This commit allows a kbdcontrol binary built with a version of kbio.h
that supports Unicode characters in dead key maps to load and display
keymaps including the dead key tables on a kernel built with a
previous version of kbio.h (that only supported 8 bit characters in
the dead key map).
This commit is meant as a temporary compatibility shim that will be
reverted when it can be assumed that all relevant systems have been
upgraded to a kernel that uses the updated kbio.h.
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D38388
Stefan Eßer [Mon, 6 Feb 2023 22:48:47 +0000 (23:48 +0100)]
Support Unicode characters in keymap dead key tables
Support for Unicode characters had been added to the keyboard code,
but there are keymaps that have accented characters accessed via dead
key combinations, and those were still restricted to 8 bit codes.
This update to kbd.c adds support for Unicode characters and
compatibility code that allows a kbdcontrol command built from kbio.h
without these patches to work on a new kernel.
Compatibility code that allows a new kbdcontrol binary running on an
old kernel to load and display the dead key map will be committed in a
separate commit.
Stefan Eßer [Mon, 6 Feb 2023 21:33:56 +0000 (22:33 +0100)]
contrib/bc: update to version 6.2.4
This update contains only documentation changes (new main repository
URL and changed mail address of the program author) and changes to
the build system that do not affect the FreeBSD base system build.
Cy Schubert [Thu, 2 Feb 2023 00:49:08 +0000 (16:49 -0800)]
ipfilter: Fix use after free on packet with broken lengths
Under the scenario with a packet with length of 67 bytes, a header length
using the default of 20 bytes and a TCP data offset (th_off) of 48 will
cause m_pullup() to fail to make sure bytes are arragned contiguously.
m_pullup() will free the mbuf chain and return a null. ipfilter stores
the resultant mbuf address (or the resulting NULL) in its fr_info_t
structure. Unfortuntely the eroneous packet is not flagged for drop.
This results in a kernel page fault at line 410 of sys/netinet/ip_fastfwd.c
as it tries to use a now previously freed, by m_pullup(), mbuf.
PR: 266442
Reported by: Robert Morris <rtm@lcs.mit.edu>
sockbufs: add sbreserve_locked_limit() with custom maxsockbuf limit.
Protocols such as netlink may need a large socket receive buffer,
measured in tens of megabytes. This change allows netlink to
set larger socket buffers (given the privs are in place), without
requiring user to manuall bump maxsockbuf.
* The allocated buffer is only used in the fallback case, so move it
there. The argument for passing it in from the caller was that if
malloc(3) were to fail, we'd want it to fail before we started
copying anything, but firstly, it was already not in the right place
to ensure that, and secondly, malloc(3) never fails (except in very
contrived circumstances, such as an unreasonable RLIMIT_AS or
RLIMIT_DATA).
* Remove the mmap(2) option. It is almost never beneficial,
especially when the alternative is copy_file_range(2), and it adds
needless complexity and indentation.
* Fix includes in utils.c, cf. style(9).
* Fix type mismatch: readlink(2) returns ssize_t, not int.
* It is not necessary to set errno to 0 as fts_read(3) already does it.
* The sparsity check was ineffective: it compared the apparent size in bytes to the actual size in blocks. Instead, write a tool that reliably detects sparseness.
* Some of the seq commands were missing an argument.
* Based on empirical evidence, 1 MB holes are not necessarily large enough to be preserved by the underlying filesystem. Increase the hole size to 16 MB.
Stefan Eßer [Tue, 26 Jul 2022 21:04:57 +0000 (23:04 +0200)]
sbin/md5.c: fix -q -c for BSD style versions
The BSD style commands (with names not ending in "sum") ignored the -c
options and the passed digest value when invoked with -q.
The man page stated that -q causes only the calculated digest to be
printed, but did not consider the case of both the -q and -c being
used in combination.
Since there is no warning that -c will be ignored when the -q option
is used, users night (and did) expect that the exit code would reflect
the matching of the calculated digest and the argument passed with -c.
This update implements and documents this expected behavior.
sockets: add MSG_TRUNC flag handling for recvfrom()/recvmsg().
Implement Linux-variant of MSG_TRUNC input flag used in recv(), recvfrom() and recvmsg().
Posix defines MSG_TRUNC as an output flag, indicating packet/datagram truncation.
Linux extended it a while (~15+ years) ago to act as input flag,
resulting in returning the full packet size regarless of the input
buffer size.
It's a (relatively) popular pattern to do recvmsg( MSG_PEEK | MSG_TRUNC) to get the
packet size, allocate the buffer and issue another call to fetch the packet.
In particular, it's popular in userland netlink code, which is the primary driving factor of this change.
This commit implements the MSG_TRUNC support for SOCK_DGRAM sockets (udp, unix and all soreceive_generic() users).
Stefan Eßer [Mon, 6 Feb 2023 20:11:51 +0000 (21:11 +0100)]
md5/tests: extend md5 test
The testloop function is called with various parameters, but those
were ignored in the coreutils-c-test script. This was an oversight
and is fixed by passing the option to all invocations of the hash
functions in this test script.
netlink: allow path weight manipulations for single-path routes.
Add support for the scenario when user adds/deletes paths for a single
prefix one-by-one, all with different weights.
This change adds a new FreeBSD-specific RTA attribute, NL_RTA_WEIGHT.
When dumping non-multipath routes, this attribute is added if the
route weight is not RT_DEFAULT_WEIGHT.
When adding a new route, this attribute is parsed as a relative path
weight.
Boris Lytochkin [Sun, 29 Jan 2023 16:42:40 +0000 (16:42 +0000)]
carp: turn net.inet.carp.allow into a RW tunable
Currently CARP starts announcing its state when initialised, regardless
of the state of the other services provided by the server.
As a result, the device can become master while still loading the
firewall ruleset or initialising long-starting service.
This change adds the way to request delayed CARP start by setting the
net.inet.carp.allow=0 in the loader.conf.
This is a followup of 692e19cf5195 (add netlink to GENERIC@amd64).
Netlink is a communication protocol defined in RFC 3549. It is async,
TLV-based protocol, providing 1-1 and 1-many communications between kernel
and userland. Netlink is currently used in Linux kernel to modify, read and
subscribe for nearly all networking states. Interface state, addresses, routes,
firewall, rules, fibs, etc, are controlled via Netlink.
Netlink support was added in D36002. It has got a number of improvements and
first customers since then:
* net/bird2 got netlink support, enabling route multipath in FreeBSD
* netlink-based devd notifications are being worked on ( D37574 ).
* linux(4) fully supports and depends on Netlink
Enabling Netlink in GENERIC targets two goals.
The first one is to provide stability for the third-party userland applications,
so they can rely on the fact that netlink always exists since 14.0 and potentially 13.2.
Loadable module makes life of the app delepers harder. For example, `net/bird2` can be
either build with netlink or rtsock support, but not both.
The second goal is to enable gradual conversion of the base userland tools
to use netlink(4) interfaces. Converting tools like netstat (D36529), route,
ifconfig one-by-one simplifies testing and addressing the feedback.
Othewise, switching all base to use netlink at once may be too big of a leap.
netinet6: honor blackhole/unreach routes in the non-fastforwading code.
Currently, under the conditions specified below, IPv6 ingress packet
processing can ignore blackhole/reject flag on the prefix. The packet
will instead be looped locally till TTL expiration and a single ICMPv6
unreachable message will be send to the source even in case of
RTF_BLACKHOLE.
The following conditions needs hold to make the scenario happen:
* IPv6 forwarding is enabled
* Packet is not fast-forwarded
* Destination prefix has either RTF_BLACKHOLE or RTF_REJECT flag
Fix this behavior by checking for the blackhole/reject flags in
ip6_forward().
Jose Luis Duran [Wed, 28 Dec 2022 15:51:18 +0000 (15:51 +0000)]
pytest: silence deprecation warning in the pytest atf wrapper
Convert `pytest.mark` decorator to the `pytest.hookimpl()` one,
as suggested by the
https://docs.pytest.org/en/latest/deprecations.html#configuring-hook-specs-impls-using-markers
Andrew Turner [Wed, 25 Jan 2023 17:47:39 +0000 (17:47 +0000)]
Read the arm64 far early in el0 exceptions
When handling userspace exceptions on arm64 we need to dereference the
current thread pointer. If this is being promoted/demoted there is a
small window where it will cause another exception to be hit. As this
second exception will set the fault address register we will read the
incorrect value in the userspace exception handler.
Fix this be always reading the fault address before dereferencing the
current thread pointer.
Dmitry Chagin [Thu, 2 Feb 2023 14:58:07 +0000 (17:58 +0300)]
linux(4): Deduplicate linux_fixup_elf().
Use native routines to fixup initial process stack. On Arm64 linux_elf_fixup() is
noop, as it do the stack fixup (room for argc) in the linux_copyout_strings().
Dmitry Chagin [Thu, 2 Feb 2023 14:58:06 +0000 (17:58 +0300)]
linux(4): Use COMPAT_LINUX32 enstead of __ELF_WORD_SIZE.
COMPAT_LINUX32 option is defined for case when building 32-bit Linuxulator
for the 64-bit host. Usage of __ELF_WORD_SIZE is wrong here as it is equal to 32
on i386 too.
Doug Moore [Wed, 8 Feb 2023 17:04:13 +0000 (11:04 -0600)]
iommu_gas: initialize start_gap as first node
In iommu_gas.c, domain->start_gap points to one of the nodes on either
side of the first free, unallocated range. In iommu_gas_init_domain,
it is initialized to point to the node after the single free
range. Change it to point to the node before that free range, so that,
when 'lowaddr' is within the initial free range, the first allocation
search for free space below 'lowaddr' does not begin and end at an
address above 'lowaddr'. This fixes problems on a machine with Intel
DMAR enabled.
Reported by: jah
Reviewed by: dougm
Tested by: jah
Obtained from: jah
Fixes: commit db151ca0c343531256b8839f938a4ecbd8b4fd7e iommu_gas: start space search from 1st free space
MFC after: 1 day
GELI allows to read a user key from a standard input.
However if user initialize multiple providers at once, the standard
input will be empty for the second and next providers.
This caused GELI to encrypt a master key with an empty key file.
This commits initialize the HMAC with the key file, and then reuse the
finalized structure to generate different encryption keys for different
providers.
Corvin Köhne [Tue, 15 Nov 2022 10:53:49 +0000 (11:53 +0100)]
vmm: avoid spurious rendezvous
A vcpu only checks if a rendezvous is in progress or not to decide if it
should handle a rendezvous. This could lead to spurios rendezvous where
a vcpu tries a handle a rendezvous it isn't part of. This situation is
properly handled by vm_handle_rendezvous but it could potentially
degrade the performance. Avoid that by an early check if the vcpu is
part of the rendezvous or not.
At the moment, rendezvous are only used to spin up application
processors and to send ioapic interrupts. Spinning up application
processors is done in the guest boot phase by sending INIT SIPI
sequences to single vcpus. This is known to cause spurious rendezvous
and only occurs in the boot phase. Sending ioapic interrupts is rare
because modern guest will use msi and the rendezvous is always send to
all vcpus.
Bartosz Sobczak [Mon, 6 Feb 2023 22:37:39 +0000 (14:37 -0800)]
irdma(4): Add code for compilation on stable/13 branch
Current content of the irdma(4) driver consists only of code that is
compilable on current 14-CURRENT branch which makes it impossible to
merge into stable/13 branch because of missing dependencies in the ofed
tree.
This patch adds missing code that allows for merging into stable branch.
Once it is there, code relating only to version 14 or higher should be
removed.
Signed-off-by: Eric Joyner <erj@FreeBSD.org>
Reviewed by: erj@
MFC after: 1 day
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D38170
Adjust irdma_prep_for_unregister() definition to avoid clang 15 warning
With clang 15, the following -Werror warning is produced:
sys/dev/irdma/icrdma.c:621:26: error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
irdma_prep_for_unregister()
^
void
This is because irdma_prep_for_unregister() is declared with a (void)
argument list, but defined with an empty argument list. Make the
definition match the declaration.
Bartosz Sobczak [Mon, 23 May 2022 23:39:27 +0000 (16:39 -0700)]
irdma: Add RDMA driver for Intel(R) Ethernet Controller E810
This is an initial commit for RDMA FreeBSD driver for Intel(R) Ethernet
Controller E810, called irdma. Supporting both RoCEv2 and iWARP
protocols in per-PF manner, RoCEv2 being the default.
Testing has been done using krping tool, perftest, ucmatose, rping,
ud_pingpong, rc_pingpong and others.
timeout(1) is used by /etc/rc.d/zfskeys. Unfortunately, having
timeout(1) installed in /usr/bin causes problems when /usr is an
encrypted ZFS partition.
Implementing timeout(1) in sh(1) is not trivial. A more elegant solution
is to move timeout(1) to /bin so that it is available to early services
in the boot process.
This version adds support for command line editing and history using
the libedit or readline libraries in addition to the line editing
features available in previous versions.
The version in the base system is configured to use libedit.
This allows to choose between emacs and vi line editing commands and
to use command overrides via a ~/.editrc file.
The filter_text function in scripts/functions.sh in version 5.3.3 had
commented out a "rm" command, probably for debugging purposes. This
caused temporary files to persist in /tmp when the bc program had been
built.
This commit fixes the build process with no change of the resulting
artefacts.
This update fixes a few issues in history editing and the processing
of the "quit" function. The "quit" function will no longer cause bc
to exit when encountered in a script file (before any command from
the script has been executed).
New functions is_number(), is_string return 1 if the passed argument
is a number resp. a string. The asciify() function has been extended
to support the conversion of an array of numbers into a string.
Ever since gtaskqueue_drain() was added to iflib_stop(), a kernel panic
occurs when the ice(4) driver is in recovery mode. Queues are not
initialized in this mode, so gt_taskqueue is not initialized, and
gtaskqueue_drain() will panic.
Fix this by only doing a drain if an RX queue's gt_taskqueue is
initialized.
Eric Joyner [Mon, 30 Jan 2023 21:34:03 +0000 (13:34 -0800)]
vtd: Increase DRHD_MAX_UNITS
Observed on a couple Ice Lake-SP platforms (Intel Coyote Pass, Dell
R750), there are more than 8 DRHD sections enumerated in the DMAR ACPI
section. Since the previous limit was 8, this resulted in some of these
not being parsed by vtd when the iommu is initialized; in this case when
PCI devices are being passthru'd to a bhyve VM.
This omission later causes a kernel panic later in initialization when
devices could not be found in a valid DRHD scope because the DHRD
containing the device's scope was not added to vtd.
Mitchell Horne [Sat, 7 Jan 2023 18:09:28 +0000 (14:09 -0400)]
ddb: have 'reset' command use normal reboot path
This conditionally gives all registered shutdown handlers a chance to
perform the reboot, with cpu_reset() being the fallback. The '\s'
modifier can be used with the command to get the previous behaviour.
The motivation is that some platforms may not be able do anything
meaningful via cpu_reset(), due to a lack of standardized reset
mechanism and/or firmware shortcomings. However, they may have a
separate device driver attached that normally performs the reboot. Such
is the case for some versions of the Raspberry Pi, where reset via PSCI
fails, but the BCM2835 watchdog driver has a shutdown hook.
Currently shutdown_reset() is registered as the final entry of the
shutdown_final event handler. However, if a panic occurs early in boot
before the event is registered (SI_SUB_INTRINSIC), we may end up
spinning in the subsequent infinite for loop and failing to reset
altogether. Instead we can simply call this function unconditionally.
Dmitry Chagin [Mon, 30 Jan 2023 16:28:54 +0000 (19:28 +0300)]
cpuset: Handle CPU_WHICH_TIDPID wherever cpuset_which() is called.
cpuset_which() resolves the argument pair which and id and returns references
to an appropriate resources. To avoid leaking resources or accessing unresolved
references to a resources handle new which CPU_WHICH_TIDPID wherever
cpuset_which() is called.
To avoid code duplication cpuset_which2() has been added.
Dmitry Chagin [Sun, 29 Jan 2023 13:17:33 +0000 (16:17 +0300)]
cpuset: Fix sched_[g|s]etaffinity() for better compatibility with Linux.
Under Linux to sched_[g|s]etaffinity() functions the value returned from a call
to gettid(2) (thread id) can be passed in the argument pid. Specifying pid as 0
will set the attribute for the calling thread, and passing the value returned
from a call to getpid(2) (process id) will set the attribute for the main thread
of the thread group.
Native cpuset(2) family of system calls has "which" argument to determine how
the value of id argument is interpreted, i.e., CPU_WHICH_TID is used to pass
a thread id and CPU_WHICH_PID - to pass a process id.
For now native sched_[g|s]etaffinity() implementation is wrong as uses "which"
CPU_WHICH_PID to pass both (process and thread id) to the kernel. To fix this
adding a new "which" CPU_WHICH_TIDPID intended to handle both id's.
Dmitry Chagin [Sun, 29 Jan 2023 12:36:25 +0000 (15:36 +0300)]
libthr: Fix pthread_[g|s]etaffinity_np manual.
Since f35093f8 semantics of a thread affinity functions is changed to be a
compatible with Linux:
In case of getaffinity(), the minimum cpuset_t size that the kernel permits is
the maximum CPU id, present in the system, / NBBY bytes, the maximum size is not
limited.
In case of setaffinity(), the kernel does not limit the size of the user-provided
cpuset_t, internally using only the meaningful part of the set, where the upper
bound is the maximum CPU id, present in the system, no larger than the size of
the kernel cpuset_t.
Dmitry Chagin [Sun, 29 Jan 2023 12:35:18 +0000 (15:35 +0300)]
libthr: Fix pthread_attr_[g|s]etaffinity_np to match it's manual and the kernel.
Since f35093f8 semantics of a thread affinity functions is changed to be a
compatible with Linux:
In case of getaffinity(), the minimum cpuset_t size that the kernel permits is
the maximum CPU id, present in the system, / NBBY bytes, the maximum size is not
limited.
In case of setaffinity(), the kernel does not limit the size of the user-provided
cpuset_t, internally using only the meaningful part of the set, where the upper
bound is the maximum CPU id, present in the system, no larger than the size of
the kernel cpuset_t.
To match pthread_attr_[g|s]etaffinity_np checks of the user-provided cpusets to
the kernel behavior export the minimum cpuset_t size allowed by running kernel
via new sysctl kern.sched.cpusetsizemin and use it in checks.
Dmitry Chagin [Sun, 29 Jan 2023 12:34:10 +0000 (15:34 +0300)]
sched.h: Fix _S macros for better compatibility with glibc.
In e2650af157 was added "_S" macros for compatibility with glibc, but it's still
incompatible as under glibc the macros whose names end with "_S" operate on the
dynamically allocated CPU set(s) whose size is in bytes, not in bits.
While here remove limiting ifdef to non-kernel case.
Dmitry Chagin [Sat, 28 Jan 2023 10:19:41 +0000 (13:19 +0300)]
linux(4): Rework statfs conversion routine.
Rework the routines to convert a native statfs structure (with fixed-size 64-bit
counters) to a Linux statfs structure (with long-sized counters) for 32-bit apps.
Instead of following Linux and return an EOVERFLOW error from statfs() family of
syscalls when actual fs stat value(s) are large enough to not fit into 32 bits,
apply scale logics used by FreeBSD to convert a 5.x statfs structure to a 4.x
statfs structure.
Warner Losh [Mon, 7 Feb 2022 20:16:15 +0000 (13:16 -0700)]
release: Don't install ubldr.bin
ubldr.bin was obsoleted by our uboot ports last year, so this is
completely unused in the default config (some customers still use
it, but that's not relevant to this script). Don't copy it at all
since it won't be used for re@ produced images.