we should avoid re-using sequence numbers.
However, userspace doesn't know how many packets we've sent (and thus
what sequence number we're up to).
Notify userspace when we've used half of the available sequence numbers
to tell it that it's time for a key renegotiaton.
Mykola Hohsadze [Mon, 8 May 2023 13:39:09 +0000 (10:39 -0300)]
arm64/disassem.c: Add detection of xzr and sp
Added support to distinguish between XZR/WZR and SP/WSP registers.
Add new OP_ flags to indicate if the instruction allows the use of SP
for a given register field. "wSP" and "SP" are removed from w_reg and
x_reg, and helper functions are introduced for this purpose of detecting
the correct name of the x31 register.
mhorne: While here, adjust some whitespace issues from a previous
commit.
Warner Losh [Mon, 8 May 2023 04:28:16 +0000 (22:28 -0600)]
MAINTAINERS: Add myself to stand
People email me when the boot loader breaks anyway, so ask to be
included in reviews. And ask strongly since I've had to deal with too
many major breakages lately, distruting other things I need to do.
unionfs(): destroy root vnode if upper registration fails
If unionfs_domount() fails, the mount path will not call VFS_UNMOUNT()
to clean up after it. If this failure happens during upper vnode
registration, the unionfs root vnode will already be allocated.
vflush() it in order to prevent the vnode from being leaked and the
subsequent vfs_mount_destroy() call from getting stuck waiting for
the mountpoint reference count to drain.
unionfs: prevent upperrootvp from being recycled during mount
If upperrootvp is doomed by a concurrent unmount, unionfs_nodeget()
may return without a reference or lock on it. unionfs_domount() must
prevent the vnode from being recycled for use by a different file until
it is finished with the vnode, namely once vfs_register_upper_from_vp()
fails. Accomplish this by holding the reference returned by namei()
a bit longer.
unionfs: fixes to unionfs_nodeget() error handling
If either the lower or upper vnode is found to be doomed after
locking it, the newly-created unionfs node won't be associated
with it and its lock will be dropped. In that case, clear the
uppervp and lowervp locals as necessary to avoid further use
of the vnode in unionfs_nodeget(). If the upper vnode is doomed
but the lower vnode remains valid, additionally reset the unionfs
node's v_vnlock field to point to the lower vnode lock.
Alexander Motin [Sat, 6 May 2023 18:57:14 +0000 (14:57 -0400)]
mountd: Improve error message for exports lines
Currently mountd print error message "symbolic link in export path or
statfs failed" in case some path component in an exports line fails
validation. This revision improves the error message by giving more
information about the precise error as well as the path component that
caused the issue.
Mitchell Horne [Fri, 5 May 2023 22:00:02 +0000 (19:00 -0300)]
hwpmc: pass pmc pointer to more class methods
In many cases this avoids an extra lookup, since the callers always have
pm at hand. We can also eliminate several assertions, mostly for pm !=
NULL. The class methods are an internal interface, and the callers
already handle such a scenario. No functional change intended.
Reviewed by: jkoshy
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39915
Mitchell Horne [Fri, 5 May 2023 21:59:41 +0000 (18:59 -0300)]
hwpmc: remove stub pmd_switch_{in,out} methods
Most platforms (non-x86) don't require these methods and implement stub
versions. If we initialize the pmc_mdep structure to always point to the
generic versions, then we can purge the duplicate stubs.
Reviewed by: jkoshy
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39913
Mitchell Horne [Fri, 5 May 2023 21:59:27 +0000 (18:59 -0300)]
hwpmc_logging: less macro magic for type names
Provide the log type names in their entirely, rather than relying on the
macro to prepend the prefix. This improves their searchability; for
example, if I see PMCLOG_TYPE_PMCALLOCATE in libpmc I will now be able
to find where that is emitted in the kernel with a simple grep.
Reviewed by: jkoshy, emaste
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39911
Mitchell Horne [Fri, 5 May 2023 21:59:01 +0000 (18:59 -0300)]
hwpmc: use kstack_contains()
This existing helper function is preferable to the hand-rolled
calculation of the kstack bounds.
Make some small style improvements while here. Notably, rename every
instance of "r", the return address, to "ra". Tidy the includes in the
affected files.
Reviewed by: jkoshy
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39909
Mitchell Horne [Fri, 5 May 2023 21:56:55 +0000 (18:56 -0300)]
pmc_events.h: update event list comment
This comment is no longer in sync with the contents of __PMC_EVENTS().
Update to reflect the removal of various Intel event definitions from
this list; these event definitions now come from Linux and live in
lib/libpmc/pmu-events/.
Reviewed by: jkoshy
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39902
Mitchell Horne [Fri, 5 May 2023 21:56:34 +0000 (18:56 -0300)]
hwpmc: remove remaining UCP event definitions
Although this block has remained in __PMC_EVENTS(), there is no handling
of UCP in libpmc/libpmc.c, so it is not possible to select one of these
events. It should therefore be impossible to trigger the code removed
from ucp_start_pmc(). Note that the GQ_SNOOP_MSF MSR exists only for
Nehalem and Westmere architectures, and the related events do not exist
for later generations.
The Uncore support in hwpmc has severely atrophied in general. We have
uncore event definitions in pmu-events, but the kernel support was
written against Intel Performance Measurement Architecture version 2,
and is disabled for processor generations later than Westmere. Nehalem
and Westmere lack uncore event definitions in pmu-events. I'd be
surprised if Uncore support is usable on any machine in its current
state.
Reviewed by: jkoshy
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39901
Michael Tuexen [Sat, 6 May 2023 09:21:16 +0000 (11:21 +0200)]
bblog: inherit TCP_LOG option from listener
When the TCP_LOG option is used to enable logging on a listening
socket, inherit this if the listener is not auto selected and does
not have a log id set.
Reviewed by: cc
MFC after: 1 week
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D38436
Ed Maste [Fri, 5 May 2023 23:11:52 +0000 (19:11 -0400)]
libfido2: update to 1.9.0
Some highlights from NEWS:
** Added OpenSSL 3.0 compatibility.
** Removed OpenSSL 1.0 compatibility.
** Support for FIDO 2.1 "minPinLength" extension.
** Support for COSE_EDDSA, COSE_ES256, and COSE_RS1 attestation.
** Support for TPM 2.0 attestation.
** Support for device timeouts; see fido_dev_set_timeout().
** New API calls:
- es256_pk_from_EVP_PKEY;
- fido_cred_attstmt_len;
- fido_cred_attstmt_ptr;
- fido_cred_pin_minlen;
- fido_cred_set_attstmt;
- fido_cred_set_pin_minlen;
- fido_dev_set_pin_minlen_rpid;
- fido_dev_set_timeout;
- rs256_pk_from_EVP_PKEY.
** Reliability and portability fixes.
** Better handling of HID devices without identification strings; gh#381.
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Rick Macklem [Fri, 5 May 2023 22:43:55 +0000 (15:43 -0700)]
nfsd: Fix NFSv3 Readdir/ReaddirPlus reply for large i-node numbers
If the i-node number (d_fileno) for a file on the server did
not fit in 32bits, it would be truncated to the low order 32bits
for the NFSv3 Readdir and ReaddirPlus RPC replies.
This is no longer correct, given that ino_t is now 64bits.
This patch fixes this by sending the full 64bits of d_fileno
on the wire in the NFSv3 Readdir/ReaddirPlus RPC reply.
Doug Ambrisko [Wed, 24 Aug 2022 22:38:43 +0000 (15:38 -0700)]
Add mrsasutil(8) as alias to mfiutil(8)
mfiutil(8) in theory can work on devices attached to mrsas(4) but
mrsas(4) is missing the FreeBSD mfi(4) ioctl support. Once that
support is added to mrsas(4) then mrsasutil(8) can manage mrsas(4)
attached devices. So this commit depends on that. When mrsasutil(8)
is run it automatically opens /dev/mrsas0 instead of /dev/mfi0.
Add -D <device> and -t <type> flag to optionally specify mrsas or mfi to
work with the existing -u <unit>. Device is the device node with or
without /dev/
Dimitry Andric [Fri, 5 May 2023 16:19:40 +0000 (18:19 +0200)]
Apply libc++ fix for compiling <type_traits> with gcc 13
Merge commit 484e64f7e7b2 from llvm-project (by Roland McGrath):
[libc++] Use __is_convertible built-in when available
https://github.com/llvm/llvm-project/issues/62396 reports that
GCC 13 barfs on parsing <type_traits> because of the declarations
of `struct __is_convertible`. In GCC 13, `__is_convertible` is a
built-in, but `__is_convertible_to` is not. Clang has both, so
using either should be fine.
Kyle Evans [Fri, 5 May 2023 15:12:13 +0000 (10:12 -0500)]
daemon: EINTR from kevent(2) is not a fatal error
Simply resume waiting for events rather than exiting if we took a signal
here.
This at least fixes running programs under daemon(8) in the face of
suspend/resume, which I suspect hits us with a spurious EINTR rather
than a signal anyways.
Reported and tested by: manu
Fixes: 8935a3993219b ("daemon: use kqueue for all events")
Corvin Köhne [Fri, 5 May 2023 06:36:20 +0000 (08:36 +0200)]
vmm: don't free unallocated memory
If vmx or svm is disabled in BIOS or the device isn't supported by vmm,
modinit won't allocate these state save areas. As kmem_free panics when
passing a NULL pointer to it, loading the vmm kernel module causes a
panic too.
PR: 271251
Reviewed by: markj
Fixes: 74ac712f72cfd6d7b3db3c9d3b72ccf2824aa183 ("vmm: Dynamically allocate a couple of per-CPU state save areas")
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39974
Currently, we handle SIGINT by calling summary() and _exit() directly from the signal handler, which we install after setup(). There are several issues with this:
* summary() is not signal safe;
* the parent is not informed about the signal;
* setup() can block on open(), and catching SIGINT at that stage will produce the correct exit status but will not print anything to stderr as POSIX demands.
Fix this by making SIGINT non-restartable, changing our signal handler to only set a flag, installing it before setup(), and checking the termination flag before and after every blocking operation, i.e. open(), read(), write().
Also add two test cases, one for catching SIGINT while opening the input and one for catching it while reading. I couldn't think of an easy way to test catching SIGINT while writing (it's certainly feasible, but perhaps not from a shell script).
Ed Maste [Sun, 10 Apr 2022 22:52:48 +0000 (18:52 -0400)]
Makefile.inc1: use make builtin :ts instead of sed
Commit 3eb1b4da3cf7 replaced "xargs -n1" with a sed expression to
convert from space to newline as a list separator for *-old-* targets.
Dan Nelson followed up with a suggestion to use make's built-in :ts
instead, which should be slightly more efficient.
Reviewed by: sjg
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39972
Yuri Pankov [Fri, 5 May 2023 09:48:57 +0000 (11:48 +0200)]
pvscsi: maximum target number is one less than number of targets
Fix the number of targets we inquiry to be one less than the maximum
number of targets adapter reports. This gets rid of the errors reported
on VMware Workstation:
(probe36:pvscsi0:0:65:0): INQUIRY. CDB: 12 00 00 00 24 00
(probe36:pvscsi0:0:65:0): CAM status: CCB request completed with an error
Tom Hukins [Mon, 1 May 2023 14:47:58 +0000 (15:47 +0100)]
wlan(4): Mention WiFi more prominently
WiFi is a commonly used term to describe wireless LANs. Adding this
word will help readers better understand the contents of this manual
page and will help find the page when searching, for example when
running `man -k wifi`.
John Baldwin [Thu, 4 May 2023 19:32:40 +0000 (12:32 -0700)]
al: Replace boolean_t with either al_bool or bool.
Use al_bool for interfaces and structures defined in the
OS-independent HAL in sys/contrib, and use plain bool for
FreeBSD-specific APIs and structures in sys/dev/al_eth.
Do not preallocate pcpu area backing pages on early startup, only
allocate enough of KVA for pcpu[MAXCPU] and the page for BSP. Other
pages are allocated after we know the number of cpus and their
assignments to the domains.
PCPUs are not accessed until they are initialized, which happens on AP
startup.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D39945