Commit Graph

246424 Commits

Author SHA1 Message Date
Kyle Evans
ed6232893c snp: don't reference tp->t_mtx directly
This is the only part of snp(4) that pokes around in struct tty directly;
replace it with the tty_getlock accessor to avoid struct tty internals.
2019-11-29 03:51:01 +00:00
Conrad Meyer
74aed808a1 Fix braino in previous bugfix r300174
The previous revision missed the exact same error in a copy paste block
of the same code in another function.  Fix the identical case, too.

A DHCP client identifier is simply the hardware type (one byte)
concatenated with the hardware address (some variable number of bytes,
but at most 16).  Limit the size of the temporary buffer to match and
the rest of the calculations shake out correctly.

PR:		238022
Reported by:	Young <yangx92 AT hotmail.com>
Submitted by:	Young <yangx92 AT hotmail.com>
MFC after:	I don't plan to but you should feel free
Security:	yes
2019-11-29 03:31:47 +00:00
Jeff Roberson
6d6a03d7a8 Handle large mallocs by going directly to kmem. Taking a detour through
UMA does not provide any additional value.

Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D22563
2019-11-29 03:14:10 +00:00
Doug Moore
85b7bedb15 Functions that call vm_map_splay_merge sometimes set data fields
(e.g. root->left = NULL) to affect the behavior of that function. This
change stops that data manipulation, and instead calls a pair of
functions, one for the left direction and the other for the right,
with the function called depending whether or not we currently null
the root child in that direction to control the behavior of
vm_map_splay_merge.

Reviewed by: kib
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D22589
2019-11-29 02:06:45 +00:00
Rick Macklem
e1cda5eea6 Fix two races while handling nfsuserd daemon start/stop.
A crash was reported where the nr_client field was NULL during an upcall
to the nfsuserd daemon. Since nr_client == NULL only occurs when the
nfsuserd daemon is being shut down, it appeared to be caused by a race
between doing an upcall and the daemon shutting down.
By inspection two races were identified:
1 - The nfsrv_nfsuserd variable is used to indicate whether or not the
    daemon is running. However it did not handle the intermediate phase
    where the daemon is starting or stopping.

    This was fixed by making nfsrv_nfsuserd tri-state and having the
    functions that are called during start/stop to obey the intermediate
    state.

2 - nfsrv_nfsuserd was checked to see that the daemon was running at
    the beginning of an upcall, but nothing prevented the daemon from
    being shut down while an upcall was still in progress.
    This race probably caused the crash.

    The patch fixes this by adding a count of upcalls in progress and
    having the shut down function delay until this count goes to zero
    before getting rid of nr_client and related data used by an upcall.

Tested by:	avg (Panzura QA)
Reported by:	avg
Reviewed by:	avg
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D22377
2019-11-28 23:34:23 +00:00
Ian Lepore
ef4a351452 Implement the ofw_bus_get_node method in the imx_gpio driver so that
ofw_gpiobus can find its fdt metadata and instantiate child devices.
2019-11-28 21:50:34 +00:00
Greg Lehey
52e50ad353 Clarify name of Pau Casals (it's Catalonian)
Get correct birthday (from Wikipedia).
2019-11-28 21:22:04 +00:00
Emmanuel Vadot
19b38c94dc arm64: rockchip: rk3328: Add TSADC clocks
Add the clocks so we can use the rk_tsadc driver to monitor
the cpu temperature.
2019-11-28 20:46:24 +00:00
Emmanuel Vadot
a0cb4996c6 arm64: rockchip: tsadc: Do not free the sysctl context is it wasn't created
MFC after:	3 weeks
X-MFC-With:	r355173
2019-11-28 20:17:03 +00:00
Emmanuel Vadot
b388c5e994 Import riscv DTS files
Requested by: mhorne
2019-11-28 19:38:57 +00:00
Emmanuel Vadot
007ac39ba3 Import DTS files from Linux 5.4
MFC after:	2 months
2019-11-28 19:30:41 +00:00
Emmanuel Vadot
c3f1cfc76c Import devicetree files from Linux 5.4 2019-11-28 19:05:03 +00:00
Alexander Motin
5008399c14 Fix use-after-free in case of L2ARC prefetch failure.
In case L2ARC read failed, l2arc_read_done() creates _different_ ZIO
to read data from the original storage device.  Unfortunately pointer
to the failed ZIO remains in hdr->b_l1hdr.b_acb->acb_zio_head, and if
some other read try to bump the ZIO priority, it will crash.

The problem is reproducible by corrupting L2ARC content and reading
some data with prefetch if l2arc_noprefetch tunable is changed to 0.
With the default setting the issue is probably not reproducible now.

MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
2019-11-28 18:28:35 +00:00
Michal Meloun
6903d37518 Add driver for temperature sensors found in RK32898, RK3328 and RK3399 SoC's.
MFC after:	3 weeks
Reviewed by:	manu
Differential Revision:  https://reviews.freebsd.org/D22442
2019-11-28 17:01:31 +00:00
Michael Tuexen
f727fee546 Really ignore the SCTP association identifier on 1-to-1 style sockets
as requiresd by the socket API specification.
Thanks to Inaki Baz Castillo, who found this bug running the userland
stack with valgrind and reported the issue in
https://github.com/sctplab/usrsctp/issues/408

MFC after:		1 week
2019-11-28 12:50:25 +00:00
Jeff Roberson
b476ae7f52 Fix DEBUG_REDZONE build after r355169 2019-11-28 08:56:14 +00:00
Hans Petter Selasky
c2a8682ae8 Factor out check for mounted root file system.
Differential Revision:	https://reviews.freebsd.org/D22571
PR:		241639
MFC after:	1 week
Sponsored by:	Mellanox Technologies
2019-11-28 08:47:36 +00:00
Jeff Roberson
584061b480 Garbage collect the mostly unused us_keg field. Use appropriately named
union members in vm_page.h to store the zone and slab.  Remove some nearby
dead code.

Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D22564
2019-11-28 07:49:25 +00:00
Warner Losh
3c5a4af6e9 Also turn of teken for RB_MULTIPLE
RB_MULTIPLE without RB_SERIAL set is valid, and means 'Video first, then serial'
to the kernel (so kernel messages go to both, but /etc/rc uses video console
(this should be fixed, btw, but another day)). Check for RB_MULTIPLE as well as
RB_SERIAL where we want to to serial things. This means we'll use the old code
for emulation in these situations, which is likely best since we're outputing to
both and the old code is ligher weight allowing both to keep up w/o weird
scrolling things.
2019-11-28 05:40:15 +00:00
Warner Losh
79cb1bf26f Remove comment. We're just going to the next node here. 2019-11-28 05:40:10 +00:00
Ryan Libby
35ec24f362 uma: move sysctl vm.uma defn out from under INVARIANTS
Fix non-INVARIANTS builds after r355149.

Reported by:	Michael Butler <imb@protected-networks.net>
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D22588
2019-11-28 04:15:16 +00:00
Alexander Motin
95ba48d973 Make DMAR allow Intel NTB device to access its own BAR0.
I have no good explanation why it happens, but I found that in B2B mode
at least Xeon v4 NTB leaks accesses to its configuration memory at BAR0
originated from the link side to its host side.  DMAR predictably blocks
those, making access to remote scratchpad registers in B2B mode impossible.

This change creates identity mapping in DMAR covering the BAR0 addresses,
making the NTB work fine with DMAR enabled.  It seems like allowing single
4KB range at 32KB offset may be enough, but I don't see a reason to be so
specific.

MFC after:	1 week
Sponsored by:	iXsystems, Inc.
2019-11-28 02:40:12 +00:00
Scott Long
33ce28d137 Remove the trm(4) driver
Differential Revision:	https://reviews.freebsd.org/D22575
2019-11-28 02:32:17 +00:00
Alexander Motin
241da27e24 Make the code slightly more compact.
There should be no functional change.

MFC after:	1 week
2019-11-28 02:28:12 +00:00
Rick Macklem
841c3621b4 Change r355157 to make svc_rpc_gss_lifetime_max a static.
MFC after:	2 weeks
2019-11-28 02:18:51 +00:00
Rick Macklem
04cb0c38eb Add a cap on credential lifetime for Kerberized NFS.
The kernel RPCSEC_GSS code sets the credential (called a client) lifetime
to the lifetime of the Kerberos ticket, which is typically several hours.
As such, when a user's credentials change such as being added to a new group,
it can take several hours for this change to be recognized by the NFS server.
This patch adds a sysctl called kern.rpc.gss.lifetime_max which can be set
by a sysadmin to put a cap on the time to expire for the credentials, so that
a sysadmin can reduce the timeout.
It also fixes a bug, where time_uptime is added twice when GSS_C_INDEFINITE
is returned for a lifetime. This has no effect in practice, sine Kerberos
never does this.

Tested by:	pen@lysator.liu.se
PR:		242132
Submitted by:	pen@lysator.liu.se
MFC after:	2 weeks
2019-11-28 02:05:31 +00:00
Cy Schubert
81c2e8a6f2 Include fin, the packet information structure (fr_info_t), in the
l4sums DTrace probe, making more information available for the diagnosis
of IPv6 checksum errors.

MFC after:	3 days
2019-11-28 00:46:33 +00:00
Conrad Meyer
8dd74db753 auditd(8): fix long-standing uninitialized memory use bug
The bogus use could lead to an infinite loop depending on how fast the
audit_warn script to execute.

By fixing read(2) interruptibility, d060887 (r335899) revealed another bug
in auditd_wait_for_events.  When read is interrupted by SIGCHLD,
auditd_reap_children will always return with errno set to ECHILD.  But
auditd_wait_for_events checks errno after that point, expecting it to be
unchanged since read.  As a result, it calls auditd_handle_trigger with bogus
stack garbage.  The result is the error message "Got unknown trigger 48."  Fix
by simply ignoring errno at that point; there's only one value it could've
possibly had, thanks to the check up above.

The best part is we've had a fix for this for like 18 months and just never
merged it.  Merge it now.

PR:		234209
Reported by:	Marie Helene Kvello-Aune <freebsd AT mhka.no> (2018-12)
Submitted by:	asomers (2018-07)
Reviewed by:	me (in OpenBSM)
Obtained from:	OpenBSM
X-MFC-With:	r335899
Security:	¯\_(ツ)_/¯
Differential Revision:	https://github.com/openbsm/openbsm/pull/45
2019-11-28 00:46:03 +00:00
Chuck Silvers
2ac044e6bc As part of creating a snapshot, set fs->fs_fmod to 0 in the snapshot image
because nothing ever changes this field for read-only mounts and we want
to verify that it is still 0 when we unmount.

Reviewed by:	mckusick
Approved by:	mckusick (mentor)
Sponsored by:	Netflix
2019-11-28 00:37:43 +00:00
Jeff Roberson
20a4e15451 Implement a sysctl tree for uma zones to assist in debugging and provide
more statistcs than are exported via the ABI stable vmstat interface.
Rename uz_count to uz_bucket_size because even I was confused by the
name after returning to the source years later.

Reviewed by:	rlibby
Differential Revision:	https://reviews.freebsd.org/D22554
2019-11-28 00:19:09 +00:00
Jeff Roberson
0a81b4395e Refactor uma_zfree_arg into several functions to make control flow more
clear and icache usage cleaner.

Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D22491
2019-11-27 23:19:06 +00:00
Doug Moore
1867d2f2e9 Inline some splay helper functions to improve performance on a
micro-benchmark.

Reviewed by: markj
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D22544
2019-11-27 21:00:44 +00:00
Konstantin Belousov
ef401a8558 Requested and tested by: kevans
Reviewed by:	kevans (previous version), markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D22546
2019-11-27 20:33:53 +00:00
Alan Cox
7b3c31acbe There is no reason why we need to pin the underlying thread to its current
processor in pmap_invalidate_{all,page,range}().  These functions are using
an instruction that broadcasts the TLB invalidation to every processor, so
even if a thread migrates in the middle of one of these functions every
processor will still perform the required TLB invalidations.

Reviewed by:	andrew, markj
MFC after:	10 days
Differential Revision:	https://reviews.freebsd.org/D22502
2019-11-27 20:33:49 +00:00
Mark Johnston
e7065dd1e8 iwm(4): Remove _mvm from the namespace.
This was inherited from iwlwifi, which drives devices supported by both
iwn(4) and iwm(4) in FreeBSD.  In iwm(4) _mvm is meaningless, so remove
it.  OpenBSD made the same change a long time ago.  No functional change
intended.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2019-11-27 20:32:53 +00:00
Mark Johnston
86ea3e8bb1 iwm(4): Fix version string formatting.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2019-11-27 20:32:31 +00:00
Cy Schubert
9b7459d396 Move ipf_pcksum6() to its rightful place, in ip_fil_freebsd.c. This
FreeBSD-only function should live in the O/S specific source file.

This essentially reverts r349929 Now that ipftest and ipfreplay are
disabled in FreeBSD 11-stable.

MFC after:	3 days
2019-11-27 20:08:42 +00:00
Cy Schubert
c21bae587d Save a little stack by removing a used once intermediate variable.
MFC after:	3 days
2019-11-27 20:08:39 +00:00
Cy Schubert
89d74deb55 Remove redundant #ifdef'd function definitions.
MFC after:	3 days
2019-11-27 20:08:35 +00:00
Brooks Davis
9005a5a0f4 Fix a logic bug when "mask" contains a ?: operator.
Newer versions of clang warn that '&' evaluates before '?:'.

Reviewed by:	markj
MFC after:	3 days
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D22573
2019-11-27 20:00:44 +00:00
Konstantin Belousov
5c3771d272 bus_dma_dmar_load_ident(9): load identity mapping into the map.
Requested, reviewed and tested by:	mav
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D22559
2019-11-27 19:57:17 +00:00
Ryan Libby
ca293436d1 uma: trash memory when ctor/dtor supplied too
On INVARIANTS kernels, UMA has a use-after-free detection mechanism.
This mechanism previously required that all of the ctor/dtor/uminit/fini
arguments to uma_zcreate() be NULL in order to function.  Now, it only
requires that uminit and fini be NULL; now, the trash ctor and dtor will
be called in addition to any supplied ctor or dtor.

Also do a little refactoring for readability of the resulting logic.

This enables use-after-free detection for more zones, and will allow for
simplification of some callers that worked around the previous
restriction (see kern_mbuf.c).

Reviewed by:	jeff, markj
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D20722
2019-11-27 19:49:55 +00:00
Michael Tuexen
645f3a1cd1 Plug two mbuf leaks during INIT-ACK handling.
One leak happens when there is not enough memory to allocate the
the resources for streams. The other leak happens if the are
unknown parameters in the received INIT-ACK chunk which require
reporting and the INIT-ACK requires sending an ABORT due to illegal
parameter combinations.
Hopefully this fixes
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19083

MFC after:		1 week
2019-11-27 19:32:29 +00:00
Scott Long
184b15ff07 Clean up and clarify meta commentary on TAA. Add a state to denote
that TSX doesn't exist on the CPU.

MFC after:	3 days
Sponsored by:	Intel
2019-11-27 19:12:32 +00:00
Andrew Turner
e6bb174c50 Support kernels larger than EFI_STAGING_SIZE in loader.efi
With a very large kernel or module the staging area may be too small to
hold it. When this is the case try to allocate more space before failing
in the efi copyin/copyout/readin functions.

Reviewed by:	imp, tsoome
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D22569
2019-11-27 16:52:46 +00:00
Edward Tomasz Napierala
2b2710a70b Fix typos.
MFC after:	2 weeks
Sponsored by:	Klara, Inc
2019-11-27 10:26:37 +00:00
Andrey V. Elsukov
3f44ee8e99 Add support for dummy ESP packets with next header field equal to
IPPROTO_NONE.

According to RFC4303 2.6 they should be silently dropped.

Submitted by:	aurelien.cazuc.external_stormshield.eu
MFC after:	10 days
Sponsored by:	Stormshield
Differential Revision:	https://reviews.freebsd.org/D22557
2019-11-27 10:24:46 +00:00
Xin LI
1861313623 Update leap-seconds to leap-seconds.3676924800.
Obtained from:	ftp://ftp.nist.gov/pub/time/leap-seconds.3676924800
MFC after:	3 days
2019-11-27 07:51:29 +00:00
Ryan Libby
59fb4a95c7 witness: sleepable rm locks are not sleepable in read mode
There are two classes of rm lock, one "sleepable" and one not.  But even
a "sleepable" rm lock is only sleepable in write mode, and is
non-sleepable when taken in read mode.

Warn about sleepable rm locks in read mode as non-sleepable locks.  Do
this by defining a new lock operation flag, LOP_NOSLEEP, to indicate
that a lock is non-sleepable despite what the LO_SLEEPABLE flag would
indicate, and defining a new witness lock instance flag, LI_SLEEPABLE,
to track the product of LO_SLEEPABLE and LOP_NOSLEEP on the lock
instance.

Reviewed by:	markj
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D22527
2019-11-27 01:54:39 +00:00
Mateusz Guzik
588e69e2fd cache: stop reusing .. entries on enter
It almost never happens in practice anyway. With this eliminated ->nc_vp
cannot change vnodes, removing an obstacle on the road to lockless
lookup.
2019-11-27 01:21:42 +00:00