Graham Perrin [Wed, 27 Dec 2023 23:36:26 +0000 (16:36 -0700)]
bsd-family-tree: tidiness, width
Tidy the raggedness in the section that begins [44B]. As the line that begins
[KB] was previously tidied, now tidy the section to accommodate [BSDI] and
[TUHS]. Rewrap the section to fit the same number of columns.
Colin Percival [Wed, 27 Dec 2023 08:09:08 +0000 (00:09 -0800)]
x86: Adjust base addr for PCI MCFG regions
Each bus gets 1 MB of address space; the actual base address for an
MCFG bus range is the address from the table plus the starting bus
number times 1 MB.
The PCI spec is unclear on this point, but this change matches what
Linux does, which is likely enough of a de facto standard regardless
of what any de jure standard might attempt to say.
Mark Johnston [Wed, 27 Dec 2023 20:17:53 +0000 (15:17 -0500)]
Fix the FreeBSD userspace build (#15716)
- Mark some parameters to zpool_power*() as unused.
- Add a stub zpool_disk_wait().
Fixes: a9520e6e5 ("zpool: Add slot power control, print power status") Signed-off-by: Mark Johnston <markj@FreeBSD.org> Reviewed-by: Alexander Motin <mav@FreeBSD.org> Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Lexi Winter [Wed, 27 Dec 2023 17:30:31 +0000 (17:30 +0000)]
nfsstat: update option strings in docs
Add the missing -q option to the nfsstat(1) manpage SYNOPSIS (it is
already documented in DESCRIPTION), and add the missing -E and -q
options to the built-in usage output.
Alan Somers [Mon, 9 Oct 2023 18:26:25 +0000 (12:26 -0600)]
Fix multiple bugs with ctld's UCL parsing
* Don't segfault when parsing a misformatted auth-group section
* If the config file specifies a chap section within a target but no
auth-group, create a new anonymous auth-group. That matches the
behavior with non-UCL config files.
* Protect some potential segfaults with assertions
Gleb Smirnoff [Wed, 27 Dec 2023 16:34:37 +0000 (08:34 -0800)]
inpcb: poison several inpcb pointer in in_pcbfree()
There are few subsystems that reference inpcb and allow it to outlive
in_pcbfree(). There are no known bugs with them to unreference the
options pointers for a freed inpcb. Enforce this so that such bugs
don't appear in the future.
Gleb Smirnoff [Wed, 27 Dec 2023 16:34:37 +0000 (08:34 -0800)]
inpcb: reoder inpcb destruction
First, merge in_pcbdetach() with in_pcbfree(). The comment for
in_pcbdetach() was no longer correct. Then, make sure we remove
the inpcb from the hash before we commit any destructive actions
on it. There are couple functions that rely on the hash lock
skipping SMR + inpcb lock to lookup an inpcb. Although there are
no known functions that similarly rely on the global inpcb list
lock, also do list removal before destructive actions.
Mark Johnston [Wed, 27 Dec 2023 15:13:29 +0000 (10:13 -0500)]
netmap: Ignore errors in CSB_WRITE()
The CSB_WRITE() and _READ() macros respectively write to and read from
userspace memory and so can in principle fault. However, we do not
check for errors and will proceed blindly if they fail. Add assertions
to verify that they do not.
This is in preparation for annotating copyin() and related functions
with __result_use_check.
Ihor Antonov [Wed, 27 Dec 2023 06:07:26 +0000 (00:07 -0600)]
daemon: replace memchr with memrchr
Looping over lines in the buffer is not needed.
Same effect can be achieved by looking for the last new line.
If found the buffer is guaranteed to have one or more complete lines.
All complete lines are flushed at once with no looping.
Ihor Antonov [Wed, 27 Dec 2023 06:07:25 +0000 (00:07 -0600)]
daemon: move buffer into daemon_state
There is no reason for a buffer in listen_child()
to be a static function variable. The buffer and
its position are parts of the daemon state and should
live together with the rest of the state variables.
Ihor Antonov [Wed, 27 Dec 2023 06:07:25 +0000 (00:07 -0600)]
daemon: fix clang-tidy warnings
Fixed narrowing conversions:
- strtol replaced with strtonum with range check
- read returns ssize_t
- kevent.data explicitly cast to int before passing into strerror
While we we're here:
- Defined and documented maximum restart delay.
- Fixed typo in a comment.
- Remove unused includes
Gleb Smirnoff [Wed, 27 Dec 2023 04:22:12 +0000 (20:22 -0800)]
netlink: simplify socket destruction
Destroy the socket at the file descriptor close(2). There is no
reason to linger for any longer, there are no external references.
Remove pr_detach method as nothing left to do after pr_close.
Remove pr_abort method as it shall never be executed for this type
of socket.
Alexander Motin [Wed, 27 Dec 2023 03:30:56 +0000 (22:30 -0500)]
Schedule fast taskqueue callouts on right CPU.
With fast taskqueues using direct callouts we can reduce number of
CPU wakeups by scheduling callout on current CPU if taskqueue calls
taskqueue_enqueue_timeout() on itself. The trick won't work for
regular taskqueues, since the callout thread will occupy the CPU.
It also may not work in case of multiple threads since we do not
know which thread will pick the task, and we do not want excessive
callout migrations. So we optimize only the other cases we can.
In practice this allows iichid(4) taskqueue to stay on CPU where
underlying ig4(4) interrupts are routed and to not kick CPU 0 with
timer interrupts on each sampling period (every 2nd/3rd sleep).
The test mostly focus on testing various corner cases.
The tests take a long time to run, so for the common.run runfile
we randomly select a hundred tests.
To run all the bclone tests, bclone.run runfile should be used.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Pawel Jakub Dawidek <pawel@dawidek.net>
Closes #15631
netpfil: Use accessor functions and named constants for all tcphdr flags
Update all remaining references to the struct tcphdr th_x2 field.
This completes the compatibilty of various aspects with AccECN
(TH_AE), after the internal ipfw "re-checksum required" was moved
to use the TH_RES1 flag.
Alexander Motin [Wed, 27 Dec 2023 00:36:34 +0000 (19:36 -0500)]
iichid(4): Switch taskqueue to "fast"
While "fast" taskqueue may be more expensive due to spinlock use,
when used mainly for timeout tasks it allows to avoid extra context
switches to and from callout thread, that is even more expensive.
Alexander Motin [Wed, 27 Dec 2023 00:28:56 +0000 (19:28 -0500)]
iichid(4): Unify two taskqueue tasks
taskqueue_enqueue_timeout(0) is equivalent to taskqueue_enqueue(),
so no need to create a separate periodic_task and event_task to run
exactly the same handler.
For the same reason as the original https://reviews.freebsd.org/D9659:
-flto=<N>, -flto=full, and -flto=thin also produce the GIMPLE/bitcode
which is not supported by genassym, so filter those out as well.
Rick Macklem [Tue, 26 Dec 2023 22:33:39 +0000 (14:33 -0800)]
nfscl: Fix handling of expired Kerberos credentials (NFSv4.1/4.2)
If the NFS server detects that the Kerberos credentials provided
by a NFSv4.1/4.2 mount using sec=krb5[ip] have expired, the NFS
server replies with a krpc layer error of RPC_AUTHERROR.
When this happened, the client erroneously left the NFSv4.1/4.2
session slot busy, so that it could not be used by other RPCs.
If this happened for all session slots, the mount point would
hang.
This patch fixes the problem by releasing the session slot
and resetting its sequence# upon receiving a RPC_AUTHERROR
reply.
This bug only affects NFSv4.1/4.2 mounts using sec=krb5[ip],
but has existed since NFSv4.1 client support was added to
FreeBSD.
So, why has the bug remained undetected for so long?
I cannot be sure, but I suspect that, often, the client detected
the Kerberos credential expiration before attempting the RPC.
For this case, the client would not do the RPC and, as such,
there would be no busy session slot. Also, no hang would
occur until all session slots are busied (64 for a FreeBSD
client/server), so many cases of the bug probably went undetected?
Also, use of sec=krb5[ip] mounts are not that common.
rilysh [Tue, 26 Dec 2023 16:24:04 +0000 (09:24 -0700)]
bhyve/audio.c: avoid re-calculating the length of dev_name
In the function audio_init(), strlen() is being called two times,
first to get the length of dev_name and second to use in memcpy().
Creating a local variable and keeping the length avoids this
re-calculation.
Alexander Motin [Tue, 26 Dec 2023 02:19:28 +0000 (21:19 -0500)]
acpi_cpu: Reduce BUS_MASTER_RLD manipulations
Instead of setting and clearing BUS_MASTER_RLD register on every C3
state enter/exit, set it only once if the system supports C3 state
and we are going to "disable" bus master arbitration while in it.
This is what Linux does for the past 14 years, and for even more time
this register is not implemented in a relevant hardware. Same time
since this is only a single bit in a bigger register, ACPI has to
do take a global lock and do read-modify-write for it, that is too
expensive, saved only by C3 not entered frequently, but enough to be
seen in idle system CPU profiles.
Mark Johnston [Tue, 26 Dec 2023 01:43:21 +0000 (20:43 -0500)]
nmount: Ignore errors when copying out an error string
In general we copy error strings as part of reporting an error from
lower layers, so if the copyout() fails there's nothing to do since we'd
prefer to preserve the original error.
This is in preparation for annotating copyin() and related functions
with __result_use_check.
Mark Johnston [Tue, 26 Dec 2023 01:43:06 +0000 (20:43 -0500)]
geom: Report copyout() errors in g_ctl_ioctl_ctl()
Despite the name, req->serror is used in some cases to copy non-error
messages to userspace. So, report errors when copying out so long as
they don't clobber an earlier error.
Mark Johnston [Tue, 26 Dec 2023 01:42:58 +0000 (20:42 -0500)]
gntdev: Handle errors from suword32() in gntdev_alloc_gref()
Try to copy out output values before handling errors, and check that we
did so successfully. In particular, it doesn't seem sensible to ignore
errors here, otherwise userspace won't have any way to refer to the
allocations.
This is in preparation for annotating copyin() and related functions
with __result_use_check.
Mark Johnston [Tue, 26 Dec 2023 01:42:49 +0000 (20:42 -0500)]
mpr: Handle errors from copyout() in ioctl handlers
In preparation for adding a __result_use_check annotation to copyin()
and related functions, start checking for errors from copyout() in
the mpr(4) user command handler. This should make it easier to catch
bugs.
Mark Johnston [Tue, 26 Dec 2023 01:42:33 +0000 (20:42 -0500)]
mps: Handle errors from copyout() in ioctl handlers
In preparation for adding a __result_use_check annotation to copyin()
and related functions, start checking for errors from copyout() in
the mps(4) user command handler. This should make it easier to catch
bugs.
Mark Johnston [Tue, 26 Dec 2023 01:41:32 +0000 (20:41 -0500)]
sendfile: Explicitly ignore errors from copyout()
There is a documented bug in sendfile.2 which notes that sendfile(2)
does not raise an error if it fails to copy out the number of bytes
written. Explicitly ignore the error from copyout() calls in
preparation for annotating copyout() with __result_use_check.
Mark Johnston [Tue, 26 Dec 2023 01:39:39 +0000 (20:39 -0500)]
thread: Add a return value to cpu_set_upcall()
Some implementations copy data to userspace, an operation which can in
principle fail. In preparation for adding a __result_use_check
annotation to copyin() and related functions, let implementations of
cpu_set_upcall() return an error, and check for errors when copying data
to user memory.
Mark Johnston [Tue, 26 Dec 2023 01:38:57 +0000 (20:38 -0500)]
ocs: Check for copyin errors in the ioctl handler
If copyin() fails, the driver will blindly proceed with whatever had
been in the uninitialized DMA buffer. This is not what we want. Check
for copyin failures.
This is in preparation for annotating copyin() and related functions
with __result_use_check.
Mark Johnston [Tue, 26 Dec 2023 01:38:12 +0000 (20:38 -0500)]
mpi3mr: Check for copyin errors in mpi3mr_map_data_buffer_dma()
A failed copyin will cause the driver to use the contents of
uninitialized buffers instead, which is unlikely to be the behaviour
that we want. Check for errors.
This is in preparation for annotating copyin() and related functions
with __result_use_check.
Mark Johnston [Tue, 26 Dec 2023 01:37:49 +0000 (20:37 -0500)]
hid: Handle errors from copyin() in ioctl handlers
If copyin() fails, the driver will proceed blindly with a zeroed buffer,
which is not what we want. In preparation for annotating copyin() with
__result_use_check, start checking for errors.