Commit Graph

236768 Commits

Author SHA1 Message Date
Conrad Meyer
0a3a36cd94 getentropy(3): Trap non-API errnos from getrandom(2) and abort
Additionally, reconcile our abort behavior with arc4random(3).  Unlike
SIGABRT, SIGKILL cannot be caught by the user program.  These failures
are fatal conditions and should not return to the caller, as they did in
the instance that resulted in D17049.

While here, fix some minor typos in a comment.

Reviewed by:	delphij
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D17050
2018-10-20 21:45:17 +00:00
Baptiste Daroussin
6794a0c94c Bring back the WARNS level to what it used to be to please gcc arches at least 2018-10-20 21:33:34 +00:00
Conrad Meyer
594fb8f519 mdmfs(8): Check for other types of helper-program failure
Exiting with a signal should not be treated the same as successful exit with
zero status.

Return signal exit information to the callers via negative integers, to
enable distinction from normal exit statuses.  (All consumers that check for
errors don't care what the exact non-zero exit value is -- in such a case
they print a diagnostic message and either continue or bail.)

Additionally, check for unexpected sources of waitpid() wakeup and bail if
we encounter them.

Reported by:	lev@
Reviewed by:	kib, lev, markj (earlier version)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D17035
2018-10-20 21:33:00 +00:00
Warner Losh
102cb8b907 Fix typo
The vendor name wds should have been wdc. Add wdc and keep the wds for
script compat.

MFC after: 3 days
2018-10-20 21:13:57 +00:00
Conrad Meyer
5528565a76 Fortuna: Fix a race to prevent reseed spamming
If multiple threads enter fortuna_pre_read contemporaneously, such as via
read(2) or getrandom(2), they could race to check how long it has been since
the last update due to a TOCTOU problem with 'now'.

Here is an example problematic execution:

Thread A:                       Thread B:
now_A = getsbinuptime();
                                now_B = getsbinuptime();  // now_B > now_A
                                RANDOM_RESEED_LOCK();
                                if (now - fs_lasttime > SBT_1S/10) {
                                        fs_lasttime = now;
                                        ... // reseed
                                }
                                RANDOM_RESEED_UNLOCK();
RANDOM_RESEED_LOCK();
if (now_A - fs_lasttime > SBT_1S/10)  // now_A - fs_lasttime underflows
        fs_lasttime = now_A;
        ... // reseed again, despite less than 100ms elapsing
}
RANDOM_RESEED_UNLOCK();

To resolve the race, simply check the current time after we win the lock
race.

If getsbinuptime is perceived to be expensive, another option might be to
just accept the race and validate that fs_lasttime isn't "in the future."
(It should be within the last ~2^31 seconds out of ~2^32 seconds
representable duration.)

Reviewed by:	delphij, markm
Approved by:	secteam (delphij)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D16984
2018-10-20 21:09:12 +00:00
Conrad Meyer
93d587e4d0 random(4): Correct a bare zero to the appropriate enum
The convention for updating hc_destination[] is to index with a
random_entropy_source.  Zero happens to match RANDOM_CACHED, which is
correct for this source (early random data).  Spell the zero value as the
enum name instead of the magic constant.

No functional change.

Reviewed by:	delphij, markm
Approved by:	secteam (delphij)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D16983
2018-10-20 21:06:15 +00:00
Mark Johnston
36209a40d1 Add an assertion to pmap_enter().
When modifying an existing managed mapping, we should find a PV entry
for the old mapping.  Verify this.

Before r335784 this would have been implicitly tested by the fact that
we always freed the PV entry for the old mapping.

Reviewed by:	alc, kib
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D17626
2018-10-20 20:53:35 +00:00
Yuri Pankov
4644f9bef6 Add -b/-l options to localedef(1) to specify output endianness and use
it appropriately when building share/ctypedef and share/colldef.

This makes the resulting locale data in EL->EB (amd64->powerpc64) cross
build and in the native EB build match.  Revert the changes done to libc
in r308170 as they are no longer needed.

PR:		231965
Reviewed by:	bapt, emaste, sbruno, 0mp
Approved by:	kib (mentor)
Differential Revision:	https://reviews.freebsd.org/D17603
2018-10-20 20:51:05 +00:00
Baptiste Daroussin
f4f33ea0c7 Update libdialog to 1.3-20180621 2018-10-20 20:49:46 +00:00
Conrad Meyer
b0dee75e64 random(4): Translate a comment requirement into a compile-time invariant
In various places, random represents the set of sources as a 32-bit word
bitmask.  It assumes all sources fit within this, i.e., the maximum valid
source number is 31.

There was a comment specifying this limitation, but we can actually refuse
to compile if our assumption is violated instead.  We still have a few spare
random source slots, but sooner or later someone may need to convert the
masks used from raw 32-bit words to bitset(9) APIs.

This prevents some kinds of developer foot-shooting when adding new random
sources.  No functional change.

Reviewed by:	delphij, markm
Approved by:	secteam (delphij)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D16982
2018-10-20 20:49:37 +00:00
Conrad Meyer
e41793db2c ddb: Enable 'thread <address>'
Currently, the 'thread' command (to switch the debugger to another thread)
only accepts decimal-encoded tids.  Use the same parsing logic as 'show
thread <arg>' to accept hex-encoded thread pointers in addition to
decimal-encoded tids.

Document the 'thread' command in ddb.4 and expand the 'show thread'
documentation to cover the tid usage.

Reported by:	bwidawsk
Reviewed by:	bwidawsk (earlier version), kib (earlier version), markj
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D16962
2018-10-20 20:45:49 +00:00
Conrad Meyer
64aa915f8a Add a dev_refthread.9 document.
Reviewed by:	kib
Sponsored by:	Dell EMC Isilon
Differential:	https://reviews.freebsd.org/D16897
2018-10-20 20:41:25 +00:00
Eitan Adler
efd84af574 bsd-family-tree: Announce two new releases
- OpenBSD 6.4; NetBSD 7.2
2018-10-20 20:34:36 +00:00
Baptiste Daroussin
4dccdce419 Import dialog 1.3-20180621 2018-10-20 20:32:57 +00:00
Conrad Meyer
494dda455c Fortuna: trivial static variable cleanup
Remove unnecessary use of function-local static variable.  32 bytes is
small enough to live on the stack.

Reviewed by:	delphij, markm
Approved by:	secteam (delphij)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D16937
2018-10-20 20:15:06 +00:00
Conrad Meyer
84880efae7 Fortuna: Add trivial assert to match FS&K definition
FS&K GenerateBlocks function asserts C (counter) != 0.  This should also
be true in our implementation.

Reviewed by:	delphij, markm
Approved by:	secteam (delphij)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D16936
2018-10-20 20:12:57 +00:00
Conrad Meyer
90545403e9 Fortuna: Clean up reseeding key material to closer match FS&K
When reseeding, only incorporate actual key material.  Do not include e.g.
the derived key schedules or other AES context.

I don't think the extra material was harmful here, just not beneficial.

Reviewed by:	delphij, markm
Approved by:	secteam (delphij)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D16934
2018-10-20 19:44:59 +00:00
Conrad Meyer
ec86f8b28b dev_refthread: Do not initialize *ref when reference was not acquired
Like the companion API devvn_refthread, leave *ref uninitialized when a
reference was not acquired.  Initializing to 1 provides a vaguely
correct-looking but bogus value for broken callers to (mistakenly) pass to
dev_relthread() when refthread fails.

Make it even more clear to consumers that dev_relthread is only valid when
dev_refthread succeeds.

Reviewed by:	kib, markj
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D16885
2018-10-20 19:42:38 +00:00
Warner Losh
4ded08e2e8 Now that we've branched, turn off building DRM and DRM2 by default.
We no longer build the drm/drm2 modules by default. See UPDATING for
which package to install instead. drm and drm2 have been completely
unsupported abandonware for a long time now. Please report issues with
the pkg modules to x11@freebsd.org.

Approved by: FreeBSD Graphics Team
2018-10-20 19:18:30 +00:00
Conrad Meyer
6e423878f0 Add a MINIMAL config for i386, based on amd64
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D17560
2018-10-20 19:16:43 +00:00
Warner Losh
468002c56c Add updating entry for DRM
Update messaging for which drm module to install. Add guidance on what
hardware is supported (which should be copied into the release
notes). Note: the in tree drivers are abandonware. There has been no
organized support for them for many years, and the plan is to still
remove them for all but arm once the transition to drm-*kmod is
complete. Also note that WITHOUT_MODULE_DRM and WITHOUT_MODULE_DRM2
should generally be added to src.conf for anybody using the drm-*kmod
ports. That will become default in 13 soon, however.

Approved by: FreeBSD Graphics Team
Relnotes: Yes
MFC After: 3 days
Differential Revision: https://reviews.freebsd.org/D17451
2018-10-20 19:14:46 +00:00
Conrad Meyer
93806cf9e5 stty.1: Document kern.tty_info_kstacks behavior (r339471)
Reported by:	bdrewery
Reviewed by:	bdrewery
Sponsored by:	Dell EMC Isilon
2018-10-20 18:53:32 +00:00
Ed Maste
447a8c25fe libelf: also test for 64-bit ELF in _libelf_is_mips64el
Although _libelf_is_mips64el is only called in contexts where we've
already checked that e_class is ELFCLASS64 but this may change in the
future.  Add a safety belt so that we don't access an invalid e_ehdr64
union member if it does.

Reported by:	jkoshy (in review D17380)
2018-10-20 18:47:45 +00:00
Eugene Grosbein
707a657cbf rc.initdiskless: fix commentary grammar after r339465
MFC after:	1 month
2018-10-20 18:46:36 +00:00
Conrad Meyer
d7aa89c363 tty info (^T): Add optional kernel stack(9) traces
It is often useful for developers and administrators to determine a running
thread's stack for debugging purposes.  With this feature, using ^T will
print that information

For now, the feature is disabled by default.  Enable with sysctl
kern.tty_info_kstacks=1.

Discussed with:	markj
Reviewed by:	oshogbo
Relnotes:	yes
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D17621
2018-10-20 18:42:28 +00:00
Kristof Provost
1563a27e1f pf synproxy will do the 3WHS on behalf of the target machine, and once
the 3WHS is completed, establish the backend connection. The trigger
for "3WHS completed" is the reception of the first ACK. However, we
should not proceed if that ACK also has RST or FIN set.

PR:		197484
Obtained from:	OpenBSD
MFC after:	2 weeks
2018-10-20 18:37:21 +00:00
Ed Maste
18227e20e4 Remove incorrect BSD-2-Clause-FreeBSD SPDX tags 2018-10-20 18:32:34 +00:00
Conrad Meyer
6858c2cc8f Replace ttyprintf with sbuf_printf and tty drain routine
Add string variants of cnputc and tty_putchar, and use them from the tty
sbuf drain routine.

Suggested by:	ed@
Sponsored by:	Dell EMC Isilon
2018-10-20 18:31:36 +00:00
Ed Maste
c9d10e2786 Remove incorrect BSD-2-Clause-FreeBSD SPDX tag 2018-10-20 18:30:13 +00:00
Kristof Provost
63488b6e4e pfctl tests: Basic test case for PR 231323
PR:		231323
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D17508
2018-10-20 18:18:28 +00:00
Eugene Grosbein
b4d24263c2 rc.initdiskless: add support for auxiliary NVRAM.
Currently, rc.inidiskless assumes that local system configuration
changes are kept in some mountable file system. For example,
nanobsd uses dedicated partition mounted as /cfg for this.

However, small embedded devices like MIPS routers may have no enough flash
space to keep full-blown file system but have only one or couple
small flash blocks to keep persistent local configuration overrides.

This change extends rc.initdiskless and introduces ability to run auxiliary
command /conf/T/M/extract that is supposed to extract configuration overrides
from such local storage.

For example, the command /conf/default/etc/extract may contain something like:

cd "$1" && bsdcpio --quiet -idu < /dev/map/cfg

bsdcpio command extracts compressed archive from the storage to /etc
assuming the storage is exposed by the kernel as /dev/map/cfg to userland.

PR:		204215
MFC after:	1 month
2018-10-20 18:13:51 +00:00
Kristof Provost
a2a90d6ee5 pfctl: Dup strings
When we set the ifname we have to copy the string, rather than just keep
the pointer.

PR:		231323
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D17507
2018-10-20 18:11:46 +00:00
Conrad Meyer
d158fa4ade Add flags variants to linker_files / stack(9) symbol resolution
Some best-effort consumers may find trylock behavior for stack(9) symbol
resolution acceptable.  Expose that behavior to such consumers.

This API is ugly.  If in the future the modules and linker file list locking
is cleaned up such that the linker_files list can be iterated safely without
acquiring a sleepable lock, this API should be removed.  However, most of
the time nothing will be holding the linker files lock exclusive and the
acquisition can proceed.

Reviewed by:	markj
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D17620
2018-10-20 18:08:43 +00:00
Eugene Grosbein
3c36368a15 Make upgrade from previous FreeBSD versions less painful
and make previously working configuration like this work again:

gif_interfaces="gif0"
gifconfig_gif0="1.1.1.1 2.2.2.2"
ifconfig_gif0="inet 192.168.1.1 192.168.1.2 netmask 255.255.255.252"

PR:		204700
MFC after:	1 month
2018-10-20 18:01:48 +00:00
Conrad Meyer
b3b23b71d6 nvdimm(4): Fix GCC 6.4.0 build
-Wformat= pedantically complains that the void* pointer is passed to a %s
format.

Sponsored by:	Dell EMC Isilon
2018-10-20 18:01:15 +00:00
Mark Johnston
618703b57b Fix a dead store.
We would fail to clear DNS search list configuration if a router
stopped specifying the DNSSL RA option.  I suspect that the bug
was mostly harmless, as the RDNSS and DNSSL options are typically used
together and omitting the RDNSS option would have the same effect.

CID:		1006219
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-20 18:00:13 +00:00
Conrad Meyer
1f71b44df7 ixl/iavf(4): Fix GCC 6.4.0 build
Don't define redundant prototypes.

Sponsored by:	Dell EMC Isilon
2018-10-20 18:00:12 +00:00
Mark Johnston
4ac9afdd2c Fix formatting.
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2018-10-20 17:48:05 +00:00
Alexandre C. Guimarães
ece228caf7 Add myself to calendar, and update mentors-mentee relationships.
Reviewed by:	mat (mentor)
Approved by:	tcberner (mentor)
Differential Revision:	https://reviews.freebsd.org/D17396
2018-10-20 17:45:42 +00:00
Mark Johnston
d2f6957c1c Remove dead code.
No functional change intended.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-20 17:44:23 +00:00
Mark Johnston
3d7dd2d69a Staticize a couple of functions.
No functional change intended.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-20 17:43:27 +00:00
Ed Maste
b0bffd128c Bump LLD_REVISION_STRING for 13-CURRENT 2018-10-20 17:42:38 +00:00
Mark Johnston
1a97dd3cc3 Remove some obsolete compatibility code.
No functional change intended.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-20 17:40:30 +00:00
Mark Johnston
662e7fa8d9 Create some global domainsets and refactor NUMA registration.
Pre-defined policies are useful when integrating the domainset(9)
policy machinery into various kernel memory allocators.

The refactoring will make it easier to add NUMA support for other
architectures.

No functional change intended.

Reviewed by:	alc, gallatin, jeff, kib
Tested by:	pho (part of a larger patch)
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17416
2018-10-20 17:36:00 +00:00
Ed Maste
aee4c74cdd objcopy: restore behaviour required by GCC's build
In r339350 filter_reloc() was removed, to fix the case of stripping
statically linked binaries with relocations (which may come from ifunc
use, for example).  As a side effect this changed the behaviour when
stripping object files - the output was broken both before and after
r339350, in different ways.  Unfortunately GCC's build process relies
on the previous behaviour, so:

- Revert r339350, restoring filter_reloc().
- Fix an unitialized variable use (commited as r3638 in ELF Tool Chain).
- Change filter_reloc() to omit relocations referencing removed
  symbols, while retaining relocations with no symbol reference.
- Retain the entire relocation section if it references the dynamic
  symbol table (fix from kaiw in D17596).

PR:		232176
Reported by:	antoine
Reviewed by:	kaiw
MFC with:	r339350
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17596
2018-10-20 17:27:53 +00:00
Benedict Reuschling
6aca7aa44b A single comma was missing to separate the "see also" items in
last.1 and lastlogin.8. Add it back.

PR:		231187
Submitted by:	david.marec@davenulle.org
2018-10-20 17:22:04 +00:00
Mateusz Guzik
c88205e76e amd64: relax constraints in curthread and curpcb
This makes the compiler less likely to reload the content from %gs.

The 'P' modifier drops all synteax prefixes and 'n' constraint treats
input as a known at compilation time immediate integer.

Example reloading victim was spinlock_enter.

Stolen from:	OpenBSD

Reported by:	jtl
Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17615
2018-10-20 17:00:18 +00:00
Tobias Kortkamp
b287b40c49 vidcontrol(1): Fix a typo in the description of -f
While here:
- Fix markup in -c
- Fix mandoc -Tlint and igor warnings

Reviewed by:	0mp, bjk
Approved by:	bjk
Differential Revision:	https://reviews.freebsd.org/D17428
2018-10-20 16:59:43 +00:00
Glen Barber
b958317950 - Update head to 13.0-CURRENT.
- Bump MACHINE_TRIPLE, TARGET_TRIPLE, FBSD_MAJOR, FBSD_CC_VER,
  FREEBSD_CC_VERSION, OS_VERSION.
- Update comment in UPDATING regarding debugging options.
- Remove debug.witness.trace=0 from installation media.
- Bump __FreeBSD_version.

Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2018-10-19 00:37:47 +00:00
Konstantin Belousov
3ade944019 Do not flush cache for PCIe config window.
Apparently AMD machines cannot tolerate this. This was uncovered by
r339386, where cache flush started really flushing the requested range.

Introduce pmap_mapdev_pciecfg(), which simply does not flush cache
comparing with pmap_mapdev().  It assumes that the MCFG region was
never accessed through the cacheable mapping, which is most likely
true for machine to boot at all.

Note that i386 does not need the change, since the architecture
handles access per-page due to the KVA shortage, and page remapping
already does not flush the cache.

Reported and tested by:	mjg, Mike Tancsa <mike@sentex.net>
Reviewed by:	alc
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D17612
2018-10-18 20:49:16 +00:00