aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Giant: move back Giant removal until 14Warner Losh2021-02-171-1/+1
| | | | | | | Update the Giant Lock warning message to FreeBSD 14. It's growing increasling clear that this won't be done before 13.0. MFC: Insta (re@'s request)
* Handle negative return values from syncache_expand().John Baldwin2021-02-171-5/+15
| | | | | | | | | | | | | | | These errors do not clear so to NULL, so the existing check was treating these failures as success. The rest of do_pass_establish() then tried to use the listen socket as if it was a connection socket newly created by syncache_expand(). In addition, for negative return values, do not send a RST to the peer. Reported by: Sony Arpita Das @ Chelsio Reviewed by: np Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D28243
* fwohci: Cast bitfield to uint32_t before passing it to roundup2().John Baldwin2021-02-171-1/+1
| | | | | | | | | | The fallback for __align_up() used by roundup2() uses __typeof__() which doesn't work for bitfields. This fixes the build on GCC which uses the fallback. Reviewed by: arichardson, markj Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D28599
* gicv3_its: Leave LPI interrupts enabled during handlingD Scott Phillips2021-02-171-2/+0
| | | | | | | | | | | | This follows the behavior on x86 where edge triggered interrupts are not disabled when executing the handler. Because the ITS is a shared resource, contention for the command queue lock can be substantial. Suggested by: gallatin Reviewed by: andrew Tested by: gallatin Sponsored by: Ampere Computing LLC Differential Revision: https://reviews.freebsd.org/D28709
* Add ifdef TCPHPTS around build_ack_entry and do_bpf_and_csum to avoidRandall Stewart2021-02-171-0/+2
| | | | | | warnings when HPTS is not included Thanks to Gary Jennejohn for pointing this out.
* Fix bootstrap tools build on macOS after ↵Alex Richardson2021-02-171-2/+5
| | | | | | | | | | | 02af91c52e71e8a0f47251e637c9687f35d45dd9 After changing the namespace.h header we need to provide _err on macOS, too. Previously we used the system libc err*/warn*, but that does not provide _err/_warn (which is used by other bootstrapped files from libc). To fix this problem bootstrap err.c on macOS as well. Fixes: 02af91c52 (Fix crossbuild bootstrap tools build with Clang 12)
* arm64: use macros to access special register valuesMitchell Horne2021-02-171-2/+4
|
* Bump __FreeBSD_version after f2583be110caMitchell Horne2021-02-171-1/+1
| | | | | | Provide a compatibility point around the ABI-breaking change. Sponsored by: The FreeBSD Foundation
* arm64: extend struct db_reg to include watchpoint registersMitchell Horne2021-02-174-16/+92
| | | | | | | | | | | | | | | | | | | The motivation is to provide access to these registers from userspace via ptrace(2) requests PT_GETDBREGS and PT_SETDBREGS. This change breaks the ABI of these particular requests, but is justified by the fact that the intended consumers (debuggers) have not been taught to use them yet. Making this change now enables active upstream work on lldb to begin using this interface, and take advantage of the hardware debugging registers available on the platform. PR: 252860 Reported by: Michał Górny (mgorny@gentoo.org) Reviewed by: andrew, markj (earlier version) Tested by: Michał Górny (mgorny@gentoo.org) MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D28415
* arm64: handle watchpoint exceptions from EL0Mitchell Horne2021-02-173-1/+13
| | | | | | | | | | | | | | | | | This is a prerequisite to allowing the use of hardware watchpoints for userspace debuggers. This is also a slight departure from the x86 behaviour, since `si_addr` returns the data address that triggered the watchpoint, not the address of the instruction that was executed. Otherwise, there is no straightforward way for the application to determine which watchpoint was triggered. Make a note of this in the siginfo(3) man page. Reviewed by: jhb, markj (earlier version) Tested by: Michał Górny (mgorny@gentoo.org) MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D28561
* arm64: validate breakpoint registersMitchell Horne2021-02-172-4/+50
| | | | | | | | | | | In particular, we want to disallow setting breakpoints on kernel addresses from userspace. The control register fields are validated or ignored as appropriate. Reviewed by: markj MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D28560
* libdtrace: Stop relying on lex compatibilityMark Johnston2021-02-172-3/+1
| | | | | | | | | | It does not appear to be required, and as of commit 6b7e592c215f ("lex: Do not let input() return 0 when end-of-file is reached") it causes input to return 0 instead of EOF when end-of-input is reached. PR: 253440 MFC after: 3 days Sponsored by: The FreeBSD Foundation
* Bump the FreeBSD kernel version in kernel boot shim.Hans Petter Selasky2021-02-171-1/+1
| | | | Sponsored by: Mellanox Technologies // NVIDIA Networking
* Update the LRO processing code so that we can supportRandall Stewart2021-02-176-123/+829
| | | | | | | | | | | | | | | | a further CPU enhancements for compressed acks. These are acks that are compressed into an mbuf. The transport has to be aware of how to process these, and an upcoming update to rack will do so. You need the rack changes to actually test and validate these since if the transport does not support mbuf compression, then the old code paths stay in place. We do in this commit take out the concept of logging if you don't have a lock (which was quite dangerous and was only for some early debugging but has been left in the code). Sponsored by: Netflix Inc. Differential Revision: https://reviews.freebsd.org/D28374
* pf tests: Explicitly ask for python3Kristof Provost2021-02-173-3/+3
| | | | | | | | If we install the scapy package (which we do list as a dependency) we don't automatically install python (but we do have python3). MFC after: 1 week Sponsored by: Rubicon Communications, LLC (“Netgate”’)
* pf: Assert that pfil_link() calls succeedKristof Provost2021-02-171-4/+9
| | | | | | | | These should only fail if we use them incorrectly, so assert that they succeed. MFC after: 1 week Sponsored by: Rubicon Communications, LLC (“Netgate”’)
* arm64: rpi4: gpio: Add brcm,bcm2711-gpio compatibleEmmanuel Vadot2021-02-171-0/+1
| | | | | | | Looks like we never enabled the main gpio controller on the RPI4 board. Now gpio are usable. MFC after: 3 days
* arm64: rpi4: firmware: Attach at BUS_PASS_BUS + BUS_PASS_ORDER_LATEEmmanuel Vadot2021-02-171-1/+1
| | | | | | | | The node have now a compatible with simple-mfd so we need to attach at the same pass so the specific driver will be used. MFC after: 3 days PR: 252971
* automount(8): fix absolute path when creating a mountpointRobert Wing2021-02-171-1/+1
| | | | | | | | | | | | | | | When executing automount(8), it will attempt to create the directory where an autofs filesystem is to be mounted. Explicity set the root path for this directory to "/". This fixes the issue where the directory being created was being treated as a relative path instead of an absolute path (as expected). PR: 224601 Reported by: kusumi.tomohiro@gmail.com Reviewed by: trasz MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D27832
* Fix crossbuild bootstrap tools build with Clang 12Alex Richardson2021-02-172-2/+7
| | | | | | Clang 12 no longer allows re-defining a weak symbol as non-weak. This happed here because we compile err.c with _err defined to err. To fix this, use the same approach as the libc namespace.h
* pf: Remove unused return value from (de)hook_pf()Kristof Provost2021-02-171-31/+9
| | | | | | | | | | | These functions always return 0, which is good, because the code calling them doesn't handle this error gracefully. As the functions always succeed remove their return value, and the code handling their errors (because it was never executed anyway). MFC after: 1 week Sponsored by: Rubicon Communications, LLC (“Netgate”’)
* lex: Do not let input() return 0 when end-of-file is reachedJung-uk Kim2021-02-171-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Importing flex 2.6.4 has introduced a regression: input() now returns 0 instead of EOF to indicate that the end of input was reached, just like traditional AT&T and POSIX lex. Note the behavior contradicts flex(1). See "INCOMPATIBILITIES WITH LEX AND POSIX" section for information. This incompatibility traces back to the original version and documented in its manual page by the Vern Paxson. Apparently, it has been reported in a few places, e.g., https://github.com/westes/flex/issues/448 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911415 Unfortunately, this also breaks the scanner used by libdtrace and dtrace is unable to resolve some probe argument types as a result. See PR253440 for more information. Note the regression was introduced by the following upstream commit without any explanation or documentation change: https://github.com/westes/flex/commit/f863c9490e6912ffcaeb12965fb3a567a10745ff Now we restore the traditional flex behavior unless lex-compatibility mode is set with "-l" option because I believe the author originally wanted to make it more lex and POSIX compatible. PR: 253440 Reported by: markj
* OpenSSL: Regen assembly files for OpenSSL 1.1.1jJung-uk Kim2021-02-171-4/+7
|
* OpenSSL: Remove obsolete include directoryJung-uk Kim2021-02-1732-2135/+0
| | | | | | This directory was deprecated since OpenSSL 1.1.1e. https://github.com/openssl/openssl/pull/9681
* cxgbe(4): Save proper zone index on low memory in refill_fl().Alexander Motin2021-02-171-5/+6
| | | | | | | | | | | | | | | | When refill_fl() fails to allocate large (9/16KB) mbuf cluster, it falls back to safe (4KB) ones. But it still saved into sd->zidx the original fl->zidx instead of fl->safe_zidx. It caused problems with the later use of that cluster, including memory and/or data corruption. While there, make refill_fl() to use the safe zone for all following clusters for the call, since it is unlikely that large succeed. MFC after: 3 days Sponsored by: iXsystems, Inc. Reviewed by: np, jhb Differential Revision: https://reviews.freebsd.org/D28716
* linux: Update the i386/linux vdso deinitialization routineMark Johnston2021-02-161-1/+2
| | | | | | | | This was missed in commit 0fc8a796722 ("linux: Unmap the VDSO page when unloading"). Reported by: Mark Millard MFC with: 0fc8a796722
* OpenSSL: Regen manual pages for OpenSSL 1.1.1j.Jung-uk Kim2021-02-16539-1167/+642
|
* OpenSSL: Merge OpenSSL 1.1.1jJung-uk Kim2021-02-1690-202/+433
|\ | | | | | | Merge commit '4f55bd5321b72491d4eff396e4928e9ab0706735'
| * Import OpenSSL 1.1.1j.vendor/openssl/1.1.1jJung-uk Kim2021-02-16157-202/+433
| |
| * Update OpenSSL upgrade procedure for the new assembly file path.Jung-uk Kim2020-12-091-1/+3
| | | | | | | | Notes: svn path=/vendor-crypto/openssl/dist/; revision=368475
| * Update OpenSSL upgrade procedure.Jung-uk Kim2020-12-091-9/+4
| | | | | | | | Notes: svn path=/vendor-crypto/openssl/dist/; revision=368474
* | Fix NOINET6 build broken by 2fe5a79425c7.Alexander V. Chernikov2021-02-161-0/+8
| | | | | | | | Reported by: mjg
* | Fix dst/netmask handling in routing socket code.Alexander V. Chernikov2021-02-162-10/+195
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Traditionally routing socket code did almost zero checks on the input message except for the most basic size checks. This resulted in the unclear KPI boundary for the routing system code (`rtrequest*` and now `rib_action()`) w.r.t message validness. Multiple potential problems and nuances exists: * Host bits in RTAX_DST sockaddr. Existing applications do send prefixes with hostbits uncleared. Even `route(8)` does this, as they hope the kernel would do the job of fixing it. Code inside `rib_action()` needs to handle it on its own (see `rt_maskedcopy()` ugly hack). * There are multiple way of adding the host route: it can be DST without netmask or DST with /32(/128) netmask. Also, RTF_HOST has to be set correspondingly. Currently, these 2 options create 2 DIFFERENT routes in the kernel. * no sockaddr length/content checking for the "secondary" fields exists: nothing stops rtsock application to send sockaddr_in with length of 25 (instead of 16). Kernel will accept it, install to RIB as is and propagate to all rtsock consumers, potentially triggering bugs in their code. Same goes for sin_port, sin_zero, etc. The goal of this change is to make rtsock verify all sockaddr and prefix consistency. Said differently, `rib_action()` or internals should NOT require to change any of the sockaddrs supplied by `rt_addrinfo` structure due to incorrectness. To be more specific, this change implements the following: * sockaddr cleanup/validation check is added immediately after getting sockaddrs from rtm. * Per-family dst/netmask checks clears host bits in dst and zeros all dst/netmask "secondary" fields. * The same netmask checking code converts /32(/128) netmasks to "host" route case (NULL netmask, RTF_HOST), removing the dualism. * Instead of allowing ANY "known" sockaddr families (0<..<AF_MAX), allow only actually supported ones (inet, inet6, link). * Automatically convert `sockaddr_sdl` (AF_LINK) gateways to `sockaddr_sdl_short`. Reported by: Guy Yur <guyyur at gmail.com> Reviewed By: donner Differential Revision: https://reviews.freebsd.org/D28668 MFC after: 3 days
* | Add ifa_try_ref() to simplify ifa handling inside epoch.Alexander V. Chernikov2021-02-162-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | More and more code migrates from lock-based protection to the NET_EPOCH umbrella. It requires some logic changes, including, notably, refcount handling. When we have an `ifa` pointer and we're running inside epoch we're guaranteed that this pointer will not be freed. However, the following case can still happen: * in thread 1 we drop to 0 refcount for ifa and schedule its deletion. * in thread 2 we use this ifa and reference it * destroy callout kicks in * unhappy user reports bug To address it, new `ifa_try_ref()` function is added, allowing to return failure when we try to reference `ifa` with 0 refcount. Additionally, existing `ifa_ref()` is enforced with `KASSERT` to provide cleaner error in such scenarious. Reviewed By: rstone, donner Differential Revision: https://reviews.freebsd.org/D28639 MFC after: 1 week
* | Make in_localip_more() fib-aware.Alexander V. Chernikov2021-02-161-12/+12
| | | | | | | | | | | | | | | | | | | | It fixes loopback route installation for the interfaces in the different fibs using the same prefix. Reviewed By: donner PR: 189088 Differential Revision: https://reviews.freebsd.org/D28673 MFC after: 1 week
* | jail: Handle a possible race between jail_remove(2) and fork(2)Jamie Gritton2021-02-163-3/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | jail_remove(2) includes a loop that sends SIGKILL to all processes in a jail, but skips processes in PRS_NEW state. Thus it is possible the a process in mid-fork(2) during jail removal can survive the jail being removed. Add a prison flag PR_REMOVE, which is checked before the new process returns. If the jail is being removed, the process will then exit. Also check this flag in jail_attach(2) which has a similar issue. Reported by: trasz Approved by: kib MFC after: 3 days
* | Use iflib_if_init_locked() during media change instead of iflib_init_locked().Allan Jude2021-02-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | iflib_init_locked() assumes that iflib_stop() has been called, however, it is not called for media changes. iflib_if_init_locked() calls stop then init, so fixes the problem. PR: 253473 MFC after: 3 days Reviewed by: markj Sponsored by: Juniper Networks, Inc., Klara, Inc. Differential Revision: https://reviews.freebsd.org/D28667
* | bi_load: only add MODULEP on arches that have it definedRoger Pau Monné2021-02-161-0/+2
| | | | | | | | | | | | | | | | | | | | | | Do not attempt to add MODINFOMD_MODULEP to the kernel medatada on arches that don't have it defined. This fixes the build for arches different than amd64 after 7d3259775cb69f250df3e7fe51d6fff2283c6f20. Sponsored by: Citrix Systems R&D Reported by: lwhsu, arichardson
* | linux: Unmap the VDSO page when unloadingMark Johnston2021-02-165-5/+12
| | | | | | | | | | | | | | | | | | | | | | linux_shared_page_init() creates an object and grabs and maps a single page to back the VDSO. When destroying the VDSO object, we failed to destroy the mapping and free KVA. Fix this. Reviewed by: kib MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D28696
* | Update capsicum-test to git commit 7707222b46abe52d18fd4fbb76115ffdb3e6f74bAlex Richardson2021-02-169-125/+121
|\ \ | | | | | | | | | | | | This includes changes to use GTEST_SKIP() instead of the local hand-rolled mechanism as well as a few minor cleanups.
| * | Update capsicum-test to 7707222b46abe52d18fd4fbb76115ffdb3e6f74bvendor/google/capsicum-test/7707222b46abe52d18fd4fbb76115ffdb3e6f74bAlex Richardson2021-02-169-152/+239
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using the following steps: ``` git worktree add ../freebsd-vendor-capsicum-test freebsd/vendor/google/capsicum-test cd ../freebsd-vendor-capsicum-test git remote add upstream-capsicum-test https://github.com/google/capsicum-test git fetch upstream-capsicum-test git checkout -f upstream-capsicum-test/dev -- git rm -rf autoconf/ casper/ gtest-1.10.0/ libcaprights/ git commit ```
* | | xen/efi: introduce a PV interface for EFI run time services for dom0Roger Pau Monné2021-02-162-0/+256
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FreeBSD when running as a dom0 under Xen is not supposed to access the run time services directly, and instead should proxy the calls through Xen using an hypercall interface that exposes access to selected run time services. Implement the efirt interface on top of the Xen provided hypercalls. Sponsored by: Citrix Systems R&D Reviewed by: kib Differential revision: https://reviews.freebsd.org/D28621
* | | efirt: add hooks for diverging EFI implementationsRoger Pau Monné2021-02-162-30/+127
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduce a set of hooks for MI EFI public functions, so that a new implementation can be done. This will be used to implement the Xen PV EFI interface that's used when running FreeBSD as a Xen dom0 from UEFI firmware. Also make the efi_status_to_errno non-static since it will be used to evaluate status return values from the PV interface. No functional change indented. Sponsored by: Citrix Systems R&D Reviewed by: kib, imp Differential revision: https://reviews.freebsd.org/D28620
* | | xen/boot: allow specifying boot method when booted from XenRoger Pau Monné2021-02-165-8/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow setting the bootmethod variable from the Xen PVH entry point, in order to be able to correctly set the underlying firmware mode when booted as a dom0. Move the bootmethod variable to be defined in x86/cpu_machdep.c instead so it can be shared by both i386 and amd64. Sponsored by: Citrix Systems R&D Reviewed by: kib Differential revision: https://reviews.freebsd.org/D28619
* | | stand/multiboot2: add support for booting a Xen dom0 in UEFI modeRoger Pau Monné2021-02-166-0/+1002
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add some basic multiboot2 infrastructure to the EFI loader in order to be capable of booting a FreeBSD/Xen dom0 when booted from UEFI. Only a very limited subset of the multiboot2 protocol is implemented in order to support enough to boot into Xen, the implementation doesn't intend to be a full multiboot2 capable implementation. Such multiboot2 functionality is hooked up into the amd64 EFI loader, which is the only architecture that supports Xen dom0 on FreeBSD. The options to boot a FreeBSD/Xen dom0 system are exactly the same as on BIOS, and requires setting the xen_kernel and xen_cmdline options in loader.conf. Sponsored by: Citrix Systems R&D Reviewed by: tsoome, imp Differential revision: https://reviews.freebsd.org/D28497
* | | stand/efi: add modulep to kernel metadataRoger Pau Monné2021-02-161-3/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This mirrors the functionality of the BIOS amd64 bi_load function, that stashes the absolute address of the module metadata. This is required for booting as a Xen dom0 that does relocate the modulep and the loaded modules, and thus requires adjusting the offset. No functional change introduced, further patches will make use of this functionality for Xen dom0 loading. Sponsored by: Citrix Systems R&D Reviewed by: imp Differential revision: https://reviews.freebsd.org/D28496
* | | stand/efi: allow not exiting boot servicesRoger Pau Monné2021-02-166-14/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Xen requires that UEFI BootServices are enabled in order to boot, so introduce a new parameter to bi_load in order to select whether BS should be exited. No functional change introduced in this patch, as all current users of bi_load request BS to be exited. Further changes will make use of this functionality. Note the memory map is still appended to the kernel metadata, even when it could be modified by further calls to the Boot Services, as it will be used to detect if the kernel has been booted from UEFI. Sponsored by: Citrix Systems R&D Reviewed by: tsoome, imp Differential revision: https://reviews.freebsd.org/D28495
* | | update the SACK loss recovery to RFC6675, with the following new features:Richard Scheffenegger2021-02-163-6/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - improved pipe calculation which does not degrade under heavy loss - engaging in Loss Recovery earlier under adverse conditions - Rescue Retransmission in case some of the trailing packets of a request got lost All above changes are toggled with the sysctl "rfc6675_pipe" (disabled by default). Reviewers: #transport, tuexen, lstewart, slavash, jtl, hselasky, kib, rgrimes, chengc_netapp.com, thj, #manpages, kbowling, #netapp, rscheff Reviewed By: #transport Subscribers: imp, melifaro MFC after: 2 weeks Sponsored by: NetApp, Inc. Differential Revision: https://reviews.freebsd.org/D18985
* | | zfs: change file mode of all merged testsMartin Matuska2021-02-1632-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | If the ksh files are not executable then the tests are not run and reported as failed. MFC after: 2 weeks X-MFC-with: 6b52139eb8e8eda0ea263b24735556194f918642
* | | pf tests: Test unicast reverse path forwarding checkKristof Provost2021-02-162-0/+119
| | | | | | | | | | | | | | | | | | | | | | | | | | | Ensure that pf's urpf-failed keyword works as expected. PR: 253479 MFC after: 1 week Reviewed by: melifaro@ Differential Revision: https://reviews.freebsd.org/D28694