Commit Graph

257553 Commits

Author SHA1 Message Date
Alexander Motin
4fbbe52365 nvme: Replace potentially long DELAY() with pause().
In some cases like broken hardware nvme(4) may wait minutes for
controller response before timeout.  Doing so in a tight spin loop
made whole system unresponsive.

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D29309
Sponsored by:	iXsystems, Inc.
2021-03-17 10:35:49 -04:00
Kyle Evans
f187d6dfbf base: remove if_wg(4) and associated utilities, manpage
After length decisions, we've decided that the if_wg(4) driver and
related work is not yet ready to live in the tree.  This driver has
larger security implications than many, and thus will be held to
more scrutiny than other drivers.

Please also see the related message sent to the freebsd-hackers@
and freebsd-arch@ lists by Kyle Evans <kevans@FreeBSD.org> on
2021/03/16, with the subject line "Removing WireGuard Support From Base"
for additional context.
2021-03-17 09:14:48 -05:00
Daniel Engerg
5bffdafd6c Remove tmpfs size and properly format generated fstab for arm
Remove tmpfs size limitation, this breaks make installworld and installation of some packages
Format generated fstab using tabs to make it consistent and readable

MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D29283
2021-03-17 15:02:05 +01:00
Cy Schubert
eeb26cf52c wpa: import fix for P2P provision discovery processing vulnerability
Latest version available from: https://w1.fi/security/2021-1/

Vulnerability

A vulnerability was discovered in how wpa_supplicant processes P2P
(Wi-Fi Direct) provision discovery requests. Under a corner case
condition, an invalid Provision Discovery Request frame could end up
reaching a state where the oldest peer entry needs to be removed. With
a suitably constructed invalid frame, this could result in use
(read+write) of freed memory. This can result in an attacker within
radio range of the device running P2P discovery being able to cause
unexpected behavior, including termination of the wpa_supplicant process
and potentially code execution.

Vulnerable versions/configurations

wpa_supplicant v1.0-v2.9 with CONFIG_P2P build option enabled

An attacker (or a system controlled by the attacker) needs to be within
radio range of the vulnerable system to send a set of suitably
constructed management frames that trigger the corner case to be reached
in the management of the P2P peer table.

Note: FreeBSD base does not enable P2P.
2021-03-17 06:06:55 -07:00
Hans Petter Selasky
1acf24a044 Implement pci_get_relaxed_ordering_enabled() helper function.
Discussed with:	kib@
MFC after:	1 week
Sponsored by:	Mellanox Technologies // NVIDIA Networking
2021-03-17 13:48:04 +01:00
Ka Ho Ng
c96151d335 Implement sndstat nvlist-based enumeration ioctls.
These ioctl commands aim to provide easier ways for user space
applications to enumerate existing audio devices and the node they can
potentially use.

The exchange of device lists between user space and kernel is done on
nv(9). Some ioctl commands are added to /dev/sndstat node:
  - SNDSTAT_REFRESH_DEVS
  - SNDSTAT_GET_DEVS
  - SNDSTAT_ADD_USER_DEVS
  - SNDSTAT_FLUSH_USER_DEVS

Bump __FreeBSD_version to reflect the addition of the ioctls.

Sponsored by:	The FreeBSD Foundation
Reviewed by:	hselasky
Approved by:	philip (mentor)
Differential Revision:	https://reviews.freebsd.org/D26884
2021-03-17 19:05:43 +08:00
John Baldwin
096a847216 nlmrsa: Mark deprecated for 14.
This is the only in-tree driver for the asymmetric crypto support in
OCF that is already marked deprecated for 14.

MFC after:	3 days
Sponsored by:	Chelsio Communications
2021-03-16 14:43:03 -07:00
Peter Jeremy
cdac5f398b nfs: Cleanup dead files
These files are no longer used by the FreeBSD base system. They were being used by the amd port but that has also been deleted.

Reviewed by:	rmacklem
Sponsored by:	Google
Differential Revision:	https://reviews.freebsd.org/D29180
2021-03-17 06:16:31 +11:00
Mark Johnston
7b1b5aad95 stand: Load INIT_ARRAY and FINI_ARRAY sections
This is required for preloading modules into a KASAN-configured kernel.

MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2021-03-16 15:01:41 -04:00
Mark Johnston
4aa157dd5b link_elf_obj: Add a case missing from 5e6989ba4f
Fixes:		5e6989ba4f
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2021-03-16 15:01:41 -04:00
Jung-uk Kim
6827435548 pkgbase: Fix building out-of-tree manual pages
c7e6cb9e08 introduced MK_MANSPLITPKG but it was not available for
building out-of-tree manual pages.  For example, x11/nvidia-driver fails
with the following error:

===> doc (all)
make[3]: "/usr/share/mk/bsd.man.mk" line 53: Malformed conditional (${MK_MANSPLITPKG} == "no")
make[3]: Fatal errors encountered -- cannot continue

Move the definition from src.opts.mk to bsd.opts.mk to make it visible.
2021-03-16 14:29:48 -04:00
Navdeep Parhar
0b373f26be cxgbe(4): catch up with the latest cryptocaps.
There are two crypto capabilities that the driver didn't know about.

MFC after:	1 week
Sponsored by:	Chelsio Communications
2021-03-16 10:53:52 -07:00
Glen Barber
0af8a2db34 release: do not set __MAKE_CONF and SRCCONF for the chroot build
PR:		254319
Submitted by:	truckman
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2021-03-16 12:01:48 -04:00
Baptiste Daroussin
c244b1d8a3 pkg: settle the uniq extension to .pkg instead of .bsd
Requested by:	many
2021-03-16 16:19:52 +01:00
Ka Ho Ng
54ac6f721e bhyve: virtio shares definitions between sys/dev/virtio
Definitions inside usr.sbin/bhyve/virtio.h are thrown away.
Definitions in sys/dev/virtio are used instead.

This reduces code duplication.

Sponsored by:	The FreeBSD Foundation
Reviewed by:	grehan
Approved by:	philip (mentor)
Differential Revision:	https://reviews.freebsd.org/D29084
2021-03-16 19:29:39 +08:00
Kristof Provost
15b82e00a1 pf: pool/kpool conversion code
stuct pf_pool and struct pf_kpool are different. We should not simply
bcopy() them.

Happily it turns out that their differences were all pointers, and the
userspace provided pointers were overwritten by the kernel, so this did
actually work correctly, but we should fix it anyway.

Reviewed by:	glebius
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29216
2021-03-16 10:30:28 +01:00
Emmanuel Vadot
060f0a17bb Revert "include: Remove symlink installation"
This reverts commit 0006530aa1.
2021-03-16 08:40:59 +01:00
Emmanuel Vadot
35b6d9b65e Revert "include: Tag directly the last headers"
This reverts commit 839fc8cdf9.
2021-03-16 08:40:54 +01:00
Emmanuel Vadot
c7e6cb9e08 pkgbase: Add an src.conf option for splitting man pages
Man pages can be big in total, add an options to split man pages
in -man packages so we produce smaller packages.
This is useful for small jails or mfsroot produced of pkgbase.
The option is off by default.

Reviewed by:	bapt, Mina Galić <me@igalic.co>
Differential Revision:	https://reviews.freebsd.org/D29169
MFC after:      2 weeks
2021-03-16 07:13:09 +01:00
Emmanuel Vadot
500f4659d7 Convert libs with pc files to use PCFILES
Now the .pc ends up in the correct package (-dev)

Reviewed by:	bapt, emaste
Differential Revision:	https://reviews.freebsd.org/D29172
MFC after:      2 weeks
2021-03-16 07:13:07 +01:00
Emmanuel Vadot
8a84b3736b bsd.lib.mk: Add a install target for .pc files
That way the files are correctly taggued for pkgbase

Reviewed by:	bapt, emaste (both earlier version)
Differential Revision:	https://reviews.freebsd.org/D29171
MFC after:      2 weeks
2021-03-16 07:13:03 +01:00
Emmanuel Vadot
839fc8cdf9 include: Tag directly the last headers
We cannot easily used the TAG here and we don't yet have something to install
even .h from a diretory in bsd.prog.mk

Reviewed by:	bapt
Differential Revision:	https://reviews.freebsd.org/D29170
MFC after:      2 weeks
2021-03-16 07:13:00 +01:00
Emmanuel Vadot
c76439da01 pkgbase: Remove case for runtime and jail package ucl generation
They aren't needed and produce wrong package comments :
We use to have "runtime-dev package" instead of
"FreeBSD Base System (Development Files)" for example

Reviewed by:	bapt
Differential Revision:	https://reviews.freebsd.org/D29168
MFC after:      2 weeks
2021-03-16 07:12:56 +01:00
Emmanuel Vadot
0006530aa1 include: Remove symlink installation
headers could be installed as symlink to the source tree instead of copies.
Remove the possibility to do that.
This make the makefile easier to read and to maintain and also don't duplicate
code.

While here remove some directories from LSBUDIRS as we already install them using
the INCS stuff.

Reviewed by:	bapt
Differential Revision:	https://reviews.freebsd.org/D29167
MFC after:      2 weeks
2021-03-16 07:12:53 +01:00
Emmanuel Vadot
0594b28795 pkgbase: Install all cam includes with INCS
Now they are correctly taggued and put into the -dev package

Reviewed by:	bapt
Differential Revision:	https://reviews.freebsd.org/D29166
MFC after:      2 weeks
2021-03-16 07:12:49 +01:00
Emmanuel Vadot
8c3eaf244a pkgbase: Install all BSM includes with INCS
Now they are correctly taggued and put them into the libbsm package

Reviewed by:	bapt
Differential Revision:	https://reviews.freebsd.org/D29165
MFC after:      2 weeks
2021-03-16 07:12:46 +01:00
Emmanuel Vadot
b5fc9e350c pkgbase: Move libicp in utilities
libicp is used by zdb zhack zinject zstream ztest libzpool.so.2 which
are all in FreeBSD-utilities.

Reviewed by:	bapt, emaste
Differential Revision:	https://reviews.freebsd.org/D29164
MFC after:	2 weeks
2021-03-16 07:12:40 +01:00
Jason A. Harmening
c2460d7cfe factor out PT page allocation/freeing
As follow-on work to e4b8deb222, move page table page
allocation and freeing into their own functions.  Use these
functions to provide separate kernel vs. user page table page
accounting, and to wrap common tasks such as management of
zero-filled page state.

Requested by:	markj, kib
Reviewed by:	kib
Differential Revision:	 https://reviews.freebsd.org/D29151
2021-03-15 17:14:43 -07:00
John Baldwin
283352dd4f Stop installing kernel-only crypto headers to /usr/include/crypto.
The only user-facing header from OCF is <crypto/cryptodev.h>.

PR:		254167 (exp-run)
MFC after:	1 week
Sponsored by:	Chelsio Communications
2021-03-15 17:00:21 -07:00
Alexander V. Chernikov
e4ac3f7463 Fix fib algo rebuild delay calculation.
Submitted by:	Marco Zec <zec at fer.hr>
MFC after:	3 days
2021-03-15 21:09:07 +00:00
Alexander Motin
8ea35c45d5 Include ccompile.h after opt_global.h.
This restores INVARIANTS enabling ZFS_DEBUG when built as module.

Discussed with:	freqlabs
MFC after:	1 week
2021-03-15 13:52:23 -04:00
Vincenzo Maffione
0ab5902e8a netmap: fix memory leak in NETMAP_REQ_PORT_INFO_GET
The netmap_ioctl() function has a reference counting bug in case of
NETMAP_REQ_PORT_INFO_GET command. When `hdr->nr_name[0] == '\0'`,
the function does not decrease the refcount of "nmd", which is
increased by netmap_mem_find(), causing a refcount leak.

Reported by:	Xiyu Yang <sherllyyang00@gmail.com>
Submitted by:	Carl Smith <carl.smith@alliedtelesis.co.nz>
MFC after: 3 days
PR:	254311
2021-03-15 17:39:18 +00:00
Baptiste Daroussin
a2aac2f5e5 pkg(7): when bootstrapping first search for pkg.bsd file then pkg.txz
The package extension is going to be changed to .bsd to be among other
things resilient to the change of compression format used and reduce
the impact of all third party tool of that change.

Ensure the bootstrap knows about it

Reviewed by:	manu
Differential revision:	https://reviews.freebsd.org/D29232
2021-03-15 17:52:22 +01:00
Julien Grall
b55c0d5f56 xen: move x86-specific xen_vector_callback_enabled to sys/x86
This is x86-only and so should not be in the common area.

Submitted by: Elliott Mitchell <ehem+freebsd@m5p.com>
Reviewed by: royger
Differential revision: https://reviews.freebsd.org/D29040
2021-03-15 14:20:21 +01:00
Julien Grall
ff5272ca71 xen/xenusb: always include xen/xen-os.h rather than machine/xen/xen-os.h
Fix compilation since machine/xen/xen-os.h is requiring definition
existing in xen/xen-os.h.

In general machine/xen/xen-os.h should never be included

Submitted by: Elliott Mitchell <ehem+freebsd@m5p.com>
Reviewed by: royger
Differential revision: https://reviews.freebsd.org/D29043
2021-03-15 14:20:21 +01:00
Kyle Evans
ff92a03616 if_wg: fix build with DIAGNOSTICS
This file got resynced with OpenBSD to pick up fixes that had taken
place after the version initially ported to FreeBSD.  KASSERT there is
more like MPASS here.

Reported by:	David Wolfskill <david@catwhisker.org>
2021-03-15 07:36:02 -05:00
Peter Holm
cefb959e18 stress2: Update expetced errno 2021-03-15 12:16:52 +01:00
Peter Holm
f619b21d0f stress2: Fix usage of unitializer data 2021-03-15 12:00:01 +01:00
Wei Hu
805dbff6c3 Hyper-V: hn: Initialize the internal field of per packet info on tx path
The RSC support feature introduced a bit field "rm_internal" in
struct rndis_pktinfo with total size unchanged.

The guest does not use this field in the tx path. However we need to
initialize it to zero in case older hosts which are not aware of this
field.

Fixes:		a491581f ("Hyper-V: hn: Enable vSwitch RSC support")
MFC after:	2 weeks
Sponsored by:	Microsoft
2021-03-15 10:33:29 +00:00
Fernando Apesteguía
16b2290447 wlandebug.8: remove Xref for missing manpages
Remove references for: athdebug(8), athstats(8) and wlanstats(8)

Those are tools in the tools/ directory that are not built as part of the base
system. According to the toolds/README file:

"...these tools are not meant to be built as part of the standard system..."

Even more, the tools/tools/README is not udpated and wlanstats does not even
built on current:

error: cast from 'struct sockaddr *' to 'const struct sockaddr_dl *' increases
required alignment from 1 to 2 [-Werror,-Wcast-align]

PR:	 227174
Reported by: freebsd.org@alexandrews.me.uk
Reviewed by: gbe@ adrian@
Approved by: gbe@ (mentor) adrian@
Differential Revision: https://reviews.freebsd.org/D29033
2021-03-15 10:04:13 +01:00
Kyle Evans
25529f11cf if_wg: close the sockets if wg_socket_bind() failed
This fixes the remaining cred leak that prevented jails from fully dying
in some error cases.
2021-03-15 01:23:56 -05:00
Kyle Evans
99158c7fbd if_wg: stop holding creds in wg_socket_init()
We're now xlocked when we create sockets, so we're now guaranteed that
the creds won't be released out from underneath us over in
wg_prison_remove().
2021-03-15 01:21:25 -05:00
Kyle Evans
1170485947 if_wg: fix the !INET6 support
INET is still required, so formally don't build it in !INET
configurations.
2021-03-15 00:41:38 -05:00
Kyle Evans
e277a507d8 tests: netinet: add missing up from local change 2021-03-15 00:24:54 -05:00
Kyle Evans
74ae3f3e33 if_wg: import latest fixup work from the wireguard-freebsd project
This is the culmination of about a week of work from three developers to
fix a number of functional and security issues.  This patch consists of
work done by the following folks:

- Jason A. Donenfeld <Jason@zx2c4.com>
- Matt Dunwoodie <ncon@noconroy.net>
- Kyle Evans <kevans@FreeBSD.org>

Notable changes include:
- Packets are now correctly staged for processing once the handshake has
  completed, resulting in less packet loss in the interim.
- Various race conditions have been resolved, particularly w.r.t. socket
  and packet lifetime (panics)
- Various tests have been added to assure correct functionality and
  tooling conformance
- Many security issues have been addressed
- if_wg now maintains jail-friendly semantics: sockets are created in
  the interface's home vnet so that it can act as the sole network
  connection for a jail
- if_wg no longer fails to remove peer allowed-ips of 0.0.0.0/0
- if_wg now exports via ioctl a format that is future proof and
  complete.  It is additionally supported by the upstream
  wireguard-tools (which we plan to merge in to base soon)
- if_wg now conforms to the WireGuard protocol and is more closely
  aligned with security auditing guidelines

Note that the driver has been rebased away from using iflib.  iflib
poses a number of challenges for a cloned device trying to operate in a
vnet that are non-trivial to solve and adds complexity to the
implementation for little gain.

The crypto implementation that was previously added to the tree was a
super complex integration of what previously appeared in an old out of
tree Linux module, which has been reduced to crypto.c containing simple
boring reference implementations.  This is part of a near-to-mid term
goal to work with FreeBSD kernel crypto folks and take advantage of or
improve accelerated crypto already offered elsewhere.

There's additional test suite effort underway out-of-tree taking
advantage of the aforementioned jail-friendly semantics to test a number
of real-world topologies, based on netns.sh.

Also note that this is still a work in progress; work going further will
be much smaller in nature.

MFC after:	1 month (maybe)
2021-03-14 23:52:04 -05:00
Ryan Libby
3e5e9939cd ddb: enable the use of ^C and ^S/^Q
This lets one interrupt DDB's output, which is useful if paging is
disabled and the output device is slow.

This follows a previous implementation in svn r311952 / git
5fddef7999 which was reverted because it
broke DDB type-ahead.

Now, try this again, but with a 512-byte type-ahead buffer.  While there
is buffer space, control input is handled and non-control input is
buffered.  When the buffer is exhausted, the default is to print a
warning and drop further non-control input in order to continue handling
control input.  sysctl debug.ddb.prioritize_control_input can be set to
0 to instead preserve all input but lose immediate handling of control
input.  This could for example effect pasting of a large script into the
ddb console.

Suggested by:	Anton Rang <rang@acm.org>
Reviewed by:	markj
Discussed with:	imp
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D28676
2021-03-14 16:04:27 -07:00
Ryan Libby
588ce1a3ac kobj: avoid gcc -Wcast-function-type
The actual type of kobjop_t is arbitrary, it is only used as a generic
function pointer type.  Declare it as void (*)(void) in order to avoid
gcc's -Wcast-function-type, which is included in -Wextra.

Reviewed by:	avg, jhb
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D28769
2021-03-14 16:04:27 -07:00
Dmitry Chagin
5224c2a3bc Merge tcsh 6.22.03-ceccc7f
PR:		252663
MFC after:	1 week
2021-03-14 19:33:13 +03:00
Dmitry Chagin
1b174d6cdf Import 6.22.03-ceccc7f 2021-03-14 19:28:29 +03:00
Martin Matuska
9db44a8e5d zfs: merge OpenZFS master-9305ff2ed
Notable upstream pull request merges:
  #11153 Scalable teardown lock for FreeBSD
  #11651 Don't bomb out when using keylocation=file://
  #11667 zvol: call zil_replaying() during replay
  #11683 abd_get_offset_struct() may allocate new abd
  #11693 Intentionally allow ZFS_READONLY in zfs_write
  #11716 zpool import cachefile improvements
  #11720 FreeBSD: Clean up zfsdev_close to match Linux
  #11730 FreeBSD: bring back possibility to rewind the
         checkpoint from bootloader

Obtained from:	OpenZFS
MFC after:	2 weeks
2021-03-14 02:32:14 +01:00