Ed Maste [Sun, 19 Dec 2021 16:02:02 +0000 (11:02 -0500)]
ssh: update to OpenSSH v8.8p1
OpenSSH v8.8p1 was motivated primarily by a security update and
deprecation of RSA/SHA1 signatures. It also has a few minor bug fixes.
The security update was already applied to FreeBSD as an independent
change, and the RSA/SHA1 deprecation is excluded from this commit but
will immediately follow.
MFC after: 1 month
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
lock order reversal:
1st 0xfffffe00050429a8 rip (rip, sleep mutex) @ /usr/src/sys/netinet6/raw_ip6.c:803
2nd 0xfffff8009491e1d0 rawinp (rawinp, rw) @ /usr/src/sys/netinet6/raw_ip6.c:804
lock order rawinp -> rip established at:
0xffffffff8068e26a at witness_lock_order_add+0x28a
0xffffffff8068d087 at witness_checkorder+0x627
0xffffffff805a9f05 at __mtx_lock_flags+0x205
0xffffffff808102e4 at in_pcballoc+0x204
0xffffffff808d53c6 at rip6_attach+0x116
0xffffffff806dc4e8 at socreate+0x368
0xffffffff806eaedc at kern_socket+0xfc
0xffffffff806eadcd at sys_socket+0x2d
0xffffffff80abc774 at syscallenter+0x5c4
0xffffffff80abbeeb at amd64_syscall+0x1b
0xffffffff80a8044b at fast_syscall_common+0xf8
lock order rip -> rawinp attempted at:
0xffffffff8068dc2a at witness_checkorder+0x11ca
0xffffffff805d1b7f at _rw_wlock_cookie+0x18f
0xffffffff808d596c at rip6_connect+0x19c
0xffffffff806e0842 at soconnectat+0x142
0xffffffff806ebe36 at kern_connectat+0x136
0xffffffff806ebcdf at sys_connect+0x4f
0xffffffff80abc774 at syscallenter+0x5c4
0xffffffff80abbeeb at amd64_syscall+0x1b
0xffffffff80a8044b at fast_syscall_common+0xf8
Andriy Gapon [Sun, 19 Dec 2021 09:26:40 +0000 (11:26 +0200)]
twsi: fix handling of consecuitve write messages in transaction
Make sure to reset 'message_done' flag when jumping from a message to the
next one within the same interrupt handler call. This happens only when
a write with no-stop flag message is followed by a write with no-start
flag message.
Without this fix the second message would be prematurely "completed"
without waiting for an ACK (or NACK) for its first byte and without
sending subsequent bytes (if any).
Fixes: ff1e8581 twsi: support more message combinations in transfers
MFC after: 4 days
Gleb Smirnoff [Sun, 19 Dec 2021 01:19:26 +0000 (17:19 -0800)]
carp: fix send error demotion recovery
The problem is that carp(4) would clear the error counter on first
successful send, and stop counting successes after that. Fix this
logic and document it in human language.
Michael Tuexen [Sat, 18 Dec 2021 22:43:00 +0000 (23:43 +0100)]
if_oce: fix epoch handling
Thanks to gallatin@ for suggesting the patch.
PR: 260330
Reported by: Vincent Milum Jr.
Reviewed by: gallatin, glebius
Tested by: Vincent Milum Jr.
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D33395
dirdeps.mk: simplify computation of qualified vs unqualified dirdeps.
Note the importance of avoiding unresolved variables in DIRDEPS
Fix DIRDEP_LOADAVG_REPORT - expr(1) fails if expression evaluates to 0
Trim ${SRCTOP}/ from debug etc messages to make comparison easier.
Include number of DIRDEPS in debug output.
Trim ${SRCTOP}/ when exporting to env while building DIRDEPS_CACHE
to help avoid env exhaustion.
Use DIRDEPS_ALL_MACHINES_FILTER to better handle ALL_MACHINES
in complex build environments.
dirdeps-options.mk: use separate .undef for each variable
dirdeps-targets.mk: allow for '.' in DIRDEPS_TARGETS_DIRS
meta.autodep.mk: leverage ${.SUFFIXES} if we can.
meta.sys.mk: allow use in META_MODE vs DIRDEPS_BUILD
meta2deps.py: compute a list of dirdep extensions that map to current
TARGET_SPEC to avoid confusion.
John Baldwin [Sat, 18 Dec 2021 00:46:09 +0000 (16:46 -0800)]
crypto: Encrypt the XORed input block for Camellia-CBC.
This fixes a regression in the previous change to move CBC chaining
into enc_xform_camellia which passed the raw input into the encrypt
function (thus not actually doing the chaining). This still works
when using the same buffer for input and output which is why my
initial testing with cryptocheck didn't catch it.
Fixes: f84d708b484b crypto: Move CBC handling into enc_xform_camellia.
Sponsored by: The FreeBSD Foundation
Brooks Davis [Fri, 17 Dec 2021 21:28:14 +0000 (21:28 +0000)]
usb: remove COMPAT_32BIT ifdefs
Now that we have proper 32-bit compat support, remove COMPAT_32BIT
ifdefs to allow 32-bit code to use the 64-bit layout of USB ioctl
structs and struct usb_fs_endpoint.
This includes the removal of redundant alignment directives that had
no effect in practice.
Brooks Davis [Fri, 17 Dec 2021 21:28:14 +0000 (21:28 +0000)]
libusb: remove use of COMPAT_32BIT
This codepath used uint64_t's in place of pointers in structs and
arrays to allow 32-bit code to use 64-bit version of ioctls. Now
that we support 32-bit compat natively this is no longer needed.
Brooks Davis [Fri, 17 Dec 2021 21:28:14 +0000 (21:28 +0000)]
usb: add 32-bit compat for FIFOs
Unlike most 32-bit compatability code, this isn't just a simple thunk
in the ioctl code. An ioctl (USB_FS_INIT) is used to install a
pointer to an array of usb_fs_endpoint structs which are then used
by the ugen fifo code. These struct contains an array of pointers
which requires translation. We change the interfaces around
struct usb_fs_endpoint as follows:
- We store the size of struct usb_fs_endpoint in struct usb_fifo
in the USB_FS_INIT handler so we know the ABI of the userspace
array.
- APIs to manipulate userspace struct usb_fs_endpoint objects now
take a struct usb_fifo and an index rather than a pointer to
the object. This allows most code to remain oblivious to the
different struct usb_fs_endpoint sizes.
- Add ugen_fs_copyin() which copies the struct usb_fs_endpoint
from userspace, thunking it to the native size if required.
- Uses of struct usb_fs_endpoint's ppBuffer member are now
via ugen_fs_getbuffer() which produces a native pointer.
- Updates to userspace are now handled by ugen_fs_update().
For clarity, single, fixed-sized members now are accessed with
fueword/suword rather than copyin/copyout.
Brooks Davis [Fri, 17 Dec 2021 21:28:13 +0000 (21:28 +0000)]
usb: real freebsd32 support for most ioctls
Use thunks or alternative access methods to support ioctls without
the COMPAT_32BIT hacks that store pointers in uint64_t's on 32-bit
platforms. This should allow a normal i386 libusb to work.
On CheriBSD, the sizes of the structs will differ between CheriABI
(the default) and freebsd64 no matter what so we need proper compat
support there. This change paves the way.
Corvin Köhne [Fri, 17 Dec 2021 21:09:32 +0000 (23:09 +0200)]
pci: add missing PCI id of Coffee Lake GPU
The PCI id of an UHD Graphics 630 for Coffee Lake GPUs is missing in
the PCI id list of all Intel GPUs.
You can take a look at
https://dgpu-docs.intel.com/devices/hardware-table.html to check that
this device id exists. Or check the linux code:
https://github.com/torvalds/linux/commit/d0e062ebb3a44b56a7e672da568334c76f763552
Alexander Motin [Fri, 17 Dec 2021 20:24:56 +0000 (15:24 -0500)]
ahci(4): Allow enclosure emulation without hardware.
After 53f5ac1310e allowed SATA device mapping to enclosure slots,
it may have sense to provide enclosure device emulation even without
real hardware interface like SGPIO just for purposes of physical
device location tracking (still assuming straight cabling).
Mark Johnston [Thu, 16 Dec 2021 21:07:04 +0000 (16:07 -0500)]
fd: Avoid truncating output buffers for KERN_PROC_{CWD,FILEDESC}
These sysctls failed to return an error if the caller had provided too
short an output buffer. Change them to return ENOMEM instead, to ensure
that callers can detect truncation in the face of a concurrently
changing fd table.
Mark Johnston [Thu, 16 Dec 2021 21:53:59 +0000 (16:53 -0500)]
fd: Initialize more export_fd_buf fields in kern_proc_cwd_out()
In particular, we need to initialize efbuf->flags, since
export_vnode_to_sb() loads that field. This was mostly harmless since
the flag only determines whether the output kinfo_file is packed, and
KERN_PROC_CWD only ever emits a single kinfo_file anyway.
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Domagoj Stolfa [Fri, 17 Dec 2021 16:01:54 +0000 (11:01 -0500)]
dtrace: Disable getf() as it is broken on FreeBSD
getf() on FreeBSD calls _sx_slock(), _sx_sunlock() and fget_locked().
Furthermore, it does not set the per-core fault flag, meaning it
usually ends up in a double fault panic once getf() does get called,
especially from fbt.
Reviewing the DTrace Toolkit + a number of other scripts scattered
around FreeBSD, I have not been able to find one use of getf(). Given
how broken the implementation currently is, we disable it until it
can be implemented properly.
Also comment out a test in aggs/tst.subr.d for getf().
Mark Johnston [Fri, 17 Dec 2021 15:59:29 +0000 (10:59 -0500)]
unix: Increase the default datagram recv buffer size
syslog(3) was recently change to support larger messages, up to 8KB.
Our syslogd handles this fine, as it adjusts /dev/log's recv buffer to a
large size. rsyslog, however, uses the system default of 4KB. This
leads to problems since our syslog(3) retries indefinitely when a send()
returns ENOBUFS, but if the message is large enough this will never
succeed.
Increase the default recv buffer size for datagram sockets to support
8KB syslog messages without requiring the logging daemon to adjust its
buffers.
PR: 260126
Reviewed by: asomers
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33380
Kristof Provost [Thu, 16 Dec 2021 08:53:42 +0000 (09:53 +0100)]
test-includes: use the same header set for badfiles.inc as for testing
This ensures we don't end up listing files we've excluded (e.g. those
starting with _).
Add a slight hack to preserve the existing order (sys, then net) in
badfiles.inc.
Kristof Provost [Wed, 15 Dec 2021 19:22:41 +0000 (20:22 +0100)]
sys: make callout.h self-contained
Avoid including sys/types.h from sys/_callout.h (as we try to avoid having
headers starting with underscores depending on non-underscore headers)
by introducing __sbintime_t in sys/_types.h and including that header
instead.
Hubert Mazur [Thu, 16 Dec 2021 08:16:22 +0000 (09:16 +0100)]
pcf85063: Set RTC device to work in 24h mode
Sometimes the device did not set default hour mode setting correctly,
which lead to conversion errors. Explicitly set device to work in 24h
mode by clearing flag in register, instead of allowing defaults.
Kyle Evans [Thu, 9 Dec 2021 05:20:16 +0000 (23:20 -0600)]
sysent: regenerate files every time
This forces everything to be regenerated by marking makesyscalls.lua
as .PHONY, which may be helpful in, e.g., rebase scenarios, which may
have unexpected effects on mtimes but still really need a regen.
For now we apply this to the default sysent target, which is ran
manually and not as a part of buildkernel. We can reconsider this if
someone manually running it has issues with the runtime, but the top
level sysent target can run each in parallel; I recommend -j4 or so.
Kyle Evans [Thu, 9 Dec 2021 04:37:28 +0000 (22:37 -0600)]
sysent: move away from allowing all compat options for other ABIs
Notably, the current compat_options only makes sense for native and
freebsd32 ABIs. For the others, it just adds cruft. Switch to having
sets of compat options, and default to the native set. Setup the other
ABIs where it doesn't make sense to opt-out of the native set.
This removes some redundant COMPAT_FREEBSD* stuff from Linuxolator bits.
line_expr in makesyscalls.lua is fixed to allow empty strings to be
specified, since they're harmless.
Commit 867c27c23a5c enabled the n_directio_opens code
in open/close, which sets/clears NNONCACHE, for
IO_APPEND. This code should not be enabled unless
newnfs_directio_enable is non-zero.
This patch reverts that part of commit 867c27c23a5c.
A future patch that fixes the case where the
file that is being written IO_APPEND is mmap()'d.
John Baldwin [Thu, 16 Dec 2021 21:48:02 +0000 (13:48 -0800)]
crypto: Move CBC handling into enc_xform_camellia.
Add an IV to the context that is initialized by the reinit hook.
Encrypt and decrypt operations handle cipher block chaining along with
updating the IV saved in the context.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33488
John Baldwin [Thu, 16 Dec 2021 21:47:44 +0000 (13:47 -0800)]
crypto: Move CBC handling into enc_xform_aes_cbc.
Add an IV to the context that is initialized by the reinit hook.
Encrypt and decrypt operations handle cipher block chaining along with
updating the IV saved in the context.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33487
Doug Moore [Thu, 16 Dec 2021 18:20:56 +0000 (12:20 -0600)]
vm: Don't break vm reserv that can't meet align reqs
Function vm_reserv_test_contig has incorrectly used its alignment
and boundary parameters to find a well-positioned range of empty pages
in a reservation. Consequently, a reservation could be broken
mistakenly when it was unable to provide a satisfactory set of pages.
Rename the function, correct the errors, and add assertions to detect
the error in case it appears again.
Alexander Motin [Thu, 16 Dec 2021 16:44:34 +0000 (11:44 -0500)]
loader.efi: Do not use as frame buffer BLT-only GOPs.
Kernel needs physical frame buffer address and size, which Block
Transfer-only Graphics Output Protocol instances do not have.
Some recent ASUS boards like PRIME Z690M-PLUS D4 and PRIME H570-Plus
report two GOPs, out of which the second one support ConOut protocol,
that made it preferable, but is BLT-only, that made console unusable.
Martin Matuska [Thu, 16 Dec 2021 13:38:34 +0000 (14:38 +0100)]
zfs: merge openzfs/zfs@f291fa658 (master) into main
Notable upstream pull request merges:
#11711 Vdev Properties Feature
#12717 VOP_RENAME fixes for FreeBSD
#12746 Enable strict hole reporting by default
#12770 ZFS send/recv with ashift 9->12 leads to data corruption
#12828 FreeBSD: Add vop_standard_writecount_nomsyn
#12828 zfs: Fix a deadlock between page busy and the teardown lock
#12828 FreeBSD: Catch up with more VFS changes
Emmanuel Vadot [Fri, 10 Dec 2021 09:33:43 +0000 (10:33 +0100)]
loader: Add preload operation to fs_ops
When we load an ELF file (kernel or module) we do seek(2) a lot to
parse/load the different sections of the ELF file.
Protocol like TFTP suffers a lot from this as there is no resume or
a way to start the tranfer from a specified offset in the file.
fs_preload is added to help those protocol.
Call preload just after opening the ELF file that we need to load so
the underlying method can cache the hole file and then read/lseek operations
are faster.
Emmanuel Vadot [Mon, 13 Dec 2021 09:35:23 +0000 (10:35 +0100)]
loader: tftp: Don't let tftp timeout
When we load a kernel or module we open/close it a few times.
Since we're using the same port number each time and that we requested
the same file the ACK that we send are valid on the server side and the
server send us the file multiple times.
This makes tftp loading time very inconsistant due to the UDP "flood" that
we have to process.
Alan Somers [Tue, 14 Dec 2021 02:37:27 +0000 (19:37 -0700)]
Change VOP_READDIR's cookies argument to a **uint64_t
The cookies argument is only used by the NFS server. NFSv2 defines the
cookie as 32 bits on the wire, but NFSv3 increased it to 64 bits. Our
VOP_READDIR, however, has always defined it as u_long, which is 32 bits
on some architectures. Change it to 64 bits on all architectures. This
doesn't matter for any in-tree file systems, but it matters for some
FUSE file systems that use 64-bit directory cookies.
Alan Somers [Mon, 13 Dec 2021 03:57:14 +0000 (20:57 -0700)]
nfs: don't truncate directory cookies to 32-bits in the NFS server
In NFSv2, the directory cookie was 32-bits. NFSv3 widened it to
64-bits and SVN r22521 widened the corresponding argument in
VOP_READDIR, but FreeBSD's NFS server continued to treat the cookies as
32-bits, and 0-extended to fill the field on the wire. Nobody ever
noticed, because every in-tree file system generates cookies that fit
comfortably within 32-bits.
Also, have better type safety for txdr_hyper. Turn it into an inline
function that type-checks its arguments. Prevents warnings about
shift-count-overflow.