270140 Commits

Author SHA1 Message Date
Brooks Davis
e5b0997650 freebsd32: add a union semun_old32
Use this for COMPAT7 support.  In practice it's the same as
union semun32 since the pointers become uint32_t's the it's more
symetric and is the logical thing to generate from semun_old.

Reviewed by:	kevans
2021-11-17 20:12:23 +00:00
Brooks Davis
6dcd7db176 freebsd32: fix type size of pointer array args
Make pointers to arrays of pointers `uint32_t *` so the sizes of the
array elements are correct.  In an ideal world we'd use something
like __ptr32 annotations instead.

Reviewed by:	kevans
2021-11-17 20:12:23 +00:00
Brooks Davis
465b80c04a freebsd32: thread IDs are int32_t
Thread IDs are of type long which means int32_t on 32-bit systems.
While this detail is handled without compat functions, expose it
here as code to generate prototypes from the default syscalls.master
will do so.

Reviewed by:	kevans
2021-11-17 20:12:23 +00:00
Brooks Davis
2e89f95d6a freebsd32: fix types on statfs syscalls
Rename struct statfs32 to struct ostatfs32 to mirror struct ostatfs.
These structs are use for COMPAT4 support.  Stop using struct statfs32
for modern implementations as struct statfs uses fixed-width types
and it the same on all architectures.

Reviewed by:	kevans
2021-11-17 20:12:23 +00:00
Brooks Davis
381f6804ec freebsd32: fix type of olstat arg
Reviewed by:	kevans
2021-11-17 20:12:23 +00:00
Brooks Davis
9946c920a4 freebsd32: wait6 and procctl take idtype_t
Reviewed by:	kevans
2021-11-17 20:12:23 +00:00
Brooks Davis
ddae7b9aaa freebsd32: use size_t where the default ABI does
While the caller will never pass a larger value, we can use size_t
due to it being unsigned.

Reviewed by:	kevans
2021-11-17 20:12:23 +00:00
Brooks Davis
70c9698f40 freebsd32: match ioctl type to default ABI
The command is a u_long and unsigned integers do not require special
handling. The data argument isn't a special structure, just use char *.

Reviewed by:	kevans
2021-11-17 20:12:22 +00:00
Brooks Davis
8ba369ed74 freebsd32: [gs]etitimer's which arg is an int
Reviewed by:	kevans
2021-11-17 20:12:22 +00:00
Brooks Davis
a944d28d0e freebsd32: sprinkle in missing consts
A number of syscalls have missing consts on their arguments relative to
the default syscalls.master.

Also, use timespec32 and timeval32 where appropriate.

No functional change.

Reviewed by:	kevans
2021-11-17 20:12:22 +00:00
Brooks Davis
43227e4c83 freebsd32: prototype gssd_syscall()
Nothing about the interface should prevent this from working so
go ahead and prototype it for consistency.

Reviewed by:	kevans
2021-11-17 20:12:22 +00:00
Brooks Davis
6de7c05379 freebsd32: name the ucontext struct __ucontext32
This matches the default ABI's struct __ucontext.

Reviewed by:	kevans
2021-11-17 20:12:22 +00:00
Brooks Davis
5fdbd21d08 freebsd32: rename freebsd4_freebsd32_sigreturn arg
Rename struct freebsd4_freebsd32_ucontext to struct freebsd4_ucontext32
allowing conversion from the default ABI's struct freebsd4_ucontext
by appending "32".  This has no practical effect as this type does not
actually exist.

Give freebsd4_freebsd32_sigreturn an ANSI C prototype.

Reviewed by:	kevans
2021-11-17 20:12:22 +00:00
Brooks Davis
85d1d2a675 syscalls: use struct siginfo rather than siginfo_t
This allows freebsd32 to use struct siginfo32 with an automatable
conversion.

Reviewed by:	kevans
2021-11-17 20:12:22 +00:00
Brooks Davis
f503288262 syscalls: fix type of osendmsg
osendmsg takes an struct omsghdr * not a void *.

Reviewed by:	kevans
2021-11-17 20:12:22 +00:00
Brooks Davis
2385f4d172 syscalls: use __socklen_t as appropriate
No functional change as __socklen_t is an int.

Obtained from:	CheriBSD

Reviewed by:	kevans
2021-11-17 20:12:22 +00:00
Brooks Davis
b64f3dc26c syscalls: [gs]etitimer takes an int which
Match the function decleration which takes an int not a signed int.
No functional change as the range of valid values is 0-2.

Obtained from: CheriBSD

Reviewed by:	kevans
2021-11-17 20:12:21 +00:00
Brooks Davis
b7fd86118f syscalls: sprinkle in const values
Add missing const qualifiers to a number of syscall arguments.

Obtained from:	CheriBSD

Reviewed by:	kevans
2021-11-17 20:12:21 +00:00
Brooks Davis
1739de97af makesyscalls: make strip_abi_prefix more robust
Allow strip_abi_prefix() to be called with nil and return nil in that
case.  This simplifies handling of RESERVED entries.

Reviewed by:	kevans
2021-11-17 20:12:21 +00:00
Mark Johnston
8a693ccf86 Export symbols from opensolaris.ko and dtrace.ko
Both modules provide many symbols used by various DTrace provider
modules, so just export everything.

MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2021-11-17 13:51:10 -05:00
Tom Marcoen
8406182dbe bridge(4): Fix spelling
PR:		237725
MFC after:	3 days
2021-11-17 12:52:30 -05:00
Allan Jude
2e946f8705 Fix ZFS module build
resolves: link_elf_obj: symbol abd_checksum_edonr_native undefined

The required module-build bits were originally identified in the
upstream pull request: https://github.com/openzfs/zfs/pull/12735
But were missed when the code was imported (since they are not
committed upstream).

X-MFC-With:	dae1713419a6, 09cd63416051
Submitted by:	freqlabs
Sponsored by:	Klara Inc.
2021-11-17 15:07:05 +00:00
Randall Stewart
97e28f0f58 tcp: Rack ack war with a mis-behaving firewall or nat with resets.
Previously we added ack-war prevention for misbehaving firewalls. This is
where the f/w or nat messes up its sequence numbers and causes an ack-war.
There is yet another type of ack war that we have found in the wild that is
like unto this. Basically the f/w or nat gets a ack (keep-alive probe or such)
and instead of turning the ack/seq around and adding a TH_RST it does something
real stupid and sends a new packet with seq=0. This of course triggers the challenge
ack in the reset processing which then sends in a challenge ack (if the seq=0 is within
the range of possible sequence numbers allowed by the challenge) and then we rinse-repeat.

This will add the needed tweaks (similar to the last ack-war prevention using the same sysctls and counters)
to prevent it and allow say 5 per second by default.

Reviewed by: Michael Tuexen
Sponsored by: Netflix Inc.
Differential Revision: https://reviews.freebsd.org/D32938
2021-11-17 09:45:51 -05:00
Stefan Eßer
09cd634160 zfs: fix commit dae1713419a6 merge openzfs/zfs@269b5dadc into main
Commit dae1713419a6 did not add two required lines for edonr specific
functionality to this file, causing kernel build failures if ZFS is
compiled in.

This commit should be included in an eventual MFC of dae1713419a6.
2021-11-17 13:16:39 +01:00
Martin Matuska
dae1713419 zfs: merge openzfs/zfs@269b5dadc (master) into main
Notable upstream pull request merges:
  #12285 Introduce a tunable to exclude special class buffers from L2ARC
  #12689 Check l2cache vdevs pending list inside the vdev_inuse()
  #12735 Enable edonr in FreeBSD
  #12743 FreeBSD: fix world build after de198f2
  #12745 Restore dirty dnode detection logic

Obtained from:	OpenZFS
OpenZFS commit:	269b5dadcfd1d5732cf763dddcd46009a332eae4
2021-11-17 09:39:40 +01:00
Kristof Provost
b6cbbcae40 m_get3(): actually use the selected zone
Reported by:	markj
2021-11-17 03:09:20 +01:00
Kristof Provost
8e492101ec pf: add COMPAT_FREEBSD13 for DIOCKEEPCOUNTERS
DIOCKEEPCOUNTERS used to overlap with DIOCGIFSPEEDV0, which has been
fixed in 14, but remains in stable/12 and stable/13.
Support the old, overlapping, call under COMPAT_FREEBSD13.

Reviewed by:	jhb
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D33001
2021-11-17 03:09:20 +01:00
Kristof Provost
4e85b64890 Add a COMPAT_FREEBSD13 kernel option
Use it wherever COMPAT_FREEBSD11 is currently specified.

Reviewed by:	jhb (previous version)
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D33005
2021-11-17 03:08:40 +01:00
Kristof Provost
23e1961e78 riscv: add COMPAT_FREEBSD12 option
Turn on compat option for older FreeBSD versions (i.e. 12). We do not
enable the compat options for 11 or older because riscv was never
supported in those versions.

Reviewed by:	jrtc27 (previous version)
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D33015
2021-11-17 03:08:14 +01:00
Rick Macklem
5509bad74e nfsd: Add a new rc variable nfs_server_maxio
Since vfs.nfsd.srvmaxio can only be set when nfsd.ko
is loaded, but nfsd is not running, setting it in
/etc/sysctl.conf is not feasible when "options NFSD"
was not specified for the kernel.

This patch adds a new rc variable nfs_server_maxio,
which sets vfs.nfsd.srvmaxio at the correct time.

rc.conf.5 will be patched separately.

Reviewed by:	0mp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D32997
2021-11-16 16:02:53 -08:00
Warner Losh
d677d4be0c Skip -flto for all MIPS ports
There likely should be a macro for the ports that support lto, but I'm
making sure that all the mips things build before decommissioning it and
this is the only thing that's broken...

Sponsored by:		Netflix
2021-11-16 16:23:02 -07:00
Marcin Wojtas
bf410c6eda Revert "bsdinstall: add knob to set ASLR sysctls"
This reverts commit 020f4112559ebf7e94665c9a69f89d21929ce82a.

Because now ASLR is enabled by default for 64-bit architectures
and the purpose of the installation menu is to allow choosing
additional 'mitigation'/'hardening' options that are originally
disabled, remove the ASLR knob from bsdinstall.

Discussed with: emaste
Obtained from: Semihalf
Sponsored by: Stormshield
2021-11-16 23:16:10 +01:00
Marcin Wojtas
b014e0f15b Enable ASLR by default for 64-bit executables
Address Space Layout Randomization (ASLR) is an exploit mitigation
technique implemented in the majority of modern operating systems.
It involves randomly positioning the base address of an executable
and the position of libraries, heap, and stack, in a process's address
space. Although over the years ASLR proved to not guarantee full OS
security on its own, this mechanism can make exploitation more difficult.

Tests on the tier 1 64-bit architectures demonstrated that the ASLR is
stable and does not result in noticeable performance degradation,
therefore it should be safe to enable this mechanism by default.
Moreover its effectiveness is increased for PIE (Position Independent
Executable) binaries. Thanks to commit 9a227a2fd642 ("Enable PIE by
default on 64-bit architectures"), building from src is not necessary
to have PIE binaries. It is enough to control usage of ASLR in the
OS solely by setting the appropriate sysctls.

This patch toggles the kernel settings to use address map randomization
for PIE & non-PIE 64-bit binaries. It also disables SBRK, in order
to allow utilization of the bss grow region for mappings. The latter
has no effect if ASLR is disabled, so apply it to all architectures.

As for the drawbacks, a consequence of using the ASLR is more
significant VM fragmentation, hence the issues may be encountered
in the systems with a limited address space in high memory consumption
cases, such as buildworld. As a result, although the tests on 32-bit
architectures with ASLR enabled were mostly on par with what was
observed on 64-bit ones, the defaults for the former are not changed
at this time. Also, for the sake of safety keep the feature disabled
for 32-bit executables on 64-bit machines, too.

The committed change affects the overall OS operation, so the
following should be taken into consideration:
* Address space fragmentation.
* A changed ABI due to modified layout of address space.
* More complicated debugging due to:
  * Non-reproducible address space layout between runs.
  * Some debuggers automatically disable ASLR for spawned processes,
    making target's environment different between debug and
    non-debug runs.

In order to confirm/rule-out the dependency of any encountered issue
on ASLR it is strongly advised to re-run the test with the feature
disabled - it can be done by setting the following sysctls
in the /etc/sysctl.conf file:
kern.elf64.aslr.enable=0
kern.elf64.aslr.pie_enable=0

Co-developed by: Dawid Gorecki <dgr@semihalf.com>
Reviewed by: emaste, kib
Obtained from: Semihalf
Sponsored by: Stormshield
MFC after: 1 month
Differential revision: https://reviews.freebsd.org/D27666
2021-11-16 23:16:09 +01:00
Mark Johnston
32854e528a mbuf: Properly set the default value for mb_use_ext_pgs
Reported by:	Jenkins
Fixes:	fcaa890c4469 ("mbuf: Only allow extpg mbufs if the system has a direct map")
Pointy hat:	markj
2021-11-16 16:23:11 -05:00
Rich Ercolani
269b5dadcf
Enable edonr in FreeBSD
The code is integrated, builds fine, runs fine, there's not really
any reason not to.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Ryan Moeller <ryan@ixsystems.com>
Reviewed-by: Allan Jude <allan@klarasystems.com>
Reviewed-by: Tony Nguyen <tony.nguyen@delphix.com>
Signed-off-by: Rich Ercolani <rincebrain@gmail.com>
Closes #12735
2021-11-16 12:40:10 -07:00
Mark Johnston
756bb50b6a sctp: Remove now-unneeded mb_unmapped_to_ext() calls
sctp_delayed_checksum() now handles unmapped mbufs, thanks to m_apply().

No functional change intended.

Reviewed by:	tuexen
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32942
2021-11-16 13:38:09 -05:00
Mark Johnston
b4d758a0cc sctp: Use m_apply() to calcuate a checksum for an mbuf chain
m_apply() works on unmapped mbufs, so this will let us elide
mb_unmapped_to_ext() calls preceding sctp_calculate_cksum() calls in
the network stack.

Modify sctp_calculate_cksum() to assume it's passed an mbuf header.
This assumption appears to be true in practice, and we need to know the
full length of the chain.

No functional change intended.

Reviewed by:	tuexen, jhb
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32941
2021-11-16 13:36:30 -05:00
Mark Johnston
fcaa890c44 mbuf: Only allow extpg mbufs if the system has a direct map
Some upcoming changes will modify software checksum routines like
in_cksum() to operate using m_apply(), which uses the direct map to
access packet data for unmapped mbufs.  This approach of course does not
work on platforms without a direct map, so we have to disallow the use
of unmapped mbufs on such platforms.

I believe this is the right tradeoff: we only configure KTLS on amd64
and arm64 today (and one KTLS consumer, NFS TLS, requires a direct map
already), and the use of unmapped mbufs with plain sendfile is a recent
optimization.  If need be, m_apply() could be modified to create
CPU-private mappings of extpg mbuf pages as a fallback.

So, change mb_use_ext_pgs to be hard-wired to zero on systems without a
direct map.  Note that PMAP_HAS_DMAP is not a compile-time constant on
some systems, so the default value of mb_use_ext_pgs has to be
determined during boot.

Reviewed by:	jhb
Discussed with:	gallatin
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32940
2021-11-16 13:31:04 -05:00
Mark Johnston
42188bb5c1 unix: Remove a write-only local variable
Reported by:	clang
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2021-11-16 13:30:22 -05:00
Mark Johnston
4285655adb aesni: Avoid a potential out-of-bounds load in AES_GCM_encrypt()
Reported by:	Jenkins (KASAN job)
Reviewed by:	cem, jhb
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D33012
2021-11-16 13:30:22 -05:00
Colin Percival
231bac4ccc rtsol/rtsold: Add option to skip random delay
In accordance with a SHOULD in RFC 4861, rtsol and rtsold wait a
random time between zero and one (aka MAX_RTR_SOLICITATION_DELAY)
seconds before sending a Router Solicitation, in order to avoid
network congestion if many hosts come online at once.  (The
question of how many hosts would be required to cause congestion
by each sending a single packet on a Gbps+ network is left to the
reader.)

The new option -i disables this wait and instructs rtsol and rtsold
to send the Router Solicitation immediately.

Reviewed by:	bz, kp (earlier version)
MFC after:	1 week
Relnotes:	yes
Sponsored by:	https://www.patreon.com/cperciva
Differential Revision:	https://reviews.freebsd.org/D32956
2021-11-16 10:27:28 -08:00
Colin Percival
57a8fa6f01 kvmclock: Expose implied TSC frequency via sysctl
An interface was added to derive an implied TSC frequency from pvclock
in 2015, but this interface was never exposed anywhere user-visible.

Reviewed by:	kib, bryanv
Differential Revision:	https://reviews.freebsd.org/D32974
2021-11-16 10:27:27 -08:00
Colin Percival
1580afcd6e randomdev: Remove 100 ms sleep from write routine
This was introduced in 2014 along with the comment (which has since
been deleted):
	/* Introduce an annoying delay to stop swamping */

Modern cryptographic random number generators can ingest arbitrarily
large amounts of non-random (or even maliciously selected) input
without losing their security.

Depending on the number of "boot entropy files" present on the system,
this can speed up the boot process by up to 1 second.

Reviewed by:	cem
MFC ater:	1 week
Sponsored by:	https://www.patreon.com/cperciva
Differential Revision:	https://reviews.freebsd.org/D32984
2021-11-16 10:27:27 -08:00
Konstantin Belousov
c34a5148e8 ffs: fix newly introduced LOR between mntfs vnode lock and topology lock
The mntfs vnode lock should be before topology, as established in
ffs_mountfs().  Extend the locked region in ffs_unmount().

Reported and reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D33013
2021-11-16 20:01:31 +02:00
John Baldwin
16bea05ac3 ktls: Split encrypt vs decrypt OCF counters.
Reviewed by:	gallatin, markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D33006
2021-11-16 09:58:52 -08:00
John Baldwin
694c708d6a ktls tests: Check the return values of close().
Suggested by:	markj
Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D33004
2021-11-16 09:56:15 -08:00
John Baldwin
d71830cdf0 ktls: Use ATF_REQUIRE instead of assert() for validating TLS header lengths.
The TLS header length field is set by the kernel, so if it is
incorrect that is an indication of a kernel bug, not an internal error
in the tests.

Prompted by:	markj (comment in an earlier review)
Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D33003
2021-11-16 09:56:15 -08:00
Konstantin Belousov
8ef0c11e7c nfsclient: upgrade vnode lock in VOP_OPEN()/VOP_CLOSE() if we need to flush buffers
VOP_FSYNC() asserts that the vnode is exclusively locked for NFS.
If we try to execute file with recently modified content, the assert is
triggered.

Reviewed by:	rmacklem
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D32999
2021-11-16 19:13:29 +02:00
Martin Matuška
b8dcfb2c9f
FreeBSD: fix world build after de198f2d9
The inline function vn_flush_cached_data() in vnode.h
must not be compiled when building BASE.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Ryan Moeller <ryan@ixsystems.com>
Reviewed-by: Allan Jude <allan@klarasystems.com>
Signed-off-by: Martin Matuska <mm@FreeBSD.org>
Closes #12743
2021-11-15 09:07:39 -07:00
Damian Szuberski
8ac58c3f56
Fix zfs:AUTO autodetection in initramfs scripts
Don't exit early in find_rootfs() when zpool.bootfs
is set to `zfs:AUTO`.

Reviewed-by: Richard Laager <rlaager@wiktel.com>
Reviewed-by: Tony Nguyen <tony.nguyen@delphix.com>
Signed-off-by: szubersk <szuberskidamian@gmail.com>
Closes #12658
2021-11-13 08:02:50 -07:00