Improves our error reporting, ensuring that we aren't just ignoring
errors in the common case.
Note specifically the boundary where we have to change up our error
handling approach. It's fine to error() out up until we create the
tempdir, then the rest should try to handle it gracefully and abort().
A future change will clean this up further by pcall'ing all of the bits
that cannot currently error() without cleaning up.
This was previously needed only for CloudABI, which used it to generate
its capenabled from syscalls.master. CloudABI was removed in
cf0ee8738e, so we don't need to support this anymore. Others looking
to do similar things should come up with a more integrated technique,
such as a .conf flag or pattern/glob support. brooks suggests that it
could be done in modern makesyscalls.lua by adding a config flag to
specify always-on/initial flags (CAPENABLED).
Reviewed by: brooks, imp
MFC after: never
Differential Revision: https://reviews.freebsd.org/D32095
There are already APIC ID, ACPI ID and OS ID for each CPU. In perfect
world all of those may match, but at least for SuperMicro server boards
none of them do. Plus none of them match the CPU devices listing order
by ACPI. Previous code used the ACPI device listing order to number
cpuX devices. It looked nice from NewBus perspective, but introduced
4th different set of IDs. Extremely confusing one, since in some places
the device unit numbers were treated as OS CPU IDs (coretemp), but not
in others (sysctl dev.cpu.X.%location).
Rename the 'struct adapter' to 'struct e1000_sc' to avoid type ambiguity
in things like kgdb.
Reviewed by: jhb, markj
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D32129
When device driver probe method returns 0, i.e. absolute priority, do
not remove its class from the device just to set it back few lines
later, that may change the device unit number, etc. and after which
we'd better call the probe again.
If during search we found some driver with absolute priority, we do
not need to set device driver and class since we haven't removed them
before.
It should not happen, but if second probe method call failed, remove
the driver and possibly the class from the device as it was when we
started.
Reviewed by: imp, jhb
Differential Revision: https://reviews.freebsd.org/D32125
Otherwise we can end up comparing the computed digest with an
uninitialized kernel buffer.
In cryptoaead_op() we already unconditionally fail the request if a
pointer to a digest buffer is not specified.
Based on a patch by Simran Kathpalia.
Reported by: syzkaller
Reviewed by: jhb
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/529
Differential Revision: https://reviews.freebsd.org/D32124
When WITHOUT_INET6 is selected we generate a null if-then-else blocks
due to incorrect placment of #if statments. Move the #if statements
reducing unnecessary runtime comparisons WITHOUT_INET6.
MFC after: 1 week
The KMSAN runtime needs to have its shadow maps updated when devices
update host memory, otherwise it assumes that device-populated memory is
uninitialized. For most drivers this is handled transparently by
busdma, but cxgbe doesn't make use of dma maps for receive buffers and
so requires special treatment.
Reported by: mjg
Tested by: mjg
Reviewed by: np
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32102
I did DF_REBID to allow for 'hoover' drivers that would attach to
otherwise unattached devices in the tree. This notion didn't catch on as
it was tricky to make work well and it was easier to just publish a /dev
node of some flavor by the parent device. It's been nothing but dead
weight for a long time.
Reviewed by: mav
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D32056
Dummynet now no longer requires ipfw, so any users relying on this
dependency to load ipfw will need to explicitly load ipfw.
While here fix a typo in the date of the previous entry.
Sponsored by: Rubicon Communications, LLC ("Netgate")
The -NOIP builds fail because cxgbe_tls_tag_free() has no prototype (if
neither INET nor INET6 are defined). The function isn't actually used
in that case, so we can just remove the stub implementation.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Now that pf can also use dummynet we should extend the existing dummynet
tests to also test it when used with pf.
Reviewed by: donner
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31905
Allow pf to use dummynet pipes and queues.
We re-use the currently unused IPFW_IS_DUMMYNET flag to allow dummynet
to tell us that a packet is being re-injected after being delayed. This
is needed to avoid endlessly looping the packet between pf and dummynet.
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31904
Allow the dummynet module to be loaded without ipfw, as a first step
towards making pf use it for packet scheduling.
Reviewed by: donner
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31903
Dummynet configuration is ideally done through dnctl now. While ipfw
still works dnctl is preferred now that dummynet can also be used with
pf.
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31902
Discard and send ICMPv6 Packet Too Big to sender when we try to encapsulate
and forward a packet which total length exceeds the PMTU.
Logic is based on the IPv4 implementation.
Common code was moved to a separate function.
Differential revision: https://reviews.freebsd.org/D31771
Obtained from: Semihalf
Sponsored by: Stormshield
If we fail to find to PMTU in hostcache, we assume it's equal
to link's MTU.
This patch prevents packets larger then link's MTU to be dropped
silently if there is no PMTU in hostcache.
Differential revision: https://reviews.freebsd.org/D31770
Obtained from: Semihalf
Sponsored by: Stormshield
This fixes an insta-panic when attempting to use unionfs with
DEBUG_VFS_LOCKS. Note that unionfs still has a long way to
go before it's generally stable or usable.
Reviewed by: kib (prior version), markj
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D31917
When this flag is set, operations that update an existing kevent will
not change the udata field. This can be used to NOTE_TRIGGER or
EV_{EN,DIS}ABLE events without overwriting the stashed pointer.
Reviewed by: Domagoj Stolfa <domagoj.stolfa@gmail.com>
Obtained from: CheriBSD
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D30286
CheriBSD defines additional protection flags which use underscores
such as VM_PROT_READ_CAP and VM_PROT_WRITE_CAP.
Obtained from: CheriBSD
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D30017
Keep track of the approximate time commands are 'due' and the next
deadline for a command. twice a second, wake up to see if any commands
have entered timeout. If so, quiessce and then enter a recovery mode
half the timeout further in the future to allow the ISR to
complete. Once we exit recovery mode, we go back to operations as
normal.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D28583
We can't copyout() while holding a lock, in case it triggers a page
fault.
Release the lock before copyout, which is safe because we've already
copied all the data into the nvlist.
PR: 258601
Reviewed by: mjg
MFC after: 1 week
Sponsored by: Modirum MDPay
Differential Revision: https://reviews.freebsd.org/D32076
This patch is for the following updates to the K1 configurations:
Tx idle period for entering K1 should be 128 ns.
Minimum Tx idle period in K1 should be 256 ns.
Signed-off-by: Wenzhuo Lu <wenzhuo.lu@intel.com>
PR: 258153
Reviewed by: erj
Tested by: iron.udjin@gmail.com
Approved by: imp
Obtained from: DPDK (6f934fa24dfd437c90ead96bc7598ee77a117ede)
MFC after: 1 week
From jilles: POSIX requires that a script set `OPTIND=1` before using
different sets of parameters with `getopts`, or the results will be
unspecified.
The specific problem observed here is that we would execute `man -f` or
`man -k` without cleaning up state from man_parse_args()' `getopts`
loop. FreeBSD's /bin/sh seems to reset OPTIND to 1 after we hit the
second getopts loop, rendering the following shift harmless; other
/bin/sh implementations will leave it at what we came into the loop at
(e.g., bash as /bin/sh), shifting off any keywords that we had.
Input from: jilles
Reviewed by: allanjude, bapt, imp
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D32063
Depending on hardware, NUMA nodes may match last level caches, or
they may be above them (AMD Zen 2/3) or below (Intel Xeon w/ SNC).
This information is provided by ACPI instead of CPUID, and it is
provided for each CPU individually instead of mask widths, but
this code should be able to properly handle all the above cases.
This change should immediately allow idle stealing in sched_ule(4)
to prefer load from NUMA-local CPUs to remote ones when the node
does not match LLC. Later we may think of how to better handle it
on sched_pickcpu() side.
MFC after: 1 month
The compressed ack path of rack is not following proper procedures in updating
the peers window. It should be checking the seq and ack values before updating and
instead it is blindly updating the values. This could in theory get the wrong window
in the connection for some length of time.
Reviewed by: tuexen
Sponsored by: Netflix Inc.
Differential Revision: https://reviews.freebsd.org/D32082
In extensive testing in NF we have found two issues inside
the rack stack.
1) An incorrect offset is being generated by the fast send path when a fast send is initiated on
the end of the socket buffer and before the fast send runs, the sb_compress macro adds data to the trailing socket.
This fools the fast send code into thinking the sb offset changed and it miscalculates a "updated offset".
It should only do that when the mbuf in question got smaller.. i.e. an ack was processed. This can lead to
a panic deref'ing a NULL mbuf if that packet is ever retransmitted. At the best case it leads to invalid data being
sent to the client which usually terminates the connection. The fix is to have the proper logic (that is in the rsm fast path)
to make sure we only update the offset when the mbuf shrinks.
2) The other issue is more bothersome. The timestamp check in rack needs to use the msec timestamp when
comparing the timestamp echo to now. It was using a microsecond timestamp which ends up giving error
prone results but causes only small harm in trying to identify which send to use in RTT calculations if its a retransmit.
Reviewed by: tuexen
Sponsored by: Netflix Inc.
Differential Revision: https://reviews.freebsd.org/D32062
The error returned when a marker message can not be emitted on a port is not handled.
This cause the lacp to block all emissions until the timeout of 3 seconds is reached.
To fix this issue, I just clear the LACP_PORT_MARK flag when the packet could not be emitted.
Differential revision: https://reviews.freebsd.org/D30467
Obtained from: Stormshield
Calling veriexec -i locked return the state of loaded and vice-versa.
Differential revision: https://reviews.freebsd.org/D30952
Reviewed by: sjg,imp
Obtained from: Stromshield
Add -o verify to sh to make it use O_VERIFY when
sourcing scripts and reading profiles.
Useful in conjunction with mac_veriexec to help protect at
least some parts of the boot sequence, e.g., /etc/rc*.
Differential revision: https://reviews.freebsd.org/D30464
Reviewed by: jilles, sjg
Obtained from: Stormshield
Previously, we were collecting at a base rate of:
64 bits x 32 pools x 10 Hz = 2.5 kB/s
This change drops it to closer to 64-ish bits per pool per second, to
work a little better with entropy providers in virtualized environments
without compromising the security goals of Fortuna.
Reviewed by: #csprng (cem, delphij, markm)
Differential Revision: https://reviews.freebsd.org/D32021
Refer to discussion in PR 230808 for a less incomplete discussion, but
the gist of this change is that we currently collect orders of magnitude
more entropy than we need.
The excess comes from bytes being read out of /dev/*random. The default
rate at which we collect entropy without the read_rate increase is
already more than we need to recover from a compromise of an internal
state.
Reviewed by: #csprng (cem, delphij, markm)
Differential Revision: https://reviews.freebsd.org/D32021
Differential revision: https://reviews.freebsd.org/D32025
Avoid using atomics as it_wait is guarded by td_lock.
Report threshold calculation is done only if at least one PMC hook
is installed
Fixes:
* avoid unnecessary branching (if frame != null ...)
by having PMC_HOOK_INSTALLED_ANY
condition on the top of them, which should hint
the core not to execute speculatively anything
which us underneath;
* access intr_hwpmc_waiting_report_threshold cacheline
only if at least one hook is loaded;
