IDR0-IDR5 can be read byte-by-byte but must be written to as 4-byte
words. The current code to do this is rather clunky and ends up reading
past the end of the union's eaddr member due to MAC addresses only being
6 bytes. In practice this ends up being fine because the align_dummy
member will pad the union to a multiple of 4 bytes, but this is dodgy,
and on CHERI with subobject bounds enforcement enabled, as is done in
CheriBSD's pure-capability kernel, will trap.
Instead, make the buffer in use the right size, just use an array of
uint32_t's rather than a char buffer that's then cast to uint32_t * to
simplify it in the process, and zero-initialise it first to avoid
reading uninitialised data in the trailing bytes.
Found by: CHERI
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D33617
The qualcomm TLMM (top level mode manager) is their gpio/pinmux hardware
controller.
Although the pinmux is generic enough to use for the IPQ/APQ series
chips, I'm directly calling the IPQ4018 routines to expedite bring-up.
Notably, I'm not yet implementing the interrupt support - it's not
required at this stage of bring-up.
Differential Revision: https://reviews.freebsd.org/D33554
We are printing %p in _db_show_sta(), there is no need to prefix it
with 0x again to get a 0x0x...
Spsonsored by: The FreeBSD Foundation
MFC after: 3 days
Commit b6be9566d2 stopped prison0_init writing outside of the
preloaded hostuuid's bounds. However, the preloaded data will not
(normally) have a NUL in it, and so validate_uuid will walk off the end
of the buffer in its call to sscanf. Previously if there was any
whitespace in the string we'd at least know there's a NUL one past the
end due to the off-by-one error, but now no such byte is guaranteed.
Fix this by copying to a temporary buffer and explicitly adding a NUL.
Whilst here, change the strlcpy call to use a far less suspicious
argument for dstsize; in practice it's fine, but it's an unusual pattern
and not necessary.
Found by: CHERI
Reviewed by: emaste, kevans, jhb
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D33616
ccr(4) can handle requests for AES-CTR (a stream cipher), not just
block ciphers, so make the function and structure names more generic.
Sponsored by: Chelsio Communications
The variable orig_resid is always set to zero right after the while loop
where it is cleared.
Reviewed by: gallatin@ and glebius@
Differential Revision: https://reviews.freebsd.org/D33589
MFC after: 1 week
Sponsored by: NVIDIA Networking
We only need to include sys/_atomic_subword.h on arm64 to provide
atomic_testandset_acq_long. Add an implementation in the arm64 atomic.h
based on the existing atomic_testandset macro.
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33587
When recursing in pmap_change_props_locked we may fail because there is
no pte. This shouldn't be considered a fail as it may happen in a few
cases, e.g. there are multiple normal memory ranges with device memory
between them.
Reported by: cperciva
Tested by: cperciva
Reviewed by: alc, kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33459
The tcp:::debug-input probe is passed an mbuf pointer, use the correct
translator for ipinfo_t when defining tcp:::debug-input.
Fixes: 82988b50a1 ("Add an mbuf to ipinfo_t translator to finish ...")
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D33066
Commit 867c27c23a modified the NFS client so that
it does IO_APPEND writes directly to the NFS server,
bypassing the buffer cache. However, this could result
in stale data in client pages when the file is mmap(2)'d.
As such, the NFS client needs to call vm_object_is_active()
to check if the file is mmap(2)'d and only do direct
output if the file is not mmap(2)'d.
This patch adds this check.
Although a simple patch, I have given it a long MFC,
since the related commit 867c27c23a made a significant
semantics change and, as such, has a long MFC.
MFC after: 3 months
When a connection is established to use TCP-MD5, tcp_twrespond() doesn't
respond with a signed segment. This results in the host performing the
active close to remain in a TIME_WAIT state and the other host in the
LAST_ACK state. Fix this by sending a signed segment when the connection
is established to use TCP-MD5.
Reviewed by: glebius
Differential Revision: https://reviews.freebsd.org/D33490
Through fixes and improvements our ipfilter sources have diverged
enough to warrant move from contrib into sys/netpil. Now that I'm
planning on implementing MSS clamping as in iptables it makes more
sense to move ipfilter to netpfil.
This is the first of three commits the ipfilter move.
Suggested by glebius on two occaions.
Suggested by and discussed with: glebius
Reviewed by: glebius, kp (for #network)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D33510
This driver does not use DMA at the moment, so some care is needed to
prevent TX FIFO underruns and RX FIFO overflows.
Several improvements are done in oder to minimize chances of those.
First, the interrupt handling is moved to a filter to minimize latency.
Second, FIFO trigger thresholds are configured for both FIFOs.
The TX FIFO threshold is set to 3/4-th of its size and the RX FIFO
threshold is set to 1/4-th of its size.
The interrupt conditions are changed from the empty FIFO and full FIFO
for the TX and RX correspondingly to going below and above the thresholds.
While here I renamed AW_SPI_IER_RF_ERQ to AW_SPI_IER_RF_RDY which is
closer to what the documentation uses, RF_RDY_INT_EN in the interrupt
control register and RX_RDY in the interrupt status register.
Reviewed by: manu
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D33558
Don't send the SCSI comand SYNCHRONIZE CACHE on devices that are still
open when RB_NOSYNC is the reboot method. This may avoid recursive panics
when doadump is called due to a SCSI/CAM/USB error/bug.
Obtained from: Semihalf
Sponsored by: Stormshield
Reviewed by: imp
Differential revision: https://reviews.freebsd.org/D31549
Summary:
One was required to press a key to continue after every 18 lines of
output. This requirement had been in the "show vmopag" command since it
was introduced, which was many years before paging was added to DDB.
With paging, this explict key check is no longer necessary.
Obtained from: Juniper Networks, Inc.
MFC after: 1 week
Test Plan:
Run "show vmopag" from db> prompt and see that it does not need additional
keypresses other than the ones needed for the pager.
Subscribers: imp, #contributor_reviews_base
Differential Revision: https://reviews.freebsd.org/D33550
Commit 867c27c23a modified the NFS client so that
it does IO_APPEND writes directly to the NFS server,
bypassing the buffer cache. However, this could result
in stale data in client pages when the file is mmap(2)'d.
As such, the NFS client needs to call is_object_active()
to check if the file is mmap(2)'d.
This patch renames is_object_active() to vm_object_is_active(),
moves it to sys/vm/vm_object.c and makes it global, so that
the NFS client can call it in a future commit.
Reviewed by: kib
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D33520
The structure goes away anyway, but it would be interesting to know
how much memory we used to save with it. So for the record, structure
size with this revision is 64 bytes.
Running sys/netpfil/pf/fragmentation v6 results in:
lock order reversal:
1st 0xfffffe00050429a8 rip (rip, sleep mutex) @ /usr/src/sys/netinet6/raw_ip6.c:803
2nd 0xfffff8009491e1d0 rawinp (rawinp, rw) @ /usr/src/sys/netinet6/raw_ip6.c:804
lock order rawinp -> rip established at:
0xffffffff8068e26a at witness_lock_order_add+0x28a
0xffffffff8068d087 at witness_checkorder+0x627
0xffffffff805a9f05 at __mtx_lock_flags+0x205
0xffffffff808102e4 at in_pcballoc+0x204
0xffffffff808d53c6 at rip6_attach+0x116
0xffffffff806dc4e8 at socreate+0x368
0xffffffff806eaedc at kern_socket+0xfc
0xffffffff806eadcd at sys_socket+0x2d
0xffffffff80abc774 at syscallenter+0x5c4
0xffffffff80abbeeb at amd64_syscall+0x1b
0xffffffff80a8044b at fast_syscall_common+0xf8
lock order rip -> rawinp attempted at:
0xffffffff8068dc2a at witness_checkorder+0x11ca
0xffffffff805d1b7f at _rw_wlock_cookie+0x18f
0xffffffff808d596c at rip6_connect+0x19c
0xffffffff806e0842 at soconnectat+0x142
0xffffffff806ebe36 at kern_connectat+0x136
0xffffffff806ebcdf at sys_connect+0x4f
0xffffffff80abc774 at syscallenter+0x5c4
0xffffffff80abbeeb at amd64_syscall+0x1b
0xffffffff80a8044b at fast_syscall_common+0xf8
Reviewed by: glebius
Fixes: de2d47842e ("SMR protection for inpcbs")
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D33508
Make sure to reset 'message_done' flag when jumping from a message to the
next one within the same interrupt handler call. This happens only when
a write with no-stop flag message is followed by a write with no-start
flag message.
Without this fix the second message would be prematurely "completed"
without waiting for an ACK (or NACK) for its first byte and without
sending subsequent bytes (if any).
Fixes: ff1e8581 twsi: support more message combinations in transfers
MFC after: 4 days
The problem is that carp(4) would clear the error counter on first
successful send, and stop counting successes after that. Fix this
logic and document it in human language.
PR: 260499
Differential revision: https://reviews.freebsd.org/D33536
Thanks to gallatin@ for suggesting the patch.
PR: 260330
Reported by: Vincent Milum Jr.
Reviewed by: gallatin, glebius
Tested by: Vincent Milum Jr.
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D33395
This fixes a regression in the previous change to move CBC chaining
into enc_xform_camellia which passed the raw input into the encrypt
function (thus not actually doing the chaining). This still works
when using the same buffer for input and output which is why my
initial testing with cryptocheck didn't catch it.
Fixes: f84d708b48 crypto: Move CBC handling into enc_xform_camellia.
Sponsored by: The FreeBSD Foundation
Group sensitive on-stack variables into anonymous structs so that they
can be cleared with a single call to explicit_bzero rather than
multiple calls.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33527
Reusing the storage removes the need for an additional explicit_bzero.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33526
Now that we have proper 32-bit compat support, remove COMPAT_32BIT
ifdefs to allow 32-bit code to use the 64-bit layout of USB ioctl
structs and struct usb_fs_endpoint.
This includes the removal of redundant alignment directives that had
no effect in practice.
Reviewed by: hselasky, jrtc27 (prior version)
Unlike most 32-bit compatability code, this isn't just a simple thunk
in the ioctl code. An ioctl (USB_FS_INIT) is used to install a
pointer to an array of usb_fs_endpoint structs which are then used
by the ugen fifo code. These struct contains an array of pointers
which requires translation. We change the interfaces around
struct usb_fs_endpoint as follows:
- We store the size of struct usb_fs_endpoint in struct usb_fifo
in the USB_FS_INIT handler so we know the ABI of the userspace
array.
- APIs to manipulate userspace struct usb_fs_endpoint objects now
take a struct usb_fifo and an index rather than a pointer to
the object. This allows most code to remain oblivious to the
different struct usb_fs_endpoint sizes.
- Add ugen_fs_copyin() which copies the struct usb_fs_endpoint
from userspace, thunking it to the native size if required.
- Uses of struct usb_fs_endpoint's ppBuffer member are now
via ugen_fs_getbuffer() which produces a native pointer.
- Updates to userspace are now handled by ugen_fs_update().
For clarity, single, fixed-sized members now are accessed with
fueword/suword rather than copyin/copyout.
Reviewed by: hselasky, jrtc27 (prior version)