246416 Commits

Author SHA1 Message Date
Hans Petter Selasky
7272f9cd77 Implement hardware TLS via send tags for mlx5en(4), which is supported by
ConnectX-6 DX.

Currently TLS v1.2 and v1.3 with AES 128/256 crypto over TCP/IP (v4
and v6) is supported.

A per PCI device UMA zone is used to manage the memory of the send
tags.  To optimize performance some crypto contexts may be cached by
the UMA zone, until the UMA zone finishes the memory of the given send
tag.

An asynchronous task is used manage setup of the send tags towards the
firmware. Most importantly setting the AES 128/256 bit pre-shared keys
for the crypto context.

Updating the state of the AES crypto engine and encrypting data, is
all done in the fast path. Each send tag tracks the TCP sequence
number in order to detect non-contiguous blocks of data, which may
require a dump of prior unencrypted data, to restore the crypto state
prior to wire transmission.

Statistics counters have been added to count the amount of TLS data
transmitted in total, and the amount of TLS data which has been dumped
prior to transmission. When non-contiguous TCP sequence numbers are
detected, the software needs to dump the beginning of the current TLS
record up until the point of retransmission. All TLS counters utilize
the counter(9) API.

In order to enable hardware TLS offload the following sysctls must be set:
kern.ipc.mb_use_ext_pgs=1
kern.ipc.tls.ifnet.permitted=1
kern.ipc.tls.enable=1

Sponsored by:	Mellanox Technologies
2019-12-06 15:36:32 +00:00
Luiz Otavio O Souza
8cfe2a7ad3 Add the SPI driver for the Marvell Armada 37x0 SoC.
Interrupt based driver, implements SPI mode and clock configuration.

Tested on espressobin and SG-3200.

Sponsored by:	Rubicon Communications, LLC (Netgate)
2019-12-06 12:55:39 +00:00
Toomas Soome
fed13eb3e8 loader.efi: print ImageBase so we know where we are
Output a bit of debugging aid.
2019-12-06 09:50:29 +00:00
Ian Lepore
e214f286f0 Declare the global kernel symbols created by ldscript.arm in arm's machdep.h,
and remove a couple scattered local declarations.

Most of these aren't referenced in C code (there are some references in
asm code), and they also aren't documented anywhere.  This helps a bit
with the latter.
2019-12-06 03:48:35 +00:00
Alexander Motin
19cfcf253e Block ioctls for dying GEOM_DEV instances.
For normal I/Os consumer and provider statuses are checked by g_io_check().
But ioctl calls often do not go through it, being dispatched directly. This
change makes their semantics more alike, protecting lower levels.

MFC after:	2 weeks
2019-12-06 03:46:38 +00:00
Alexander Motin
6b3c68bf09 Make GEOM_DEV code slightly more compact.
Should be no functional change.

MFC after:	2 weeks
2019-12-06 03:18:37 +00:00
Scott Long
961aacb107 Move the mds, irbs, and ssb mitigation knobs into machdep.mitigations.
They're in both the old and new places in HEAD for the moment for
discussion and transition.  The old locations will be garbage collected
in 4 weeks.  MFCs to 12 an 11 will keep the old and new for transition
purposes.

Reviewed by:	kib
MFC after:	4 weeks
Sponsored by:	Intel
Differential Revision:	https://reviews.freebsd.org/D22590
2019-12-06 02:43:05 +00:00
Rick Macklem
8f9259a550 Add some definitions for NFSv4.2 which will be used by subsequent commits.
This is a preliminary commit of NFSv4.2 definitions that will be used by
subsequent commits which adds NFSv4.2 support to the NFS client and server.

There will be a series of these preliminary commits that will prepare for
a major commit of the NFSv4.2 client/server changes currently found in
subversion under projects/nfsv42/sys.
2019-12-06 01:53:02 +00:00
Alan Somers
67f72211dd gmultipath: add ATF tests
Add ATF tests for most gmultipath operations. Add some dtrace probes too,
primarily for configuration changes that happen in response to provider
errors.

PR:		178473
MFC after:	2 weeks
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D22235
2019-12-06 00:12:14 +00:00
Alan Somers
e083fb08b9 ses: sanitize illegal strings in SES element descriptors
The SES4r3 standard requires that element descriptors may only contain ASCII
characters in the range 0x20 to 0x7e.  Some SuperMicro expanders violate
that rule.  This patch adds a sanity check to ses(4).  Descriptors in
violation will be replaced by "<invalid>".

This patch fixes "sesutil --libxo xml" on such systems.  Previously it would
generate non-well-formed XML output.

PR:		241929
Reviewed by:	allanjude
MFC after:	2 weeks
Sponsored by:	Axcient
2019-12-06 00:06:05 +00:00
Scott Long
35228417b2 Add support for new sound HDA hardware
Sponsored by:	Intel
2019-12-05 19:39:51 +00:00
John Baldwin
0869dceb9d Add a new "riscv-relaxations" linker feature.
When the linker doesn't have this feature, add -mno-relax to CFLAGS
on RISC-V.

Define the feature for ld.bfd, but not lld.  If lld gains relaxation
support in a newer version, we can enable it for those versions of lld
in bsd.linker.mk.

Reviewed by:	mhorne
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D22659
2019-12-05 19:37:30 +00:00
Alan Cox
1bef4955bc On a context switch, handle the possibility that the old thread was
preempted after an "ic" or "tlbi" instruction but before it performed a
"dsb" instruction.  The "ic" and "tlbi" instructions have unusual
synchronization requirements.  If the old thread migrates to a new
processor, its completion of a "dsb" instruction on that new processor does
not guarantee that the "ic" or "tlbi" instructions performed on the old
processor have completed.

This issue is not restricted to the kernel.  Since locore.S sets the UCI bit
in SCTLR, user-space programs can perform "ic ivau" instructions (as well as
some forms of the "dc" instruction).

Reviewed by:	andrew, kib, markj, mmel
X-MFC with:	r355145
Differential Revision:	https://reviews.freebsd.org/D22622
2019-12-05 19:25:49 +00:00
John Baldwin
65d2f9c12b Use a void * argument to callout handlers instead of timeout_t casts.
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D22684
2019-12-05 18:47:29 +00:00
Kristof Provost
200424235e Remove useless NULL check
Coverity points out that we've already dereferenced m by the time we check, so
there's no reason to keep the check. Moreover, it's safe to pass NULL to
m_freem() anyway.

CID:		1019092
2019-12-05 16:50:54 +00:00
Kyle Evans
324cdd9320 release: chase ports r519089 (rpi-firmware update)
The recent rpi-firmware update renamed "0" to "zero" in the RPi0 DTB
filename

It also included the components needed to boot the RPi4, so install those
now -- interested parties can install sysutils/u-boot-rpi4 and copy
config_rpi4.txt to config.txt on the FAT partition in order to boot the
board. Do note that we currently don't support ethernet/usb/pci.

Reviewed by:	manu
MFC after:	3 days
2019-12-05 16:17:56 +00:00
Kyle Evans
6d69608c0a UPDATING: Add long-belated note about certs in base
While the interaction between this and the ETCSYMLINK option of
security/ca_root_nss isn't necessarily fatal, one should be aware and
attempt to understand the ramifications of mixing the two.

ports-secteam will be contacted to discuss the default option for branches
where certs are being included in base.
2019-12-05 15:32:33 +00:00
Konstantin Belousov
0cf6ff0a77 mlx5: Do not poke hardware for statistic after teardown is started.
Sponsored by:	Mellanox Technologies
MFC after:	1 week
2019-12-05 15:21:13 +00:00
Hans Petter Selasky
04f1690bf0 Add basic support for TCP/IP based hardware TLS offload to mlx5core.
The hardware offload is primarily targeted for TLS v1.2 and v1.3,
using AES 128/256 bit pre-shared keys. This patch adds all the needed
hardware structures, capabilites and firmware commands.

Sponsored by:	Mellanox Technologies
2019-12-05 15:16:19 +00:00
Alexander Motin
c4c88d4718 Remove duplicate g_debugflags declaration.
While there, define G_F_FOOTSHOOTING instead of numeric constants.

MFC after:	13 days
X-MFX-with:	r355412
2019-12-05 15:07:32 +00:00
Mateusz Guzik
befd3e35b3 sx: check for SX_LOCK_SHARED | SX_LOCK_WRITE_SPINNER when exclusive-locking
First, this removes a spurious difference compared to rw locks.
More importantly though this avoids a trip through sleepq code if the lock
happens to be caught in this state.
2019-12-05 13:43:44 +00:00
Mateusz Guzik
1e0006e49c nullfs: locklessly check for entries in null_hashget
During random sampling over poudriere -j 104 over 10% of calls returned NULL.
2019-12-05 13:41:22 +00:00
Mateusz Guzik
3eeb8a1fba vfs: remove 'active' variable from _vdrop
No functional changes.
2019-12-05 13:40:10 +00:00
Ed Maste
d003e0d7fe Update ELF Tool Chain to upstream r3769
This contains many small bugfixes and documentation improvements.

Sponsored by:	The FreeBSD Foundation
2019-12-05 13:20:15 +00:00
Alexander Motin
2efaef42e4 Wrap g_trace() into a macro to avoid unneeded calls.
In most cases with debug disabled this function does nothing, but argument
passing and the call still cost measurable time due to cache misses, etc.

MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
2019-12-05 04:52:19 +00:00
Ian Lepore
fcfe2d6633 Fix a trivial typo and add a missing word. 2019-12-05 04:18:22 +00:00
Alexander Motin
e61ed7983e Switch GEOM_DEV from make_dev_p() to make_dev_s().
It closes the race condition and so allows to remove few NULL checks.

Also while there, use dev->si_drv1 in addition to cp->private to store
softc pointer.  For calls coming from the dev side it gives reliable cache
hit instead of often miss before.

MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
2019-12-05 04:03:08 +00:00
Luiz Otavio O Souza
2b289d0bff Fix the build, use the correct include path.
Pointy hat to:	loos
2019-12-05 02:01:47 +00:00
Luiz Otavio O Souza
8a82d5675d Add the I2C driver for the Armada 37x0.
This controller is a bit tricky as the STOP condition must be indicated in
the last tranferred byte, some devices will not like the repeated start
behavior of this controller.  A proper fix to this issue is in the works.

This driver works in polling mode, can be used early in the boot (required
in some cases).

Tested on espressobin/SG-1100 and the SG-3200.

Obtained from:	pfSense
Sponsored by:	Rubicon Communications, LLC (Netgate)
2019-12-05 00:56:03 +00:00
Konstantin Belousov
a51c8071a3 Stop using per-mount tmpfs zones.
Requested and reviewed by:	jeff
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D22643
2019-12-05 00:03:17 +00:00
Rick Macklem
348d9b567e Add some definitions for NFSv4.2 which will be used by subsequent commits.
This is a preliminary commit of NFSv4.2 definitions that will be used by
subsequent commits which adds NFSv4.2 support to the NFS client and server.

There will be a series of these preliminary commits that will prepare for
a major commit of the NFSv4.2 client/server changes currently found in
subversion under projects/nfsv42/sys.
2019-12-04 23:24:40 +00:00
Gleb Smirnoff
e5a084d020 Fix regression from r354484. Don't leak pcb lock if cr_canseeinpcb()
returns non-zero.

PR:		242415
2019-12-04 22:41:52 +00:00
Alexander Motin
61322a0a8a Mark some more hot global variables with __read_mostly.
MFC after:	1 week
2019-12-04 21:26:03 +00:00
John Baldwin
18cf0a022e Use "far" calls and branches so that lld uses valid relocations.
Conditional branch and jump instructions do not always call via PLT
stubs and thus will not honor LD_PRELOAD, etc.  lld warns about using
non-preemptible relocations for preemptible or unknown symbols whereas
bfd does not (at least for RISC-V).

Reviewed by:	br, James Clarke
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D22658
2019-12-04 21:01:13 +00:00
John Baldwin
c0acb84da7 Use a single 'ld' to read the jmpbuf magic values instead of 'la; ld'.
This saves an instruction in each case as well as an extra memory
indirection via the GOT for PIC code.

Reviewed by:	br, James Clarke
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D22656
2019-12-04 20:50:49 +00:00
John Baldwin
3487d66820 Define __SOFT_FP__ for riscv64sf to avoid infinite recursion.
Submitted by:	James Clarke <jrtc27@jrtc27.com>
Reviewed by:	imp
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D22660
2019-12-04 20:18:12 +00:00
Ryan Libby
ec66aadd2b bistring: avoid gcc -Wsign-compare
Appease gcc after after r355377, which broke gcc builds.

Reviewed by:	dougm
MFC with:	r355377
Differential Revision:	https://reviews.freebsd.org/D22682
2019-12-04 20:15:17 +00:00
Mark Johnston
ed2f945a39 Fix an off-by-one error in vm_map_pmap_enter().
If the starting pindex is equal to object->size, there is nothing to do.
This was harmless since the rest of vm_map_pmap_enter() has no effect
when psize == 0.

Submitted by:	Wuyang Chung <wuyang.chung1@gmail.com>
Reviewed by:	alc, dougm, kib
MFC after:	1 week
Github PR:	https://github.com/freebsd/freebsd/pull/417
Differential Revision:	https://reviews.freebsd.org/D22678
2019-12-04 19:46:48 +00:00
Andrew Turner
b75c4efcd2 Fix the signature for zone_import and zone_release
These are cast to uma_import and uma_release functions. Use the signature
for these in the zone functions.

This was found with an experimental Kernel CFI. It will complain if the
signature is different than what a function pointer expects. The
simplest way to fix these is to correct the signature.

Reviewed by:	rlibby
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D22671
2019-12-04 18:40:05 +00:00
Dimitry Andric
d8cad2f198 Merge commit 241cbf201 from llvm git (by Nemanja Ivanovic):
[PowerPC] Fix crash in peephole optimization

  When converting reg+reg shifts to reg+imm rotates, we neglect to
  consider the CodeGenOnly versions of the 32-bit shift mnemonics. This
  means we produce a rotate with missing operands which causes a crash.

  Committing this fix without review since it is non-controversial that
  the list of mnemonics to consider should include the 64-bit aliases
  for the exact mnemonics.

  Fixes PR44183.

This should fix "Assertion failed: (idx < size()), function operator[],
file /usr/src/contrib/llvm/include/llvm/ADT/SmallVector.h, line 153"
when building the graphics/mesa-dri port for the PowerPC64 ELFv2 ABI.

Reported by:	Alfredo Dal'Ava Júnior <alfredo.junior@eldorado.org.br>
MFC after:      1 month
X-MFC-With:     r353358
2019-12-04 18:38:50 +00:00
Ryan Libby
30be9685a3 mbuf zones: take out the trash
The mbuf zones were explicitly specifying the uma trash procedures on
zcreate, conditionally on INVARIANTS, because that used to be necessary
in order to get use-after-free checking for uma zones with non-empty
constructors or destructors.  After r355137 uma automatically invokes
the trash constructor and destructor as long as no init and fini are
specified.  This now allows the mbuf zones to pass their constructors
and destructors without needing to add on the uma trash procedures
conditionally.

Reviewed by:	cem, jhb, markj
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D22583
2019-12-04 18:21:29 +00:00
Warner Losh
f86e60008b Regularize my copyright notice
o Remove All Rights Reserved from my notices
o imp@FreeBSD.org everywhere
o regularize punctiation, eliminate date ranges
o Make sure that it's clear that I don't claim All Rights reserved by listing
  All Rights Reserved on same line as other copyright holders (but not
  me). Other such holders are also listed last where it's clear.
2019-12-04 16:56:11 +00:00
Warner Losh
a7147da9d4 Fix accidentally changed copyright year.
Noticed by: bapt@
2019-12-04 16:55:55 +00:00
Toomas Soome
b2665fe327 loader: clean up efipart filter expressions
Small cleanup based on illumos review.
2019-12-04 16:41:00 +00:00
Cy Schubert
d48778bb2a Chase r352304. The default rlimit memlock is no memory locking.
Reported by:	egypcio@
MFC after:	3 days
2019-12-04 15:04:06 +00:00
Li-Wen Hsu
0386b6c8a0 Fix arm64 build after r355373
Sponsored by:	The FreeBSD Foundation
2019-12-04 08:21:54 +00:00
Stefan Eßer
fce5d19d64 Remove "All rights reserved" phrase from copyright notes.
With the ratification of the Berne Convention in 2000, it became obsolete.

I have removed that phrase and the "(c)" only from files without copyright
claims by other parties. There are 2 files (pci.c, pci_private.h) that are
also claimed by Michael Smith <msmith@freebsd.org> and by BSDi, which have
therefore not been included in this commit.

When all member nations of the Buenos Aires Convention adopted the Berne
Convention, the phrase "All rights reserved" became unnecessary to assert
copyright. Remove it from files under my copyright.

There are 2 files (pci.c, pci_private.h) that) that do also bear msmith's
and BSDi's copyright. I have left them unchanged for now, since I do not
know whether they (or the legal successor in case of BSDi) would agree.
2019-12-04 08:03:33 +00:00
Bryan Drewery
efdd39d20d Use full path to sysctl(8) since /sbin is not in PATH.
X-MFC-With:	r355379
MFC after:	2 weeks
2019-12-04 04:01:53 +00:00
Justin Hibbits
ad73d2ab3f powerpc/booke: Fix some formatting errors in debug printfs
Use the right formats for the types given (vm_offset_t and vm_size_t are
both uint32_t on 32-bit platforms, and uint64_t on 64-bit platforms, and
match size_t in size, so we can use the size_t format as we do in other
similar code).

These were found by clang.
2019-12-04 03:51:30 +00:00
Bryan Drewery
3701dbc859 Run make in parallel.
This is mostly targetting the 'installconfig' phase of 'distribution'
which does a full tree walk.

MFC after:	 2 weeks
2019-12-04 03:44:50 +00:00