Commit Graph

253821 Commits

Author SHA1 Message Date
Kristof Provost
c9449e4fb8 pf: create a kif for flags
If userspace tries to set flags (e.g. 'set skip on <ifspec>') and <ifspec>
doesn't exist we should create a kif so that we apply the flags when the
<ifspec> does turn up.

Otherwise we'd end up in surprising situations where the rules say the
interface should be skipped, but it's not until the rules get re-applied.

Reviewed by:	Lutz Donnerhacke <lutz_donnerhacke.de>
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D26742
2020-10-12 12:39:37 +00:00
Alex Richardson
253e820a4d Link efi programs with -pie rather than -shared
This was causing build failures in CheriBSD where we were passing -pie
already by default.

Reviewed By:	andrew
Differential Revision: https://reviews.freebsd.org/D24787
2020-10-12 11:27:08 +00:00
Alex Richardson
cf084e9e92 Enable SUBDIR_PARELLEL in lib/libclang_rt
I noticed that this part of the build was taking much longer than
expected. Turns out it's due to not running the subdirs in parallel.
Reduces `make all` inside lib/libclang_rt time from 63s to 20s with -j32.

Reviewed By:	dim
Differential Revision: https://reviews.freebsd.org/D26623
2020-10-12 10:42:33 +00:00
Alex Richardson
e5ccad508b Fix build with -DBOOTSTRAP_ALL_TOOLS
sbin/sysctl can no longer be bootstrapped on FreeBSD 12 after r366465,
so create a symlink to the host tool instead of trying to build it.
2020-10-12 10:42:28 +00:00
Alex Richardson
5ce117c698 Fix buildworld on Linux/macOS after nvi update
This re-applies r365941 which was lost in the nvi update.
2020-10-12 10:42:24 +00:00
Alex Richardson
c3d67d6cf0 Don't use install(1) for the library symlinks in the build directory
It appears this was changed from ln to use install in rS245752. I noticed
this because my buildenv was setting INSTALL=install -U -M //METALOG
and then these links fail to be created with the following error:
install: open //METALOG: Permission denied

Reviewed By:	brooks
Differential Revision: https://reviews.freebsd.org/D26618
2020-10-12 10:42:19 +00:00
Alex Richardson
c2ca066705 Fix building on Linux/macOS after r366622
We have to bootstrap arc4random.c, so guard the FenestrasX code to avoid
using it on Linux/macOS.

Reviewed By:	cem
Differential Revision: https://reviews.freebsd.org/D26738
2020-10-12 10:42:14 +00:00
Toomas Soome
c50f409c15 loader: edd_device_path_v3 is too small
The EDD v3[1], see table 13, page 33, does define device path as double
qword, that is, 16 bytes, we have only qword.

Also remove edd_device_path_v4 and edd_params_v4 because those are not used,
and there is no size difference in v3 versus v4.

[1] http://www.t13.org/documents/UploadedDocuments/docs2004/d1572r3-EDD3.pdf

MFC after:	2 weeks
2020-10-12 09:34:50 +00:00
Warner Losh
af928ad562 systm.h: forward declare ucred for _STANDALONE too
There's a number of types we forward declare for the kernel. We need
struct ucred for the ZSTD ZFS integration, so go ahead and forward
declare it here too.
2020-10-12 05:56:29 +00:00
Emmanuel Vadot
7113afc84c 10Gigabit Ethernet driver for AMD SoC
This patch has the driver for 10Gigabit Ethernet controller in AMD
SoC. This driver is written compatible to the Iflib framework. The
existing driver is for the old version of hardware. The submitted
driver here is for the recent versions of the hardware where the Ethernet
controller is PCI-E based.

Submitted by:	Rajesh Kumar <rajesh1.kumar@amd.com>
MFC after:	1 month
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D25793
2020-10-11 16:01:16 +00:00
Alexey Dokuchaev
53098f0e28 The nextboot(8) manual page currently says that the loader(8) would delete
the /boot/nextboot.conf file or its contents which is 1) not the most user-
friendly way of working with custom configurations, and 2) simply not true
for both Forth and Lua implementations: they would not delete it, but just
change the setting to "NO", that is, disable it.

While at it, add one missing serial (Oxford) comma and fix some bogus line
wraps along the way.

Approved by:	bcr (manpages)
Differential Revision:	https://reviews.freebsd.org/D25971
2020-10-11 10:40:11 +00:00
Bjoern A. Zeeb
506512b170 ip_mroute: fix the viftable export sysctl
It seems that in r354857 I got more than one thing wrong.
Convert the SYSCTL_OPAQUE to a SYSCTL_PROC to properly export the these
days allocated and not longer static per-vnet viftable array.
This fixes a problem with netstat -g which would show bogus information
for the IPv4 Virtual Interface Table.

PR:		246626
Reported by:	Ozkan KIRIK (ozkan.kirik gmail.com)
MFC after:	3 days
2020-10-11 00:01:00 +00:00
Conrad Meyer
f8e8a06d23 random(4) FenestrasX: Push root seed version to arc4random(3)
Push the root seed version to userspace through the VDSO page, if
the RANDOM_FENESTRASX algorithm is enabled.  Otherwise, there is no
functional change.  The mechanism can be disabled with
debug.fxrng_vdso_enable=0.

arc4random(3) obtains a pointer to the root seed version published by
the kernel in the shared page at allocation time.  Like arc4random(9),
it maintains its own per-process copy of the seed version corresponding
to the root seed version at the time it last rekeyed.  On read requests,
the process seed version is compared with the version published in the
shared page; if they do not match, arc4random(3) reseeds from the
kernel before providing generated output.

This change does not implement the FenestrasX concept of PCPU userspace
generators seeded from a per-process base generator.  That change is
left for future discussion/work.

Reviewed by:	kib (previous version)
Approved by:	csprng (me -- only touching FXRNG here)
Differential Revision:	https://reviews.freebsd.org/D22839
2020-10-10 21:52:00 +00:00
Conrad Meyer
10b1a17594 arc4random(9): Integrate with RANDOM_FENESTRASX push-reseed
There is no functional change for the existing Fortuna random(4)
implementation, which remains the default in GENERIC.

In the FenestrasX model, when the root CSPRNG is reseeded from pools due to
an (infrequent) timer, child CSPRNGs can cheaply detect this condition and
reseed.  To do so, they just need to track an additional 64-bit value in the
associated state, and compare it against the root seed version (generation)
on random reads.

This revision integrates arc4random(9) into that model without substantially
changing the design or implementation of arc4random(9).  The motivation is
that arc4random(9) is immediately reseeded when the backing random(4)
implementation has additional entropy.  This is arguably most important
during boot, when fenestrasX is reseeding at 1, 3, 9, 27, etc., second
intervals.  Today, arc4random(9) has a hardcoded 300 second reseed window.
Without this mechanism, if arc4random(9) gets weak entropy during initial
seed (and arc4random(9) is used early in boot, so this is quite possible),
it may continue to emit poorly seeded output for 5 minutes.  The FenestrasX
push-reseed scheme corrects consumers, like arc4random(9), as soon as
possible.

Reviewed by:	markm
Approved by:	csprng (markm)
Differential Revision:	https://reviews.freebsd.org/D22838
2020-10-10 21:48:06 +00:00
Conrad Meyer
a3c41f8bfb Add "Fenestras X" alternative /dev/random implementation
Fortuna remains the default; no functional change to GENERIC.

Big picture:
- Scalable entropy generation with per-CPU, buffered local generators.
- "Push" system for reseeding child generators when root PRNG is
  reseeded.  (Design can be extended to arc4random(9) and userspace
  generators.)
- Similar entropy pooling system to Fortuna, but starts with a single
  pool to quickly bootstrap as much entropy as possible early on.
- Reseeding from pooled entropy based on time schedule.  The time
  interval starts small and grows exponentially until reaching a cap.
  Again, the goal is to have the RNG state depend on as much entropy as
  possible quickly, but still periodically incorporate new entropy for
  the same reasons as Fortuna.

Notable design choices in this implementation that differ from those
specified in the whitepaper:
- Blake2B instead of SHA-2 512 for entropy pooling
- Chacha20 instead of AES-CTR DRBG
- Initial seeding.  We support more platforms and not all of them use
  loader(8).  So we have to grab the initial entropy sources in kernel
  mode instead, as much as possible.  Fortuna didn't have any mechanism
  for this aside from the special case of loader-provided previous-boot
  entropy, so most of these sources remain TODO after this commit.

Reviewed by:	markm
Approved by:	csprng (markm)
Differential Revision:	https://reviews.freebsd.org/D22837
2020-10-10 21:45:59 +00:00
Gordon Bergling
7f78912159 pnfsdsfile(8): Remove dublicate word 'the'
MFC after:	1 week
2020-10-10 14:38:01 +00:00
Gordon Bergling
2911dc6cea cxgbetool(8): Remove dublicate word 'whether'
MFC after:	1 week
2020-10-10 14:36:16 +00:00
Gordon Bergling
5be4c726f0 man5: Fix a few typos spotted by igor
- fstab(5): conjuction -> conjunction
- mount.conf(5): repeated 'the'
- periodic.conf(5): Partion ->  Partition

MFC after:	1 week
2020-10-10 14:20:07 +00:00
Gordon Bergling
05c207e9e0 ls(1): Use \& as an escape character for the ',' option
Reported by:	karels@, xtouqh at hotmail dot com
MFC after:	1 day
2020-10-10 13:39:13 +00:00
Gordon Bergling
4c3191b2d1 cpuset(1): Fix a typo
- 'at at' -> 'at a'

MFC after:	1 week
2020-10-10 13:01:04 +00:00
Gordon Bergling
2090cb10b3 sigevent(3): Fix a typo
- asychronous -> asynchronous

MFC after:	1 week
2020-10-10 12:06:39 +00:00
Gordon Bergling
15a478b3e8 dtrace_audit(4): Fix a typo
- asynchonously -> asynchronously

MFC after:	1 week
2020-10-10 12:05:54 +00:00
Emmanuel Vadot
e63faa9ba8 arm: Check dtb version against the one we're expecting to find
Reviewed by:	imp, emaste, mmel
Differential Revision:	https://reviews.freebsd.org/D26725
2020-10-10 07:20:59 +00:00
Emmanuel Vadot
4a63c1c1ed Brand our DTS with the Linux version it was imported from
DTS must be synced with the kernel, add a freebsd,dts-version string in
the root node of each DTS that we compile so we can later in the kernel
check that it contain a correct value.

Reviewed by:	imp, mmel
Differential Revision:	https://reviews.freebsd.org/D26724
2020-10-10 07:18:51 +00:00
Mateusz Guzik
a4bcd20486 zfs: use cache_rename 2020-10-10 04:18:49 +00:00
Mateusz Guzik
dd28b379cb vfs: support lockless dirfd lookups 2020-10-10 03:48:17 +00:00
Ed Maste
49d48f45c8 modules/crypto: reenable assembly optimized skein implementation
r366344 corrected the optimized amd64 skein assembly implementation, so
we can now enable it again.

Also add a dependency on this Makefile for the skein_block object, so
that it will be rebuit (similar to r366362).

PR:		248221
Sponsored by:	The FreeBSD Foundation
2020-10-10 01:13:14 +00:00
Rick Macklem
2ffad162f3 Modify mountd.c so that it does not always malloc 4K for the map credentials.
r362163 upgraded mountd so that it could handle MAX_NGROUPS
groups for the anonymous user credentials (the ones provided by
-maproot and -mapall exports options).
The problem is that this resulted in every export structure growing by
about 4Kbytes, because the cr_groups field went from 16->MAX_NGROUPS.

This patch fixes this by only including a small 32 element cr_groups in the
structure and then malloc()'ng cr_groups when a larger one is needed.
The value of SMALLNGROUPS is arbitrarily set to 32, assuming most users
used by -maproot or -mapall will be in <= 32 groups.

Reviewed by:	kib, freqlabs
Differential Revision:	https://reviews.freebsd.org/D26521
2020-10-10 00:01:40 +00:00
Bryan Drewery
c2c6fb90e0 Use unlocked page lookup for inmem() to avoid object lock contention
Reviewed By:	kib, markj
Submitted by:	mlaier
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D26653
2020-10-09 23:49:42 +00:00
Navdeep Parhar
31deb3cc76 cxgbe(4): More fixes for the T6 FCS error counter.
r365732 was the first attempt to get an accurate count but it was
writing to some read-only registers to clear them and that obviously
didn't work.  Instead, note the counter's value when it is supposed to
be cleared and subtract it from future readings.

dev.<port>.stats.rx_fcs_error should not be serviced from the MPS
register for T6.

The stats.* sysctls should all use T5_PORT_REG for T5 and above.  This
must have been missed in the initial T5 support years ago.  Fix it while
here.

MFC after:	3 days
Sponsored by:	Chelsio Communications
2020-10-09 22:23:39 +00:00
Mateusz Guzik
deb1339f3f vfs: fix a panic when truncating comming from copy_file_range
Truncating requires an exclusive lock, but it was not taken if the
filesystem indicates support for shared writes. This only concerns
ZFS.

In particular fixes cp of files which have trailing holes.

Reported by:	bdrewery
2020-10-09 20:31:42 +00:00
John Baldwin
7e8bd70cff Don't invoke semunload() if seminit() fails during MOD_LOAD.
The module handler code invokes a MOD_UNLOAD event immediately if
MOD_LOAD fails.  The result was that if seminit() failed, semunload()
was invoked twice.  semunload() is not idempotent however and would
try to remove it's process_exit eventhandler twice resulting in a
panic.

Reviewed by:	kib, markj
Obtained from:	CheriBSD
MFC after:	1 month
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D26696
2020-10-09 20:20:42 +00:00
Gordon Bergling
3d265fce43 Fix a few mandoc issues
- skipping paragraph macro: Pp after Sh
- sections out of conventional order: Sh EXAMPLES
- whitespace at end of input line
- normalizing date format
2020-10-09 19:12:44 +00:00
Mateusz Guzik
eb88fed446 cache: fix vexec panic when racing against vgone
Use of dead_vnodeops would result in a panic instead of returning the intended
EOPNOTSUPP error.

While here make sure to abort, not just try to return a partial result.
The former allows the regular lookup to restart from scratch, while the latter
makes it stuck with an unusable vnode.

Reported by:	kevans
2020-10-09 19:10:00 +00:00
Gordon Bergling
b56d7f9663 bpf(4): Update the man page to reflect reality
PR:		131918
Submitted by:	guy at alum dot mit dot edu
Reviewed by:	gnn, gbe
Approved by:	gnn
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D25993
2020-10-09 15:50:50 +00:00
Warner Losh
6f6f0f286b Remove gratuitous use of '' around arguments
There's no need to use ' here, so remove it. This use causes no
problems, but is a bad example.
2020-10-09 15:45:34 +00:00
Warner Losh
df9e12ca3d Avoid using single quotes in arguments to logger.
Single quotes interfere with the workaround put in with r335753 and
aren't necessary in this case. I believe that all the underling issues
with r335753 have been corrected, but need to do more extensive
followup before reverting it as a bad idea.

PR: 240411
MFC After: 2 days (to give it time to get into 12.2)
2020-10-09 15:29:05 +00:00
Mark Johnston
6b43126f81 col(1): Fix a couple of bugs
- When flushing extra lines after all input has been processed, make
  sure that local state is reinitialized correctly.
- When -f is specified, make sure to end output with a full newline.
- Fix some style issues and update comments.
- Add some regression tests.

PR:		249308
Submitted by:	Yang Zhong <yzhong@freebsdfoundation.org>
MFC after:	3 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D26536
2020-10-09 15:27:37 +00:00
Mark Johnston
b0eefff78b syslogd: Avoid trimming host names in RFC 5424 mode
RFC 5424 says that implementations should log hostnames in FQDN
format.  Only trim host names in RFC 3164 mode.

PR:		250014
Submitted by:	Dmitry Wagin <dmitry.wagin@ya.ru>
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D26644
2020-10-09 15:19:29 +00:00
Gordon Bergling
812b09037d Fix a few mandoc issues
- whitespace at end of input line
- skipping paragraph macro: Pp at the end of Sh
- new sentence, new line
- consider using OS macro: Fx
- AUTHORS section without An macro
- skipping paragraph macro: Pp before Ss
2020-10-09 15:14:19 +00:00
Mitchell Horne
eff4c46e28 RISC-V LINT kernel config
Create the RISC-V NOTES and LINT files. As of r366559, LINT configs are
no longer generated but checked in to the tree.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D26502
2020-10-09 14:45:41 +00:00
Richard Scheffenegger
bfabdade5c Add DSCP support for network QoS to iscsi initiator.
Allow the DSCP codepoint also to be configurable
for the traffic in the direction from the initiator
to the target, such that writes and any requests
are also treated in the appropriate QoS class.

Reviewed by:	mav
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D26714
2020-10-09 14:33:09 +00:00
Gordon Bergling
6d6d6c3603 Fix a few mandoc issues
- no blank before trailing delimiter
- whitespace at end of input line
- sections out of conventional order
- normalizing date format
- AUTHORS section without An macro
2020-10-09 14:03:45 +00:00
Ruslan Bukin
72479f6bf9 Add iommu_get_dev_ctx() helper that allows to instantiate an iommu context
for a given device_t.

Submitted by:	andrew
Reviewed by:	kib
Sponsored by:	DARPA, AFRL
2020-10-09 13:11:14 +00:00
Richard Scheffenegger
4b72ae16ed Stop sending tiny new data segments during SACK recovery
Consider the currently in-use TCP options when
calculating the amount of new data to be injected during
SACK loss recovery. That addresses the effect that very small
(new) segments could be injected on partial ACKs while
still performing a SACK loss recovery.

Reported by:	Liang Tian
Reviewed by:	tuexen, chengc_netapp.com
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D26446
2020-10-09 12:44:56 +00:00
Richard Scheffenegger
868aabb470 Add IP(V6)_VLAN_PCP to set 802.1 priority per-flow.
This adds a new IP_PROTO / IPV6_PROTO setsockopt (getsockopt)
option IP(V6)_VLAN_PCP, which can be set to -1 (interface
default), or explicitly to any priority between 0 and 7.

Note that for untagged traffic, explicitly adding a
priority will insert a special 801.1Q vlan header with
vlan ID = 0 to carry the priority setting

Reviewed by:	gallatin, rrs
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D26409
2020-10-09 12:06:43 +00:00
Andrey V. Elsukov
39aff95fe2 Fix EINVAL message when CPU binding information is requested for IRQ.
`cpuset -g -x N` along with requested information always prints
message `cpuset: getdomain: Invalid argument'. The EINVAL is returned
from kern_cpuset_getdomain(), since it doesn't expect CPU_LEVEL_WHICH
and CPU_WHICH_IRQ parameters.

To fix the error, do not call cpuset_getdomain() when `-x' is specified.

MFC after:	1 week
2020-10-09 11:24:19 +00:00
Richard Scheffenegger
5432120028 Extend netstat to display TCP stack and detailed congestion state (2)
Extend netstat to display TCP stack and detailed congestion state

Adding the "-c" option used to show detailed per-connection
congestion control state for TCP sessions.

This is one summary patch, which adds the relevant variables into
xtcpcb. As previous "spare" space is used, these changes are ABI
compatible.

Reviewed by:	tuexen
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D26518
2020-10-09 10:55:19 +00:00
Richard Scheffenegger
0e5e35e322 Extend netstat to display TCP stack and detailed congestion state
Adding the "-c" option used to show detailed per-connection
congestion control state for TCP sessions.

This is one summary patch, which adds the relevant variables into
xtcpcb. As previous "spare" space is used, these changes are ABI
compatible.

Reviewed by:	tuexen
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D26518
2020-10-09 10:07:41 +00:00
Jung-uk Kim
f15e9afb1f MFV: r366539
Merge ACPICA 20200925.
2020-10-09 05:27:02 +00:00