241781 Commits

Author SHA1 Message Date
Jayachandran C.
87820437f9 arm64 nexus: remove incorrect warning
acpi_config_intr() will be called when an arm64 system booted with ACPI.
We do the interrupt mapping for ACPI interrupts in nexus_acpi_map_intr()
on arm64, so acpi_config_intr() has to just return success without
printing this error message.

Reviewed by:	andrew
Differential Revision:	https://reviews.freebsd.org/D19432
2019-05-26 23:04:21 +00:00
Michael Tuexen
bc35229fad When an ACK segment as the third message of the three way handshake is
received and support for time stamps was negotiated in the SYN/SYNACK
exchange, perform the PAWS check and only expand the syn cache entry if
the check is passed.
Without this check, endpoints may get stuck on the incomplete queue.

Reviewed by:		jtl@
MFC after:		3 days
Sponsored by:		Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D20374
2019-05-26 17:18:14 +00:00
Dimitry Andric
0b30b98f26 Pull in r361696 from upstream llvm trunk (by Sanjay Patel):
[SelectionDAG] soften assertion when legalizing narrow vector FP ops

  The test based on PR42010:
  https://bugs.llvm.org/show_bug.cgi?id=42010

  ...may show an inaccuracy for PPC's target defs, but we should not be
  so aggressive with an assert here. There's no telling what
  out-of-tree targets look like.

This fixes an assertion when building the graphics/mesa-dri port for
PowerPC64.

Reported by:	Mark Millard <marklmi26-fbsd@yahoo.com>
PR:		238082
MFC after:	3 days
2019-05-26 15:44:58 +00:00
Mateusz Piotrowski
7005cea324 ipheth.4: Explain how to manually configure USB tethering on Apple devices
Reviewed by:	danfe, hselasky
Approved by:	src (hselasky)
Differential Revision:	https://reviews.freebsd.org/D20353
2019-05-26 14:15:54 +00:00
Alexey Dokuchaev
0a16ee7544 Fix two errors reported by PVS Studio: V646 Consider inspecting the
application's logic.  It's possible that 'else' keyword is missing.

Reviewed by:	gallatin, np, pfg
Approved by:	pfg
Differential Revision:	https://reviews.freebsd.org/D20396
2019-05-26 12:41:03 +00:00
Li-Wen Hsu
d086d41363 Remove an uneeded indentation introduced in r223637 to silence gcc warnging
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2019-05-25 23:58:09 +00:00
Mark Johnston
d7bb6218a6 Remove pmap_pid_dump() from the i386 pmap.
It has not been compilable in a long time and doesn't seem very useful.

Suggested by:	kib
MFC after:	1 week
2019-05-25 23:36:20 +00:00
Li-Wen Hsu
60f043fe8e Remove an uneeded indentation introduced in r286196 to silence gcc warnging
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2019-05-25 21:57:01 +00:00
Edward Tomasz Napierala
0407410ba0 We don't really need two entries to describe how to deal with
optical drives in devfs.conf(5).

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2019-05-25 17:37:28 +00:00
Rodney W. Grimes
327477d6c5 Correctly align usage: output 2019-05-25 11:22:49 +00:00
Sean Eric Fagan
7cff9f3748 Add an AESNI-optimized version of the CCM/CBC cryptographic and authentication
code.  The primary client of this is probably going to be ZFS encryption.

Reviewed by:	jhb, cem
Sponsored by:	iXsystems Inc, Kithrup Enterprises
Differential Revision:	https://reviews.freebsd.org/D19298
2019-05-25 07:26:30 +00:00
Justin Hibbits
8cd3016c00 powerpc64/pmap: Reapply r334235 to OEA64 pmap, clearing HID0_RADIX
This was lost in the re-merger of ISA3 MMU into moea64_native.
2019-05-25 04:56:06 +00:00
Conrad Meyer
7cc8e55be6 virtio_pci(4): Fix typo in read_ivar method
Prior to this revision, vtpci's BUS_READ_IVAR method on VIRTIO_IVAR_SUBVENDOR
accidentally returned the PCI subdevice.

The typo seems to have been introduced with the original commit adding
VIRTIO_IVAR_{{SUB,}DEVICE,{SUB,}VENDOR} to virtio_pci.  The commit log and code
strongly suggest that the ivar was intended to return the subvendor rather than
the subdevice; it was likely just a copy/paste mistake.

Go ahead and rectify that.
2019-05-25 01:59:24 +00:00
Kirk McKusick
10519e1398 When using the destroy option to shut down a nop GEOM module, I/O
operations already in its queue were not being properly drained.
The GEOM framework does the queue draining, but the module needs
to wait for the draining to happen. The waiting is done by adding
a g_nop_providergone() function to wait for the I/O operations to
finish up. This change is similar to change -r345758 made to the
memory-disk driver.

Submitted by: Chuck Silvers
Tested by:    Chuck Silvers
MFC after:    1 week
Sponsored by: Netflix
2019-05-25 00:07:49 +00:00
Konstantin Belousov
59659e78e1 Fix too loose assert in pmap_large_unmap().
The upper bound for the valid address from the large map used
LARGEMAP_MAX_ADDRESS instead of LARGEMAP_MIN_ADDRESS.  Provide a
function-like macro for proper upper value.

Noted by:	markj
Reviewed by:	alc, markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D20386
2019-05-24 23:28:11 +00:00
Konstantin Belousov
f3dbf2ca4a Add PG_PS_PDP_FRAME symbol.
Similar to PG_FRAME and PG_PS_FRAME, it denotes the mask of the
physical address component of 1G superpage PDP entry.

Reviewed by:	alc, markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D20386
2019-05-24 23:26:17 +00:00
Conrad Meyer
5d0e829978 Disable intr_storm_threshold mechanism by default
The ixl.4 manual page has documented that the threshold falsely detects
interrupt storms on 40Gbit NICs as long ago as 2015, and we have seen
similar false positives with the ioat(4) DMA device (which can push GB/s).

For example, synthetic load can be generated with tools/tools/ioat
'ioatcontrol 0 200 8192 1 1000' (allocate 200x8kB buffers, generate an
interrupt for each one, and do this for 1000 milliseconds).  With
storm-detection disabled, the Broadwell-EP version of this device is capable
of generating ~350k real interrupts per second.

The following historical context comes from jhb@: Originally, the threshold
worked around incorrect routing of PCI INTx interrupts on single-CPU systems
which would end up in a hard hang during boot.  Since the threshold was
added, our PCI interrupt routing was improved, most PCI interrupts use
edge-triggered MSI instead of level-triggered INTx, and typical systems have
multiple CPUs available to service interrupts.

On the off chance that the threshold is useful in the future, it remains
available as a tunable and sysctl.

Reviewed by:	jhb
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D20401
2019-05-24 22:33:14 +00:00
John Baldwin
fb3bc59600 Restructure mbuf send tags to provide stronger guarantees.
- Perform ifp mismatch checks (to determine if a send tag is allocated
  for a different ifp than the one the packet is being output on), in
  ip_output() and ip6_output().  This avoids sending packets with send
  tags to ifnet drivers that don't support send tags.

  Since we are now checking for ifp mismatches before invoking
  if_output, we can now try to allocate a new tag before invoking
  if_output sending the original packet on the new tag if allocation
  succeeds.

  To avoid code duplication for the fragment and unfragmented cases,
  add ip_output_send() and ip6_output_send() as wrappers around
  if_output and nd6_output_ifp, respectively.  All of the logic for
  setting send tags and dealing with send tag-related errors is done
  in these wrapper functions.

  For pseudo interfaces that wrap other network interfaces (vlan and
  lagg), wrapper send tags are now allocated so that ip*_output see
  the wrapper ifp as the ifp in the send tag.  The if_transmit
  routines rewrite the send tags after performing an ifp mismatch
  check.  If an ifp mismatch is detected, the transmit routines fail
  with EAGAIN.

- To provide clearer life cycle management of send tags, especially
  in the presence of vlan and lagg wrapper tags, add a reference count
  to send tags managed via m_snd_tag_ref() and m_snd_tag_rele().
  Provide a helper function (m_snd_tag_init()) for use by drivers
  supporting send tags.  m_snd_tag_init() takes care of the if_ref
  on the ifp meaning that code alloating send tags via if_snd_tag_alloc
  no longer has to manage that manually.  Similarly, m_snd_tag_rele
  drops the refcount on the ifp after invoking if_snd_tag_free when
  the last reference to a send tag is dropped.

  This also closes use after free races if there are pending packets in
  driver tx rings after the socket is closed (e.g. from tcpdrop).

  In order for m_free to work reliably, add a new CSUM_SND_TAG flag in
  csum_flags to indicate 'snd_tag' is set (rather than 'rcvif').
  Drivers now also check this flag instead of checking snd_tag against
  NULL.  This avoids false positive matches when a forwarded packet
  has a non-NULL rcvif that was treated as a send tag.

- cxgbe was relying on snd_tag_free being called when the inp was
  detached so that it could kick the firmware to flush any pending
  work on the flow.  This is because the driver doesn't require ACK
  messages from the firmware for every request, but instead does a
  kind of manual interrupt coalescing by only setting a flag to
  request a completion on a subset of requests.  If all of the
  in-flight requests don't have the flag when the tag is detached from
  the inp, the flow might never return the credits.  The current
  snd_tag_free command issues a flush command to force the credits to
  return.  However, the credit return is what also frees the mbufs,
  and since those mbufs now hold references on the tag, this meant
  that snd_tag_free would never be called.

  To fix, explicitly drop the mbuf's reference on the snd tag when the
  mbuf is queued in the firmware work queue.  This means that once the
  inp's reference on the tag goes away and all in-flight mbufs have
  been queued to the firmware, tag's refcount will drop to zero and
  snd_tag_free will kick in and send the flush request.  Note that we
  need to avoid doing this in the middle of ethofld_tx(), so the
  driver grabs a temporary reference on the tag around that loop to
  defer the free to the end of the function in case it sends the last
  mbuf to the queue after the inp has dropped its reference on the
  tag.

- mlx5 preallocates send tags and was using the ifp pointer even when
  the send tag wasn't in use.  Explicitly use the ifp from other data
  structures instead.

- Sprinkle some assertions in various places to assert that received
  packets don't have a send tag, and that other places that overwrite
  rcvif (e.g. 802.11 transmit) don't clobber a send tag pointer.

Reviewed by:	gallatin, hselasky, rgrimes, ae
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D20117
2019-05-24 22:30:40 +00:00
John Baldwin
07e007e1ca Add initial support for 'qSupported' to the debug server.
This doesn't recognize any features yet, but does parse the features
string.  It advertises an arbitrary packet size of 4k.

Reviewed by:	markj, Scott Phillips <d.scott.phillips@intel.com>
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D20308
2019-05-24 22:11:37 +00:00
Alan Somers
65417f5e27 Remove "struct ucred*" argument from vtruncbuf
vtruncbuf takes a "struct ucred*" argument. AFAICT, it's been unused ever
since that function was first added in r34611. Remove it.  Also, remove some
"struct ucred" arguments from fuse and nfs functions that were only used by
vtruncbuf.

Reviewed by:	cem
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20377
2019-05-24 20:27:50 +00:00
Piotr Kubaj
57557e714e Add snd_hda(4) to GENERIC64 used by powerpc64.
amd64 also has snd_hda(4) in GENERIC.

Approved by:	jhibbits (src committer), linimon (mentor)
2019-05-24 20:01:59 +00:00
Simon J. Gerraty
2ef9ff7dd3 ficl pfopen: verify file
If the file is verified - do not allow write
otherwise do not allow read.

Add O_ACCMODE to stand.h

Reviewed by:	stevek, mindal_semihalf.com
MFC after:	3 days
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org/D20387
2019-05-24 19:43:38 +00:00
Leandro Lupori
d3f78f00db Make options MD_ROOT_MEM default on PPC64
Having this option enabled by default on PowerPC64 kernels makes
booting ISO images much easier when on PowerNV.

With it, the ISO may simply be given to the -i flag of kexec.
Better yet, the ISO may be loop mounted on PetitBoot and its
kernel may be used to load itself.

Without this option, booting ISOs on remote PPC64 machines usually
involve preparing a separate kernel, with this option enabled.
2019-05-24 18:41:31 +00:00
Kenneth D. Merry
e26059ca18 Fix FC-Tape bugs caused in part by r345008.
The point of r345008 was to reset the Command Reference Number (CRN)
in some situations where a device stayed in the topology, but had
changed somehow.

This can include moving from a switch connection to a direct
connection or vice versa, or a device that temporarily goes away
and comes back.  (e.g. moving to a different switch port)

There were a couple of bugs in that change:
- We were reporting that a device had not changed whenever the
  Establish Image Pair bit was not set.  That is not quite correct.
  Instead, if the Establish Image Pair bit stays the same (set or
  not), the device hasn't changed in that way.

- We weren't setting PRLI Word0 in the port database when a new
  device arrived, so comparisons with the old value for the
  Establish Image Pair bit weren't really possible.  So, make sure
  PRLI Word0 is set in the port database for new devices.

- We were resetting the CRN whenever the Establish Image Pair bit
  was set for a device, even when the device had stayed the same
  and the value of the bit hadn't changed.  Now, only reset the
  CRN for devices that have changed, not devices that sayed the
  same.

The result of all of this was that if we had a single FC device on
an FC port and it went away and came back, we would wind up
correctly resetting the CRN.

But, if we had multiple devices connected via a switch, and there
was any change in one or more of those devices, all of the devices
that stayed the same would also have their CRN values reset.

The result, from a user standpoint, is that the tape drives, etc.
would all start to time out commands and the initiator would send
aborts.

sys/dev/isp/isp.c:
	In isp_pdb_add_update(), look at whether the Establish
	Image Pair bit has changed as part of the check to
	determine whether a device is still the same.   This was
	causing erroneous change notifications.  Also, when
	creating a new port database entry, initialize the
	PRLI Word 0 values.

sys/dev/isp/isp_freebsd.c:
	In isp_async(), in the changed/stayed case, instead of
	looking at the Establish Image Pair bit to determine
	whether to reset the CRN, look at the command value.
	(Changed vs. Stayed.)  Only reset the CRN for devices
	that have changed.

Sponsored by:	Spectra Logic
MFC after:	3 days
2019-05-24 17:58:29 +00:00
Konstantin Belousov
a9c7546a1d Fix a corner case in demotion of kernel mappings.
It is possible for the kernel mapping to be created with superpage by
directly installing pde using pmap_enter_2mpage() without filling the
corresponding page table page.  This can happen e.g. if the range is
already backed by reservation and vm_fault_soft_fast() conditions are
satisfied, which was observed on the pipe_map.

In this case, demotion must fill the page obtained from the pmap
radix, same as if the page is newly allocated.  Use PG_PROMOTED bit as
an indicator that the page is valid, instead of the wire count of the
page table page.

Since the PG_PROMOTED bit is set on pde when we leave TLB entries for
4k pages around, which in particular means that the ptes were filled,
it provides more correct indicator.  Note that pmap_protect_pde()
clears PG_PROMOTED, which handles the case when protection was changed
on the superpage without adjusting ptes.

Reported by:	pho
In collaboration with:	alc
Tested by:	alc, pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D20380
2019-05-24 17:19:06 +00:00
Mark Johnston
707b2d6586 Modernize the MAKE_JUST_KERNELS hint in the top-level makefile.
It doesn't make sense to limit to -j12 anymore, build scalability
is better than it used to be.  Fold the hint into the description
of the universe target.

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D20342
2019-05-24 15:45:43 +00:00
Ed Maste
b7ebd3eff2 nanobsd: exclude .git (and .hg) in the same places we exclude .svn
Allow support of other VCSes.  Note that two other nanobsd files already
had a similar case, excluding .git and .hg in addition to CVS and .svn.

Sponsored by:	The FreeBSD Foundation
2019-05-24 15:21:23 +00:00
Andrey V. Elsukov
b1536a812b Restore IPV6_NEXTHOP option support that seem was partially broken
since r286195.

Do not forget results of route lookup and initialize rt and ifp pointers.

PR:		238098
Submitted by:	Masse Nicolas <nicolas.masse at stormshield eu>
MFC after:	1 week
2019-05-24 11:45:32 +00:00
Andrey V. Elsukov
05ab1ef64e Add missing and or-flush options to "ipfw table <NAME> create"
command to simplify firewall reloading.

The `missing` option suppresses EEXIST error code, but does check that
existing table has the same parameters as new one. The `or-flush` option
implies `missing` option and additionally does flush for table if it
is already exist.

Submitted by:	lev
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D18339
2019-05-24 11:06:24 +00:00
Li-Wen Hsu
2b32abd2b1 Correct the argument passed to g_eli_algo2str()
MFC with:	r348206
Sponsored by:	The FreeBSD Foundation
2019-05-24 06:49:47 +00:00
Andriy Gapon
ed3f0b8a21 amdgpio: small formatting cleanup
MFC after:	2 weeks
2019-05-24 06:07:33 +00:00
Andriy Gapon
cada7eafac amdgpio: fix reading status of input pins
AMD FCH GPIO controller uses different bits for setting the output level
and for reporting the input level.

MFC after:	2 weeks
2019-05-24 06:06:42 +00:00
Andriy Gapon
cfdb42f880 amdgpio: remove new line symbols from pin names
That made, for example, gpioc -l output quite hard to read and parse.

Also, fix formatting of a nearby statement with too long lines.

MFC after:	2 weeks
2019-05-24 06:02:51 +00:00
Xin LI
5e86bd6073 Remove kgzip and kgzldr.
PR:		183666, 229763
Submitted by:	Yoshihiro Ota <ota at j.email.ne.jp>
Differential Revision:	https://reviews.freebsd.org/D20248
2019-05-24 05:34:21 +00:00
Xin LI
a49818787d cryptodeflate: Drop z_stream zbuf.state->dummy from SDT probe.
For older versions of zlib, dummy was a workaround for compilers that do not
handle opaque type definition well; on FreeBSD, it's representing a value
that is not really useful for monitoring purposes, and the field would be gone
in newer zlib versions.

PR:		229763
Submitted by:	Yoshihiro Ota <ota at j.email.ne.jp>
Differential Revision:	https://reviews.freebsd.org/D20222
2019-05-24 02:44:15 +00:00
Kyle Evans
22554a341e bectl(8): Add a test for jail/unjail of numeric BE names
Fixed by r348215, bectl ujail first attempts the trivial fetch of a jid by
passing the first argument to 'ujail' to jail_getid(3) in case a jid/name
have been passed in instead of a BE name. For numerically named BEs, this
was doing the wrong thing: instead of failing to locate the jid specified
and falling back to mountpath search, jail_getid(3) would return the input
as-is.

While here, I've fixed bectl_jail_cleanup which still used a hard-coded pool
name that was overlooked w.r.t. other work that was in-flight around the
same time.

MFC after:	3 days
2019-05-24 01:53:45 +00:00
Warner Losh
48e3ba2f5a Display CPU model in dmesg on mips targets
Also, save the CPU model for atheros ar531x boards.

Submitted by: Hiroki Mori
Differential Revision: https://reviews.freebsd.org/D20371
2019-05-24 01:43:35 +00:00
Warner Losh
14b9f06b36 Make uniqueifier match the module definition. 2019-05-24 01:43:29 +00:00
Kyle Evans
a9cefddd40 jail_getid(3): validate jid string input
Currently, if jail_getid(3) is passed in a numeric string, it assumes that
this is a jid string and passes it back converted to an int without checking
that it's a valid/existing jid. This breaks consumers that might use
jail_getid(3) to see if it can trivially grab a jid from a name if that name
happens to be numeric but not actually the name/jid of the jail. Instead of
returning -1 for the jail not existing, it'll return the int version of the
input and the consumer will not fallback to trying other methods.

Pass the numeric input to jail_get(2) as the jid for validation, rather than
the name. This works well- the kernel enforces that jid=name if name is
numeric, so doing the safe thing and checking numeric input as a jid will
still DTRT based on the description of jail_getid.

Reported by:	Wes Maag
Reviewed by:	jamie, Wes Maag
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D20388
2019-05-24 01:28:07 +00:00
John Baldwin
1b52cd4553 Add support for writing to guest memory in the debug server.
- Add a write_mem counterpart to read_mem to handle writes to MMIO.
- Add support for the GDB 'M' packet to write bytes to the guest's
  memory.  For MMIO writes, attempt to batch writes up into words.
  This is imprecise, but if you write a single 2 or 4-byte aligned
  word, it should be treated as a single MMIO write operation.
- While here, tidy up the parsing of the 'm' command used for reading
  memory to match 'M'.

Reviewed by:	markj, Scott Phillips <d.scott.phillips@intel.com>
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D20307
2019-05-24 00:34:13 +00:00
John Baldwin
bebcdc0073 Add a constant for the LS config MSR on AMD CPUs.
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D19506
2019-05-23 23:37:11 +00:00
Jung-uk Kim
540a97e342 Initialize a variable to fix build with GCC. 2019-05-23 22:49:03 +00:00
John Baldwin
5c420aae3b Add deprecation warnings for weaker algorithms to geli(4).
- Triple DES has been formally deprecated in Kerberos (RFC 8429)
  and is soon to be deprecated in IPsec (RFC 8221).
- Blowfish is deprecated.  FreeBSD doesn't support its successor
  (Twofish).
- MD5 is generally considered a weak digest that has known attacks.

geli refuses to create new volumes using these algorithms via 'geli
init'.  It also warns when attaching to existing volumes or creating
temporary volumes via 'geli onetime' .  The plan is to fully remove
support for these algorithms in FreeBSD 13.

Note that none of these algorithms have ever been the default
algorithm used by geli(8).  Users would have had to explicitly select
these algorithms when creating volumes in the past.

Reviewed by:	cem, delphij
MFC after:	3 days
Relnotes:	yes
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D20344
2019-05-23 22:31:55 +00:00
John Baldwin
c2fd516f3a Add deprecation warnings for IPsec algorithms deprecated in RFC 8221.
All of these algorithms are either explicitly marked MUST NOT, or they
are implicitly MUST NOTs by virtue of not being included in IETF's
list of protocols at all despite having assignments from IANA.

Specifically, this adds warnings for the following ciphers:
- des-cbc
- blowfish-cbc
- cast128-cbc
- des-deriv
- des-32iv
- camellia-cbc

Warnings for the following authentication algorithms are also added:
- hmac-md5
- keyed-md5
- keyed-sha1
- hmac-ripemd160

Reviewed by:	cem, gnn
MFC after:	3 days
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D20340
2019-05-23 22:06:57 +00:00
Jung-uk Kim
fdb9b7af98 Remove yet another unused variable. 2019-05-23 22:01:05 +00:00
Conrad Meyer
00e0e488a0 random(4): deduplicate explicit_bzero() in harvest
Pull the responsibility for zeroing events, which is general to any
conceivable implementation of a random device algorithm, out of the
algorithm-specific Fortuna code and into the callers.  Most callers
indirect through random_fortuna_process_event(), so add the logic there.
Most callers already explicitly bzeroed the events they provided, so the
logic in Fortuna was mostly redundant.

Add one missing bzero in randomdev_accumulate().  Also, remove a redundant
bzero in the same function -- randomdev_hash_finish() is obliged to bzero
the hash state.

Reviewed by:	delphij
Approved by:	secteam(delphij)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D20318
2019-05-23 21:02:27 +00:00
Conrad Meyer
dc8f777787 uart_cpu_acpi: Fix GCC build break from r348195
extern declarations are redundant with those in uart_cpu.h, which this file
includes.

X-MFC-with:	r348195
2019-05-23 20:18:46 +00:00
Conrad Meyer
8298529226 EKCD: Add Chacha20 encryption mode
Add Chacha20 mode to Encrypted Kernel Crash Dumps.

Chacha20 does not require messages to be multiples of block size, so it is
valid to use the cipher on non-block-sized messages without the explicit
padding AES-CBC would require.  Therefore, allow use with simultaneous dump
compression.  (Continue to disallow use of AES-CBC EKCD with compression.)

dumpon(8) gains a -C cipher flag to select between chacha and aes-cbc.
It defaults to chacha if no -C option is provided.  The man page documents this
behavior.

Relnotes:	sure
Sponsored by:	Dell EMC Isilon
2019-05-23 20:12:24 +00:00
Emmanuel Vadot
8a2ad0aec8 loader: Remove unused variable
Reported by:	lwshu, ci@
2019-05-23 20:04:22 +00:00
Colin Percival
7f166c931e Use ACPI SPCR on x86
This takes the SPCR code currently in uart_cpu_arm64.c, moves it into
a new uart_cpu_acpi.c (with some associated refactoring), and uses it
from both arm64 and x86.

An SPCR serial port address AccessWidth field value of 0 ("reserved")
is now treated as 1 ("byte access") in order to work around a buggy
SPCR table on Amazon EC2 i3.metal instances.

Reviewed by:	manu, Greg V
MFC after:	3 days
Sponsored by:	https://www.patreon.com/cperciva
Differential Revision:	https://reviews.freebsd.org/D20357
2019-05-23 19:55:53 +00:00