Commit Graph

268663 Commits

Author SHA1 Message Date
Konstantin Belousov
364790beaf pidfile test: guarantee nul termination of the read pid string
PR:	258701
Based on the submission by:	sigsys@gmail.com
MFC after:	1 week
2021-09-24 19:52:41 +03:00
Mark Johnston
d7cf1b262f tests/sys/sys: Raise WARNS
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2021-09-24 11:31:53 -04:00
Kristof Provost
9cce0ef95a UPDATING: new entry about dummynet
Dummynet now no longer requires ipfw, so any users relying on this
dependency to load ipfw will need to explicitly load ipfw.

While here fix a typo in the date of the previous entry.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2021-09-24 14:21:25 +02:00
Kristof Provost
de2a0fafe6 cxgbe: fix LINT-NOIP builds
The -NOIP builds fail because cxgbe_tls_tag_free() has no prototype (if
neither INET nor INET6 are defined). The function isn't actually used
in that case, so we can just remove the stub implementation.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2021-09-24 14:21:18 +02:00
Kristof Provost
00a7a05bde pf.conf.5: document dummynet support
MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D31907
2021-09-24 11:41:26 +02:00
Kristof Provost
c8607bf4e7 man dummynet: dummynet can also be used with pf
MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D31906
2021-09-24 11:41:26 +02:00
Kristof Provost
ab55fa11b3 netpfil tests: extend dummynet tests to pf
Now that pf can also use dummynet we should extend the existing dummynet
tests to also test it when used with pf.

Reviewed by:	donner
MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D31905
2021-09-24 11:41:25 +02:00
Kristof Provost
63b3c1c770 pf: support dummynet
Allow pf to use dummynet pipes and queues.

We re-use the currently unused IPFW_IS_DUMMYNET flag to allow dummynet
to tell us that a packet is being re-injected after being delayed. This
is needed to avoid endlessly looping the packet between pf and dummynet.

MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D31904
2021-09-24 11:41:25 +02:00
Kristof Provost
8160a0f62b dummynet: Does not depend on ipfw
Allow the dummynet module to be loaded without ipfw, as a first step
towards making pf use it for packet scheduling.

Reviewed by:	donner
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D31903
2021-09-24 11:41:25 +02:00
Kristof Provost
cc1ce085b8 man dummynet: point to dnctl instead of ipfw
Dummynet configuration is ideally done through dnctl now. While ipfw
still works dnctl is preferred now that dummynet can also be used with
pf.

MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D31902
2021-09-24 11:41:25 +02:00
Bartlomiej Grzesik
9dfc8606eb ipsec: Add support for PMTUD for IPv6 tunnels
Discard and send ICMPv6 Packet Too Big to sender when we try to encapsulate
and forward a packet which total length exceeds the PMTU.
Logic is based on the IPv4 implementation.
Common code was moved to a separate function.

Differential revision:	https://reviews.freebsd.org/D31771
Obtained from:		Semihalf
Sponsored by:		Stormshield
2021-09-24 10:27:21 +02:00
Bartlomiej Grzesik
b4220bf387 ipsec: If no PMTU in hostcache assume it's equal to link's MTU
If we fail to find to PMTU in hostcache, we assume it's equal
to link's MTU.

This patch prevents packets larger then link's MTU to be dropped
silently if there is no PMTU in hostcache.

Differential revision:	https://reviews.freebsd.org/D31770
Obtained from:		Semihalf
Sponsored by:		Stormshield
2021-09-24 10:25:53 +02:00
Bartlomiej Grzesik
4f3376951d ipsec: Add PMTUD support for IPsec IPv4 over IPv6 tunnel
Add support for checking PMTU for IPv4 packets encapsulated in IPv6 tunnels.

Differential revision:	https://reviews.freebsd.org/D31769
Sponsored by:		Stormshield
Obtained from:		Semihalf
2021-09-24 10:17:11 +02:00
Jason A. Harmening
f9e28f9003 unionfs: lock newly-created vnodes before calling insmntque()
This fixes an insta-panic when attempting to use unionfs with
DEBUG_VFS_LOCKS.  Note that unionfs still has a long way to
go before it's generally stable or usable.

Reviewed by:	kib (prior version), markj
Tested by:	pho
Differential Revision: https://reviews.freebsd.org/D31917
2021-09-23 19:20:30 -07:00
Nathaniel Wesley Filardo
0321a7990b kqueue: Add EV_KEEPUDATA flag
When this flag is set, operations that update an existing kevent will
not change the udata field.  This can be used to NOTE_TRIGGER or
EV_{EN,DIS}ABLE events without overwriting the stashed pointer.

Reviewed by:	Domagoj Stolfa <domagoj.stolfa@gmail.com>
Obtained from:	CheriBSD
Sponsored by:	Microsoft
Differential Revision:	https://reviews.freebsd.org/D30286
2021-09-23 17:31:39 -07:00
Nathaniel Wesley Filardo
701a99939f libsysdecode: Permit _ in VM_PROT_(.*) names.
CheriBSD defines additional protection flags which use underscores
such as VM_PROT_READ_CAP and VM_PROT_WRITE_CAP.

Obtained from:	CheriBSD
Sponsored by:	Microsoft
Differential Revision:	https://reviews.freebsd.org/D30017
2021-09-23 17:31:39 -07:00
Konstantin Belousov
45c2c7c484 aio_aqueue(): avoid ucred leak on failure path
PR:	258698
Submitted by:	sigsys@gmail.com
MFC after:	1 week
2021-09-24 03:18:34 +03:00
Warner Losh
502dc84a8b nvme: Use shared timeout rather than timeout per transaction
Keep track of the approximate time commands are 'due' and the next
deadline for a command. twice a second, wake up to see if any commands
have entered timeout. If so, quiessce and then enter a recovery mode
half the timeout further in the future to allow the ISR to
complete. Once we exit recovery mode, we go back to operations as
normal.

Sponsored by:		Netflix
Differential Revision:	https://reviews.freebsd.org/D28583
2021-09-23 16:42:08 -06:00
Kristof Provost
cb13059663 pf: fix pagefault in pf_getstatus()
We can't copyout() while holding a lock, in case it triggers a page
fault.
Release the lock before copyout, which is safe because we've already
copied all the data into the nvlist.

PR:		258601
Reviewed by:	mjg
MFC after:	1 week
Sponsored by:	Modirum MDPay
Differential Revision:	https://reviews.freebsd.org/D32076
2021-09-23 21:56:59 +02:00
Wenzhuo Lu
d5ad2f2a67 e1000: fix K1 configuration
This patch is for the following updates to the K1 configurations:
Tx idle period for entering K1 should be 128 ns.
Minimum Tx idle period in K1 should be 256 ns.

Signed-off-by: Wenzhuo Lu <wenzhuo.lu@intel.com>

PR:		258153
Reviewed by:	erj
Tested by:	iron.udjin@gmail.com
Approved by:	imp
Obtained from:	DPDK (6f934fa24dfd437c90ead96bc7598ee77a117ede)
MFC after:	1 week
2021-09-23 12:41:37 -07:00
Kyle Evans
f555b39e6b man: reset OPTIND before parsing args
From jilles: POSIX requires that a script set `OPTIND=1` before using
different sets of parameters with `getopts`, or the results will be
unspecified.

The specific problem observed here is that we would execute `man -f` or
`man -k` without cleaning up state from man_parse_args()' `getopts`
loop.  FreeBSD's /bin/sh seems to reset OPTIND to 1 after we hit the
second getopts loop, rendering the following shift harmless; other
/bin/sh implementations will leave it at what we came into the loop at
(e.g., bash as /bin/sh), shifting off any keywords that we had.

Input from:	jilles
Reviewed by:	allanjude, bapt, imp
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D32063
2021-09-23 14:13:34 -05:00
Alexander Motin
ef50d5fbc3 x86: Add NUMA nodes into CPU topology.
Depending on hardware, NUMA nodes may match last level caches, or
they may be above them (AMD Zen 2/3) or below (Intel Xeon w/ SNC).
This information is provided by ACPI instead of CPUID, and it is
provided for each CPU individually instead of mask widths, but
this code should be able to properly handle all the above cases.

This change should immediately allow idle stealing in sched_ule(4)
to prefer load from NUMA-local CPUs to remote ones when the node
does not match LLC.  Later we may think of how to better handle it
on sched_pickcpu() side.

MFC after:	1 month
2021-09-23 14:31:38 -04:00
Randall Stewart
1ca931a540 tcp: Rack compressed ack path updates the recv window too easily
The compressed ack path of rack is not following proper procedures in updating
the peers window. It should be checking the seq and ack values before updating and
instead it is blindly updating the values. This could in theory get the wrong window
in the connection for some length of time.

Reviewed by: tuexen
Sponsored by: Netflix Inc.
Differential Revision: https://reviews.freebsd.org/D32082
2021-09-23 11:43:29 -04:00
Randall Stewart
fd69939e79 tcp: Two bugs in rack one of which can lead to a panic.
In extensive testing in NF we have found two issues inside
the rack stack.

1) An incorrect offset is being generated by the fast send path when a fast send is initiated on
   the end of the socket buffer and before the fast send runs, the sb_compress macro adds data to the trailing socket.
   This fools the fast send code into thinking the sb offset changed and it miscalculates a "updated offset".
   It should only do that when the mbuf in question got smaller.. i.e. an ack was processed. This can lead to
   a panic deref'ing a NULL mbuf if that packet is ever retransmitted. At the best case it leads to invalid data being
   sent to the client which usually terminates the connection. The fix is to have the proper logic (that is in the rsm fast path)
   to make sure we only update the offset when the mbuf shrinks.
2) The other issue is more bothersome. The timestamp check in rack needs to use the msec timestamp when
   comparing the timestamp echo to now. It was using a microsecond timestamp which ends up giving error
   prone results but causes only small harm in trying to identify which send to use in RTT calculations if its a retransmit.

Reviewed by: tuexen
Sponsored by: Netflix Inc.
Differential Revision: https://reviews.freebsd.org/D32062
2021-09-23 10:54:23 -04:00
Ed Maste
dbc7ca5945 vt: bound buffer access in redraw optimization
PR:		248628
Reported by:	oleg
Reviewed by:	cem, oleg (both earlier)
Fixes:		ee97b2336a ("Speed up vt(4) by keeping...")
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32059
2021-09-23 09:51:36 -04:00
Michael Tuexen
414499b3f9 sctp: Cleanup stream schedulers.
No functional change intended.

MFC after:	1 week
2021-09-23 14:16:56 +02:00
Arnaud Ysmal
0b92a7fe47 LACP: Do not wait response for marker messages not sent
The error returned when a marker message can not be emitted on a port is not handled.

This cause the lacp to block all emissions until the timeout of 3 seconds is reached.

To fix this issue, I just clear the LACP_PORT_MARK flag when the packet could not be emitted.

Differential revision:	https://reviews.freebsd.org/D30467
Obtained from:		Stormshield
2021-09-23 10:57:11 +02:00
Stephane Rochoy
492bf4fdad veriexec: Fix veriexec -i's confusion between loaded and locked states
Calling veriexec -i locked return the state of loaded and vice-versa.

Differential revision:	https://reviews.freebsd.org/D30952
Reviewed by:		sjg,imp
Obtained from:		Stromshield
2021-09-23 10:53:56 +02:00
Stephane Rochoy
d2c233176f sh: Add -o verify to use O_VERIFY when sourcing scripts
Add -o verify to sh to make it use O_VERIFY when
sourcing scripts and reading profiles.

Useful in conjunction with mac_veriexec to help protect at
least some parts of the boot sequence, e.g., /etc/rc*.

Differential revision:	https://reviews.freebsd.org/D30464
Reviewed by:		jilles, sjg
Obtained from:		Stormshield
2021-09-23 10:43:09 +02:00
Hans Petter Selasky
90f6610b19 UPDATING: Fix spelling.
Submitted by:	gljennjohn@gmail.com
Differential Revision:	https://reviews.freebsd.org/D31636
Sponsored by:	NVIDIA Networking
2021-09-23 09:49:45 +02:00
Kyle Evans
5e79bba562 kern: random: collect ~16x less from fast-entropy sources
Previously, we were collecting at a base rate of:

64 bits x 32 pools x 10 Hz = 2.5 kB/s

This change drops it to closer to 64-ish bits per pool per second, to
work a little better with entropy providers in virtualized environments
without compromising the security goals of Fortuna.

Reviewed by:	#csprng (cem, delphij, markm)
Differential Revision:	https://reviews.freebsd.org/D32021
2021-09-23 01:03:02 -05:00
Kyle Evans
6895cade94 kern: random: drop read_rate and associated functionality
Refer to discussion in PR 230808 for a less incomplete discussion, but
the gist of this change is that we currently collect orders of magnitude
more entropy than we need.

The excess comes from bytes being read out of /dev/*random.  The default
rate at which we collect entropy without the read_rate increase is
already more than we need to recover from a compromise of an internal
state.

Reviewed by:	#csprng (cem, delphij, markm)
Differential Revision:	https://reviews.freebsd.org/D32021
2021-09-23 01:03:01 -05:00
Wojciech Macek
7bc13692a2 hwpmc: fix performance issues
Differential revision:	https://reviews.freebsd.org/D32025

Avoid using atomics as it_wait is guarded by td_lock.

Report threshold calculation is done only if at least one PMC hook
is installed

Fixes:
* avoid unnecessary branching (if frame != null ...)
  by having PMC_HOOK_INSTALLED_ANY
  condition on the top of them, which should hint
  the core not to execute speculatively anything
  which us underneath;
* access intr_hwpmc_waiting_report_threshold cacheline
  only if at least one hook is loaded;
2021-09-23 07:15:42 +02:00
Wojciech Macek
319b150003 pmc: intr pmc.soft(3) update
Obtained from:		Semihalf
Sponsored by:		Stormshield
Reviewed by:		mhorne
Differential revision:	https://reviews.freebsd.org/D32055
2021-09-23 06:13:58 +02:00
Baptiste Daroussin
88741a40c8 check-links.sh: treat PIE executable as elf files 2021-09-23 04:49:57 +02:00
Konstantin Belousov
3fcbde5e88 tests/sys/fs/fusefs/read.cc: fix build on powerpc64
There sig_atomic_t is shorter than void *.
As result, it cannot keep pointer.

Assigning to void * is actually safe for us in a signal handler.

Reviewed by:	asomers
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Fixes:	4f917847c9
Differential revision:	https://reviews.freebsd.org/D32064
2021-09-23 03:51:10 +03:00
John Baldwin
b5f90655ea sysdecode.3: Remove documentation of CloudABI ABIs.
Fixes:		cf0ee8738e Drop cloudabi
2021-09-22 17:02:17 -07:00
Olivier Houchard
f4b7018af1 truss: Decode correctly 64bits arguments on 32bits arm.
Mostly revert ebbc3140ca.
We don't need to special-case anything for arm64, the check for the pointer
size is already done for us, just keep the bits about having arm and arm64
having to add padding for 32bits binaries.

MFC after:	1 week
2021-09-23 01:26:42 +02:00
Kirk McKusick
b31c5a2532 Eliminate an unnecessary rerun request in fsck_ffs.
When fsck_ffs is running in preen mode and finds a zero-length directory,
it deletes that directory. In doing this operation, it unnecessary set
its internal flag saying that fsck_ffs needed to be rerun. This patch
deletes the rerun request for this case.

Reported by:  Mark Johnson
PR:           246962
MFC after:    1 week
Sponsored by: Netflix
2021-09-22 16:20:19 -07:00
Olivier Houchard
ebbc3140ca truss: Decode correctly 64bits arguments on 32bits arm.
When decoding 32bits arm syscall, make sure we account for the padding when
decoding 64bits args. Do it too when using a 64bits truss on a 32bits binary.

MFC After:	1 week
PR:		256199
2021-09-23 01:04:16 +02:00
Olivier Houchard
9bab18b861 libsysdecode: Decode FreeBSD32 syscalls on arm64.
Add aarch64 to the list of architectures that can run 32bits FreeBSD binaries,
so that truss works correctly with an arm32 binary.
The same should probably be done with mips.

MFC After:	1 week
2021-09-23 00:24:50 +02:00
Piotr Pawel Stefaniak
1f82fb3834 sh: try to avoid overwriting HISTFILE produced by other shells
If an attempt to load history from an existing history file was
unsuccessful, do not try to save command history to that file on exit.
2021-09-22 22:23:32 +02:00
Piotr Pawel Stefaniak
c866d0c798 sh: improve command completion
When there are many matches, find the longest common substring starting
from the beginning of each command and use that to replace input.

As an example: on my system, llv<tab> will be autocompleted to llvm-
and another <tab> will print all matching llvm commands.
2021-09-22 22:23:32 +02:00
Konstantin Belousov
e36d0e86e3 Revert "linux32: add a hack to avoid redefining the type of the savefpu tag"
This reverts commit 0f6829488e.
Also it changes the type of md_usr_fpu_save struct mdthread member
to void *, which is what uncovered this trouble.  Now the save area
is untyped, but since it is hidden behind accessors, it is not too
significant.  Since apparently there are consumers affected outside
the tree, this hack is better than one from the reverted revision.

PR:	258678
Reported by:	cy
Reviewed by:	cy, kevans, markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D32060
2021-09-22 23:17:47 +03:00
Hans Petter Selasky
624a34b87b rc.d/mixer: Use -o flag instead of -s flag to get current mixer state.
Submitted by:	christos@
Differential Revision:	https://reviews.freebsd.org/D31636
Sponsored by:	NVIDIA Networking
2021-09-22 22:09:36 +02:00
Hans Petter Selasky
db6ba1e0c5 mixer(3) and mixer(8): Update manual pages.
- Use correct e-mail address.
- Set FreeBSD 14.0 as introduction for the updated mixer(8) utility.

Submitted by:	christos@
Differential Revision:	https://reviews.freebsd.org/D31636
Sponsored by:	NVIDIA Networking
2021-09-22 22:01:40 +02:00
Hans Petter Selasky
8fc722a572 mixer(8): Compile fix for when the "char" type is unsigned.
Differential Revision:	https://reviews.freebsd.org/D31636
Sponsored by:	NVIDIA Networking
2021-09-22 20:58:47 +02:00
Hans Petter Selasky
0e94a30691 UPDATING: Add new entry about mixer(8) usage.
Differential Revision:	https://reviews.freebsd.org/D31636
Sponsored by:	NVIDIA Networking
2021-09-22 19:44:43 +02:00
Hans Petter Selasky
903873ce15 Implement and use new mixer(3) library for FreeBSD.
Wiki article: https://wiki.freebsd.org/SummerOfCode2021Projects/SoundMixerImprovements
This project was part of Google Summer of Code 2021.

Submitted by:	christos@
Differential Revision:	https://reviews.freebsd.org/D31636
Sponsored by:	NVIDIA Networking
2021-09-22 19:43:56 +02:00
Alexander Motin
884f38590c Fix false device_set_unit() error.
It should silently succeed if the current unit number is the same as
requested, not fail immediately.

MFC after:	1 week
2021-09-22 08:44:39 -04:00