Commit Graph

8035 Commits

Author SHA1 Message Date
Justin Hibbits
b14959dacc random: Add PowerPC 'darn' instruction entropy source
Summary:
PowerISA 3.0 adds a 'darn' instruction to "deliver a random number".  This
driver was modeled after (rather, copied and gutted of) the Ivy Bridge
rdrand driver.

This uses the "Conditional Random Number" behavior to remove input bias.

From the ISA reference the 'darn' instruction, and the random number
generator backing it, conforms to the NIST SP800-90B and SP800-90C
standards, compliant to the extent possible at the time the hardware was
designed, and guarantees a minimum 0.5 bits of entropy per bit returned.

Reviewed By:	markm, secteam (delphij)
Approved by:	secteam (delphij)
Differential Revision: https://reviews.freebsd.org/D16552
2018-08-17 03:49:07 +00:00
Conrad Meyer
01d5de8fca Add xform-conforming auth_hash wrapper for Poly-1305
The wrapper is a thin shim around libsodium's Poly-1305 implementation.  For
now, we just use the C algorithm and do not attempt to build the
SSE-optimized variant for x86 processors.

The algorithm support has not yet been plumbed through cryptodev, or added
to cryptosoft.
2018-08-17 00:30:04 +00:00
Glen Barber
9dae4c97a0 Rename head from ALPHA1 to ALPHA2 in preparation for the next set
of snapshot builds.

Hashtag:	MaximumEffort
Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2018-08-16 23:58:22 +00:00
Luiz Otavio O Souza
6f207f5b47 Add support to the Marvell Xenon SDHCI controller.
Tested on Espresso.bin (37x0) and Macchiato.bin (8k) with SD cards and
eMMCs.

Obtained from:	pfSense
Sponsored by:	Rubicon Communications, LLC (Netgate)
2018-08-14 16:33:30 +00:00
Mark Johnston
97edfc1b45 Implement kernel support for early loading of Intel microcode updates.
Updates in the format described in section 9.11 of the Intel SDM can
now be applied as one of the first steps in booting the kernel.  Updates
that are loaded this way are automatically re-applied upon exit from
ACPI sleep states, in contrast with the existing cpucontrol(8)-based
method.  For the time being only Intel updates are supported.

Microcode update files are passed to the kernel via loader(8).  The
file type must be "cpu_microcode" in order for the file to be recognized
as a candidate microcode update.  Updates for multiple CPU types may be
concatenated together into a single file, in which case the kernel
will select and apply a matching update.  Memory used to store the
update file will be freed back to the system once the update is applied,
so this approach will not consume more memory than required.

Reviewed by:	kib
MFC after:	6 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D16370
2018-08-13 17:13:09 +00:00
Matt Macy
20a3cbe1f8 fix static ZFS linking
Static linking of ZFS is a newish option and LINT doesn't include it
2018-08-12 21:04:53 +00:00
Glen Barber
b534d57f63 Rename head from -CURRENT to -ALPHA1 as part of the
12.0-RELEASE cycle.  This commit marks the start of
the code slush for the 12.0 cycle.

Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2018-08-10 00:01:21 +00:00
Kyle Evans
2a4650cc11 BOOT_TAG: Make a config(5) option, expose as sysctl and loader tunable
BOOT_TAG lived shortly in sys/msgbuf.h, but this wasn't necessarily great
for changing it or removing it. Move it into subr_prf.c and add options for
it to opt_printf.h.

One can specify both the BOOT_TAG and BOOT_TAG_SZ (really, size of the
buffer that holds the BOOT_TAG). We expose it as kern.boot_tag and also add
a loader tunable by the same name that we'll fetch upon initialization of
the msgbuf.

This allows for flexibility and also ensures that there's a consistent way
to figure out the boot tag of the running kernel, rather than relying on
headers to be in-sync.

Prodded super-super-lightly by:	imp
2018-08-09 17:47:47 +00:00
Ravi Pokala
b598845049 Remove jedec_ts(4)
The jedec_ts(4) driver has been marked as deprecated in stable/11, and is
now being removed from -HEAD. Add a notice in UPDATING, and update the few
remaining references (regarding jedec_dimm(4)'s compatibility and history)
to reflect the fact that jedec_ts(4) is now deleted.

Reviewed by:	avg
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D16537
2018-08-01 08:24:34 +00:00
Alexander Motin
0021e1c10c MFV r336991, r337001:
9102 zfs should be able to initialize storage devices

The first access to a disk block can incur a performance penalty on some
platforms (e.g. AWS's EBS, VMware VMDKs). Therefore it is recommended that
volumes be "thick provisioned", where supported by the platform (VMware).
Thick provisioning is time consuming and often is ignored. If the thick
provision step is omitted, customers will see suboptimal performance until
we have written to all parts of the LUN. ZFS should be able to initialize
any unused storage to remove any first-write penalty that exists.

illumos/illumos-gate@094e47e980

Reviewed by: John Wren Kennedy <john.kennedy@delphix.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Pavel Zakharov <pavel.zakharov@delphix.com>
Reviewed by: Prakash Surya <prakash.surya@delphix.com>
Approved by: Richard Lowe <richlowe@richlowe.net>
Author:     George Wilson <george.wilson@delphix.com>
2018-07-31 21:06:04 +00:00
Emmanuel Vadot
cfe196fbed nvmem: Add nvmem interface and helpers
The nvmem interface helps provider of nvmem data to expose themselves to consumer.
NVMEM is generally present on some embedded board in a form of eeprom or fuses.
The nvmem api are helpers for consumer to read/write the cell data from a provider.

Differential Revision:	https://reviews.freebsd.org/D16419
2018-07-31 19:08:24 +00:00
Konstantin Belousov
b3a7db3b06 Use SMAP on amd64.
Ifuncs selectors dispatch copyin(9) family to the suitable variant, to
set rflags.AC around userspace access.  Rflags.AC bit is cleared in
all kernel entry points unconditionally even on machines not
supporting SMAP.

Reviewed by:	jhb
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D13838
2018-07-29 20:47:00 +00:00
Andrew Turner
5b50a73ffb Only build the cache handling code we need when building the arm ELF
trampoline.
2018-07-28 12:50:09 +00:00
Andrew Turner
e57edd3580 Remove now the cow unused CPU_ARM9 and CPU_FA526 options. These are for
ARMv4 CPUs that are no longer supported.
2018-07-28 11:00:45 +00:00
Andrew Turner
15bff09749 Only support INTRNG in the SMP code on arm. We already require INTRNG on
anything that could be multicore on arm.
2018-07-28 07:54:21 +00:00
Warner Losh
888a313927 Remove xscale support.
As discussed in arm@.  This is a scaled back version of the prior
commit because xscale is overlaoded in places to mean armv5 or
similar.  The OLD XSCALE stuff hasn't been useful in a while. The
original committer (cognet@) was the only one that had boards for
it. He's blessed this removal. Newer XSCALE (GUMSTIX) is for hardware
that's quite old. After discussion on arm@, it was clear there was no
support for keeping it.

Noticed by: andrew@
2018-07-27 21:25:07 +00:00
Warner Losh
c81b12e0d7 Revert r336773: it removed too much.
r336773 removed all things xscale. However, some things xscale are
really armv5. Revert that entirely. A more modest removal will follow.

Noticed by: andrew@
2018-07-27 21:25:01 +00:00
Warner Losh
626930c2fd Remove xscale support
The OLD XSCALE stuff hasn't been useful in a while. The original
committer (cognet@) was the only one that had boards for it. He's
blessed this removal. Newer XSCALE (GUMSTIX) is for hardware that's
quite old. After discussion on arm@, it was clear there was no support
for keeping it.

Differential Review: https://reviews.freebsd.org/D16313
2018-07-27 18:33:09 +00:00
Warner Losh
58d5c51106 Remove Atmel AT91RM9200 and AT91SAM9 support.
The last known robust version of this code base was FreeBSD 8.2. There
are no users of this on current, and all users of it have abandoned
this platform or are in legacy mode with a prior version of FreeBSD.

All known users on arm@ approved this removal, and there were no
objections.

Differential Revision: https://reviews.freebsd.org/D16312
2018-07-27 18:28:22 +00:00
Justin Hibbits
0bf0bb832f Support building IPMI as a module on powerpc64
This still only supports IPMI via OPAL on powerpc64, but now it can be tested
with a GENERIC kernel.
2018-07-25 18:58:57 +00:00
Ruslan Bukin
8e8fbf193d Disable 'C'-compressed ISA extension.
It works excellent, but KDB disassembler and DTrace FBT provider for
RISC-V do lack support for it. They currently handle 4-byte instructions
only, while C-compressed ISA extension introduces 2-byte instructions
freely mixing them together.

So disable it for now.

Reviewed by:	markj@
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16436
2018-07-25 16:07:35 +00:00
Breno Leitao
3ddc2cde51 ofw: Load initrd file
This is an OFW initrd module that would load the initrd from device tree
parameters and give the to the md driver.

With this patch, it is possible to pass a rootfs image through kexec in PowerNV
mode (powerpc64). In order to user it, you should set the MD_ROOT_MEM option in
your kernel configuration.

Reviewed by: jhibbits
Approved by: jhibbits (mentor)
Differential Revision: https://reviews.freebsd.org/D15705
2018-07-24 16:52:52 +00:00
Ian Lepore
3496c981ac Make it possible to run ntpd as a non-root user, add ntpd uid and gid.
Code analysis and runtime analysis using truss(8) indicate that the only
privileged operations performed by ntpd are adjusting system time, and
(re-)binding to privileged UDP port 123. These changes add a new mac(4)
policy module, mac_ntpd(4), which grants just those privileges to any
process running with uid 123.

This also adds a new user and group, ntpd:ntpd, (uid:gid 123:123), and makes
them the owner of the /var/db/ntp directory, so that it can be used as a
location where the non-privileged daemon can write files such as the
driftfile, and any optional logfile or stats files.

Because there are so many ways to configure ntpd, the question of how to
configure it to run without root privs can be a bit complex, so that will be
addressed in a separate commit. These changes are just what's required to
grant the limited subset of privs to ntpd, and the small change to ntpd to
prevent it from exiting with an error if running as non-root.

Differential Revision:	https://reviews.freebsd.org/D16281
2018-07-19 23:55:29 +00:00
Michal Meloun
cc28ae0479 Remove the dead code from ARM cpufunc_* files.
The elf trampoline was never been supported for ARMv6 and ARMv7 and was
disconnected from kernel build many months ago.

MFC after:	2 weeks
2018-07-18 10:33:07 +00:00
Warner Losh
ff9452772d Remove kernel support for armeb
Remove all the big-endian arm architectures (ixp425 and ixp435)
support in the kernel and associated drivers.

Differential Revision:  https://reviews.freebsd.org/D16257
2018-07-17 23:23:45 +00:00
Kyle Evans
e47edf50dd Revert r336353 completely based on protest; compatibility shims incoming 2018-07-17 14:11:30 +00:00
Hans Petter Selasky
b575d8c850 Refactor access to CR-space into using VSC APIs in mlx5core.
Remove no longer used files and APIs.

MFC after:		1 week
Sponsored by:		Mellanox Technologies
2018-07-17 10:16:32 +00:00
Kyle Evans
59996cb2aa Revert 336358 and step away fron machine for the day...
VERSREQ < 7.+ physically will not work with new config(8) due to major bump,
which is why I bumped it in the first place... Back to the original version
2018-07-16 23:32:24 +00:00
Kyle Evans
78a25cc760 Partially revert r336353: sys/conf/* %VERSREQ bumps
The changes made in r335998 don't strictly require a newer config(8),
though it is advised. The %VERSREQ bumps were premature.
2018-07-16 21:53:30 +00:00
Kyle Evans
2df45ae0d0 config(8): Bump major version after r335998
config-generated hints.c/env.c from r335998 and later are incompatible with
earlier kernels due to no longer setting envmode/hintmode. A minor bump for
this is insufficient, as matching major version with a later minor version
is still viewed as backwards-compatible.

This was an MI kernel change, soo all VERSREQ's are bumped.
2018-07-16 19:05:50 +00:00
Andrew Turner
a9dc38def4 Create an empty stdint.h for arm_neon.h to include.
The armv8crypto module includes arm_neon.h for the compiler intrinsic
functions. This includes the userland stdint.h file that doesn't exist in
the kernel. Fix this by providing an empty stdint.h to be used when we
include arm_neon.h.

Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16254
2018-07-16 15:39:33 +00:00
Stephen J. Kiernan
179d82aecf Add config(8) options that can be used to enable building MAC/veriexec
and its fingerprint modules into a kernel.

Reviewed by:	sjg
2018-07-14 17:18:17 +00:00
Marcin Wojtas
ab53b2929f Enable UART support for Xilinx Ultrascale+ SoCs
Xilinx Ultrascale+ are based on Cortex-A53 and use existing
UART driver (uart_dev_cdnc). Enable it in arm64 GENERIC config.

Submitted by: Michal Stanek <mst@semihalf.com>
Obtained from: Semihalf
2018-07-13 19:54:22 +00:00
Warner Losh
25bc561e68 There's two files in the sys tree named inflate.c, in addition
to it being a common name elsewhere. Rename the old kzip one
to subr_inflate.c.

This actually fixes the build issues on sparc64 that my inclusion of
.PATH ${SYSDIR}/kern created in r336244, so also revert the broken
workaround I committed in r336249.

This slipped passed me because apparently, I never did a clean build.
2018-07-13 17:41:28 +00:00
Warner Losh
52379d36a9 Create helper functions for parsing boot args.
boot_parse_arg		to parse a single arg
boot_parse_cmdline	to parse a command line string
boot_parse_args		to parse all the args in a vector
boot_howto_to_env	Convert howto bits to env vars
boot_env_to_howto	Return howto mask mased on what's set in the environment.

All these routines return an int that's the bitmask of the args
translated to RB_* flags. As a special case, the 'S' flag sets the
comconsole_speed env var. Any arg that looks like a=b will set the env
key 'a' to value 'b'. If =b is omitted, 'a' is set to '1'.  This
should help us reduce the number of redundant copies of these routines
in the tree.  It should also give a more uniform experience between
platforms.

Also, invent a new flag RB_PROBE that's set when 'P' is parsed.  On
x86 + BIOS, this means 'probe for the keyboard, and if it's not there
set both RB_MULTIPLE and RB_SERIAL (which means show the output on
both video and serial consoles, but make serial primary).  Others it
may be some similar concept of probing, but it's loader dependent
what, exactly, it means.

These routines are suitable for /boot/loader and/or the kernel,
though they may not be suitable for the tightly hand-rolled-for-space
environments like boot2.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D16205
2018-07-13 16:43:05 +00:00
Ian Lepore
2d7e927166 Add various spi devices to NOTES. Add some required options for building
the cqspi and n25q drivers.
2018-07-11 22:23:50 +00:00
Sean Bruno
96744f0225 Make ZSTD a real option via ZSTDIO.
It looks like the intent was to allow ZSTD support to be
compiled into the kernel with options ZSTDIO. But it doesn't look
like that was ever implemented or I'm missing how to do it.

I did a cursory audit of kernel config files and made a decision to
enable ZSTDIO in riscv GENERIC and mips MALTA configurations.  All other
kernel configurations already had this option in their kernel configs
but they didn't do anything useful as the feature was declared as
"standard" prior to this.

Reviewed by:	cem allanjude
Differential Revision:	https://reviews.freebsd.org/D16007
2018-07-05 17:07:23 +00:00
Bryan Drewery
817f7baa74 Use OBJS_DEPEND_GUESS for forced opt_global.h dependency.
MFC after:	2 weeks
Sponsored by:	Dell EMC
2018-07-04 00:18:36 +00:00
Matt Macy
9f7b089e95 Enable MODULE_TIED by default for modules compiled with the kernel
Requested by: jhb
2018-07-03 23:05:42 +00:00
Bryan Drewery
cd1acc77e6 Fix .depend.foo.o tracking for sys/conf/files defined compilations.
Some example files:
  ia32_genassym.o
  acpi_wakecode.o

The old mkdep method also lacked tracking these files.

Objects defined in sys/conf/files with no-obj and no-implicit-rule get their
own targets defined in the kernel Makefile but lack having their objects added
to DEPENDOBJS so never get a .depend file generated.  Normally if an object is
in OBJS it will get a .depend file.

Fix this by looking for .o files in CLEAN and ensuring they are part of
the -MD filtering and .depend loading.  This is a hack.  Other solutions
could exist involving sys/conf/files or config(8) to auto add these to
DEPENDFILES/DEPENDOBJS but this method seems reliable enough without being
intrusive or error-prone for new files.

Reported by:	bde
MFC after:	3 weeks
Sponsored by:	Dell EMC
2018-07-03 21:29:04 +00:00
Bryan Drewery
82c98d012b Need offset.inc generated early if MODULE_TIED is defined. 2018-07-03 21:15:47 +00:00
Bryan Drewery
ccca101f70 All genassym.sh usage need offset.inc 2018-07-03 21:02:25 +00:00
Bryan Drewery
20089565b6 genoffset.c is not generated 2018-07-03 21:02:21 +00:00
Bryan Drewery
44e4164832 Fix r335906+r335907 to not pass multiple source files to genoffset_test.o target.
This is working around a bug with the FAST_DEPEND logic with custom targets
that use .ALLSRC.

Reported by:	mmacy
2018-07-03 20:03:19 +00:00
Bryan Drewery
a46134b641 Handle .depend for genoffset_test.o 2018-07-03 19:24:52 +00:00
Bryan Drewery
4cee7eae0d No need to make a copy to build genoffset_test.o 2018-07-03 19:24:44 +00:00
Bryan Drewery
d69d8a46cd Fix module build when MODULE_TIED=1 is set. 2018-07-03 18:45:04 +00:00
Matt Macy
018617b8ba explain the purpose of genoffset_test 2018-07-03 18:39:43 +00:00
Matt Macy
87c259d436 ensure that offset.inc is generated first 2018-07-03 18:20:42 +00:00
Matt Macy
4dc1b29b71 ensure that offset.inc is generated before ia32_genassym.c is compiled 2018-07-03 05:56:23 +00:00