254718 Commits

Author SHA1 Message Date
Kristof Provost
a60100fdfc if: Remove ifnet_rwlock
It no longer serves any purpose, as evidenced by the fact that we never take it
without ifnet_sxlock.

Sponsored by:	Modirum MDPay
Differential Revision:	https://reviews.freebsd.org/D27278
2020-11-25 10:56:38 +00:00
Benedict Reuschling
6b8f0ba8e2 Drop superfluous "of" from the systat example. 2020-11-25 10:21:29 +00:00
Kyle Evans
d431dea5ac kern: cpuset: properly rebase when attaching to a jail
The current logic is a fine choice for a system administrator modifying
process cpusets or a process creating a new cpuset(2), but not ideal for
processes attaching to a jail.

Currently, when a process attaches to a jail, it does exactly what any other
process does and loses any mask it might have applied in the process of
doing so because cpuset_setproc() is entirely based around the assumption
that non-anonymous cpusets in the process can be replaced with the new
parent set.

This approach slightly improves the jail attach integration by modifying
cpuset_setproc() callers to indicate if they should rebase their cpuset to
the indicated set or not (i.e. cpuset_setproc_update_set).

If we're rebasing and the process currently has a cpuset assigned that is
not the containing jail's root set, then we will now create a new base set
for it hanging off the jail's root with the existing mask applied instead of
using the jail's root set as the new base set.

Note that the common case will be that the process doesn't have a cpuset
within the jail root, but the system root can freely assign a cpuset from
a jail to a process outside of the jail with no restriction. We assume that
that may have happened or that it could happen due to a race when we drop
the proc lock, so we must recheck both within the loop to gather up
sufficient freed cpusets and after the loop.

To recap, here's how it worked before in all cases:

0     4 <-- jail              0      4 <-- jail / process
|                             |
1                 ->          1
|
3 <-- process

Here's how it works now:

0     4 <-- jail             0       4 <-- jail
|                            |       |
1                 ->         1       5 <-- process
|
3 <-- process

or

0     4 <-- jail             0       4 <-- jail / process
|                            |
1 <-- process     ->         1

More importantly, in both cases, the attaching process still retains the
mask it had prior to attaching or the attach fails with EDEADLK if it's
left with no CPUs to run on or the domain policy is incompatible. The
author of this patch considers this almost a security feature, because a MAC
policy could grant PRIV_JAIL_ATTACH to an unprivileged user that's
restricted to some subset of available CPUs the ability to attach to a jail,
which might lift the user's restrictions if they attach to a jail with a
wider mask.

In most cases, it's anticipated that admins will use this to be able to,
for example, `cpuset -c -l 1 jail -c path=/ command=/long/running/cmd`,
and avoid the need for contortions to spawn a command inside a jail with a
more limited cpuset than the jail.

Reviewed by:	jamie
MFC after:	1 month (maybe)
Differential Revision:	https://reviews.freebsd.org/D27298
2020-11-25 03:14:25 +00:00
Kyle Evans
30b7c6f977 kern: cpuset: rename _cpuset_create() to cpuset_init()
cpuset_init() is better descriptor for what the function actually does. The
name was previously taken by a sysinit that setup cpuset_zero's mask
from all_cpus, it was removed in r331698 before stable/12 branched.

A comment referencing the removed sysinit has now also been removed, since
the setup previously done was moved into cpuset_thread0().

Suggested by:	markj
MFC after:	1 week
2020-11-25 02:12:24 +00:00
Kyle Evans
29d04ea8c3 kern: cpuset: allow cpuset_create() to take an allocated *setp
Currently, it must always allocate a new set to be used for passing to
_cpuset_create, but it doesn't have to. This is purely kern_cpuset.c
internal and it's sparsely used, so just change it to use *setp if it's
not-NULL and modify the two consumers to pass in the address of a NULL
cpuset.

This paves the way for consumers that want the unr allocation without the
possibility of sleeping as long as they've done their due diligence to
ensure that the mask will properly apply atop the supplied parent
(i.e. avoiding the free_unr() in the last failure path).

Reviewed by:	jamie, markj
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D27297
2020-11-25 01:42:32 +00:00
John Baldwin
a4a23d2137 Remove uses of CRIOGET in OCF tests after r368005.
Pointy hat to:	jhb
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D27367
2020-11-25 01:31:00 +00:00
John Baldwin
81870b54d6 Remove a reference to CRIOGET missed in r368005. 2020-11-25 01:09:58 +00:00
Kyle Evans
c7ef3490e2 kern: never restart syscalls calling closefp(), e.g. close(2)
All paths leading into closefp() will either replace or remove the fd from
the filedesc table, and closefp() will call fo_close methods that can and do
currently sleep without regard for the possibility of an ERESTART. This can
be dangerous in multithreaded applications as another thread could have
opened another file in its place that is subsequently operated on upon
restart.

The following are seemingly the only ones that will pass back ERESTART
in-tree:
- sockets (SO_LINGER)
- fusefs
- nfsclient

Reviewed by:	jilles, kib
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D27310
2020-11-25 01:08:57 +00:00
John Baldwin
688f8b822c Remove the cloned file descriptors for /dev/crypto.
Crypto file descriptors were added in the original OCF import as a way
to provide per-open data (specifically the list of symmetric
sessions).  However, this gives a bit of a confusing API where one has
to open /dev/crypto and then invoke an ioctl to obtain a second file
descriptor.  This also does not match the API used with /dev/crypto on
other BSDs or with Linux's /dev/crypto driver.

Character devices have gained support for per-open data via cdevpriv
since OCF was imported, so use cdevpriv to simplify the userland API
by permitting ioctls directly on /dev/crypto descriptors.

To provide backwards compatibility, CRIOGET now opens another
/dev/crypto descriptor via kern_openat() rather than dup'ing the
existing file descriptor.  This preserves prior semantics in case
CRIOGET is invoked multiple times on a single file descriptor.

Reviewed by:	markj
Relnotes:	yes
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D27302
2020-11-25 00:10:54 +00:00
John Baldwin
908dca3ef4 Pull the check for VM ownership into ppt_find().
This reduces some code duplication.  One behavior change is that
ppt_assign_device() will now only succeed if the device is unowned.
Previously, a device could be assigned to the same VM multiple times,
but each time it was assigned, the device's state was reset.

Reviewed by:	markj, grehan
MFC after:	2 weeks
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D27301
2020-11-24 23:56:33 +00:00
John Baldwin
1925586e03 Honor the disabled setting for MSI-X interrupts for passthrough devices.
Add a new ioctl to disable all MSI-X interrupts for a PCI passthrough
device and invoke it if a write to the MSI-X capability registers
disables MSI-X.  This avoids leaving MSI-X interrupts enabled on the
host if a guest device driver has disabled them (e.g. as part of
detaching a guest device driver).

This was found by Chelsio QA when testing that a Linux guest could
switch from MSI-X to MSI interrupts when using the cxgb4vf driver.

While here, explicitly fail requests to enable MSI on a passthrough
device if MSI-X is enabled and vice versa.

Reported by:	Sony Arpita Das @ Chelsio
Reviewed by:	grehan, markj
MFC after:	2 weeks
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D27212
2020-11-24 23:18:52 +00:00
John Baldwin
5f9740e399 Correct entries for manpages removed in r359374.
Reported by:	Yuri Pankov <yuripv@yuripv.dev>
Sponsored by:	Chelsio Communications
2020-11-24 22:52:12 +00:00
Alexander Motin
a6222dd789 Remove more legacy of parallel SCSI. 2020-11-24 22:43:27 +00:00
Jung-uk Kim
fe85238ef7 Remove support for SSLv3 from fetch(3).
Support for SSLv3 was already removed from OpenSSL (r361392).

Differential Revision:	https://reviews.freebsd.org/D24947
2020-11-24 22:10:33 +00:00
Simon J. Gerraty
960b77be8f Update dirdeps.mk et al to latest
Move some local tweaks to local.*.mk

Reviewed by:	bdrewery
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D27300
2020-11-24 21:45:38 +00:00
Jung-uk Kim
926ce35a7e Port rtsx(4) driver for Realtek SD card reader from OpenBSD.
This driver provides support for Realtek PCI SD card readers.  It attaches
mmc(4) bus on card insertion and detaches it on card removal.  It has been
tested with RTS5209, RTS5227, RTS5229, RTS522A, RTS525A and RTL8411B.  It
should also work with RTS5249, RTL8402 and RTL8411.

PR:			204521
Submitted by:		Henri Hennebert (hlh at restart dot be)
Reviewed by:		imp, jkim
Differential Revision:	https://reviews.freebsd.org/D26435
2020-11-24 21:28:44 +00:00
Jung-uk Kim
7e06495b9b Do not truncate the last character from serial number.
strlcpy() requires one more byte for the NULL character.

Submitted by:	Henri Hennebert (hlh at restart dot be)
MFC after:	3 days
2020-11-24 21:14:36 +00:00
Emmanuel Vadot
e6b9cee76b release: Merge the RPI2 and BEAGLEBONE image with the GENERICSD one
Both RPI2 and BEAGLEBONE are still popular and used arm boards.
Both u-boots can coexist as they are named differently and live in the
fat partition.
This leave us with only one image that can be used for both of those
boards and all the other ones supported by FreeBSD provided that you
install the correct u-boot on it.

Reviewed by:	imp
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D27283
2020-11-24 17:53:13 +00:00
Emmanuel Vadot
a3b4dcfd68 Release: arm: Remove config for old boards
All those board are impossible to buy nowadays and could boot using the
GENERICSD image after putting the correct u-boot on them.

Reviewed by:	imp
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D27282
2020-11-24 17:52:01 +00:00
Emmanuel Vadot
a2a0878362 arm: Remove old amlogic support
Remove the port for aml8726.
Kernel config was removed in r346096 and this port was never migrated
to GENERIC.
It is also impossible to obtain such hardware nowadays.

Reviewed by:	imp
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D27281
2020-11-24 17:51:10 +00:00
Emmanuel Vadot
48cfe64b83 arm: Remove old rockchip support
Remove the port for rk30xx.
Kernel config was removed in r346096 and this port was never migrated
to GENERIC.
It is also impossible to obtain such hardware nowadays and this code
don't provide anything beside booting.

Reviewed by:	imp
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D27280
2020-11-24 17:50:22 +00:00
Alexander Motin
5bcbd98c8b Update RQSFLAG_* definitions. 2020-11-24 17:37:12 +00:00
Kristof Provost
d5325f2f3c pf tests: provoke tag hashing panic
Attempt to provoke the panic fixed in r367987.

MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D27350
2020-11-24 17:32:49 +00:00
Mark Johnston
938a9d7c4f ata(4): Release the ioport resource if device initialization fails
PR:		251346
Submitted by:	janm@transactionware.com
MFC after:	1 week
2020-11-24 17:13:08 +00:00
Mark Johnston
78e1f68ee1 ping(8): Improve parameter validation
- Use strtonum(3) to simplify bounds checking of numeric parameters.
- Fix bounds checking when filling out packet data in "sweep" mode.

PR:		239974, 239977, 239978
Reported by:	Neeraj <neerajpal09@gmail.com>
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D25622
2020-11-24 17:12:40 +00:00
Mark Johnston
5d49283f88 pf: Make tag hashing more robust
tagname2tag() hashes the tag name before truncating it to 63 characters.
tag_unref() removes the tag from the name hash by computing the hash
over the truncated name.  Ensure that both operations compute the same
hash for a given tag.

The larger issue is a lack of string validation in pf(4) ioctl handlers.
This is intended to be fixed with some future work, but an extra safety
belt in tagname2hashindex() is worthwhile regardless.

Reported by:	syzbot+a0988828aafb00de7d68@syzkaller.appspotmail.com
Reviewed by:	kp
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D27346
2020-11-24 16:18:47 +00:00
Alexander Motin
384d27e04d Remove concept of mbox_sleep_ok.
It was broken by design and unused for years due to conflicts between
different threads, fighting for the same set of mailbox registers, not
designed for multiple requests at a time.  So either request has to be
synchronous and spin under the lock, or it should be sent asynchronously
through the queues as Mailbox Command IOCB or some other way.

This removes any OS specifics from the wait code, so it can be inlined.
2020-11-24 15:32:25 +00:00
Alexander Motin
1553bf11b9 Remove unneeded locking around xpt_bus_[de]register().
MFC after:	2 weeks
2020-11-24 14:05:52 +00:00
Emmanuel Vadot
219f1919ab arm64: Check if we have a map before checking the flags
This fixes amdgpu on arm64 where linuxkpi is calling id_mapped
and we call might_bounce without a map.
2020-11-24 14:05:35 +00:00
Hans Petter Selasky
caf4397197 Remove erradic assert after SVN r367149 in mlx5en(4).
The ratelimit tags may be shared, especially for unlimited TLS
traffic, and then the refcount is allowed to be greater than one
when freeing the send tag.

MFC after:	1 week
Sponsored by:	Mellanox Technologies // NVIDIA Networking
2020-11-24 13:07:59 +00:00
Cy Schubert
e5a307c6ac Fix a typo in a comment.
MFC after:	3 days
2020-11-24 06:42:32 +00:00
Alexander Motin
0f99cb55ff Implement request queue overflow protection.
Before this change in case of request queue overflow driver just froze the
device queue for 100ms to retry after.  It was pretty bad for performance.
This change introduces SIM queue freezing when free space on the request
queue drops below 255 entries (worst case of maximum I/O size S/G list),
checking for a chance to release it on I/O completion.  If the queue still
get overflowed somehow, the old mechanism is still in place, just with
delay reduced to 10ms.

With the earlier queue length increase overflows should not happen often,
but it is still easily reachable on synthetic tests.
2020-11-24 04:16:49 +00:00
Mateusz Guzik
f90d57b808 locks: push lock_delay_arg_init calls down
Minor cleanup to skip doing them when recursing on locks and so that
they can act on found lock value if need be.
2020-11-24 03:49:37 +00:00
Mateusz Guzik
094c148b7a sx: drop spurious volatile keyword 2020-11-24 03:48:44 +00:00
Alan Somers
f998d4c7a2 ping6: update usage text after r365547
MFC after:	2 weeks
2020-11-24 02:51:45 +00:00
Warner Losh
b7169662e3 Prefer Em to Ar for emphasis
Em is better than Ar if all we want to do is underline the text.

Submitted by: yuripv@
2020-11-23 18:37:19 +00:00
Mateusz Guzik
598f2b8116 dtrace: stop using eventhandlers for the part compiled into the kernel
Reviewed by:	kib, markj
Differential Revision:	https://reviews.freebsd.org/D27311
2020-11-23 18:27:21 +00:00
Mateusz Guzik
a9568cd2bc thread: stash domain id to work around vtophys problems on ppc64
Adding to zombie list can be perfomed by idle threads, which on ppc64 leads to
panics as it requires a sleepable lock.

Reported by:	alfredo
Reviewed by:	kib, markj
Fixes:	r367842 ("thread: numa-aware zombie reaping")
Differential Revision:	https://reviews.freebsd.org/D27288
2020-11-23 18:26:47 +00:00
Konstantin Belousov
4815f175d0 Linuxolator: Replace use of eventhandlers by sysent hooks.
Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D27309
2020-11-23 18:18:16 +00:00
Konstantin Belousov
87a9b18d22 Provide ABI modules hooks for process exec/exit and thread exit.
Exec and exit are same as corresponding eventhandler hooks.

Thread exit hook is called somewhat earlier, while thread is still
owned by the process and enough context is available.  Note that the
process lock is owned when the hook is called.

Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D27309
2020-11-23 17:29:25 +00:00
Gleb Popov
caeb270e9f bin/setfacl: Little refactoring, no functional change.
The acl_from_stat function accepts a stat_t * argument, but only uses its
st_mode field. There is no reason to pass the whole struct, so make it accept
a mode_t and rename the function to acl_from_mode.
Linux has non-standard acl_from_mode function in its libacl, so naming the
function this way may help discovering it during porting efforts.

Reviewed by:	tsoome, markj
Approved by:	markj
Differential Revision:	https://reviews.freebsd.org/D27292
2020-11-23 17:00:06 +00:00
Edward Tomasz Napierala
64cecc7a75 Replace paths in ctladm(8) examples with something sensible.
PR:		251181
Reviewed by:	0mp, rm, ygy
MFC after:	2 weeks
Sponsored by:	EPSRC
Differential Revision:	https://reviews.freebsd.org/D27249
2020-11-23 14:30:27 +00:00
Michal Meloun
9138770728 Ensure that the buffer is in nvme_single_map() mapped to single segment.
Not a functional change.

MFC after:	1 week
2020-11-23 14:30:22 +00:00
Edward Tomasz Napierala
cacb6b26c2 Assorted tweaks to hier(7): punctuation, some .Xr's, clarify wording.
Reviewed by:	0mp, bcr, imp
MFC after:	2 weeks
Sponsored by:	EPSRC
Differential Revision:	https://reviews.freebsd.org/D27248
2020-11-23 14:26:59 +00:00
Edward Tomasz Napierala
6f45fadf5a Make sbp(4) use xpt_alloc_ccb/xpt_free_ccb instead of malloc/free.
Reviewed by:	imp, mav
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26843
2020-11-23 13:05:11 +00:00
Edward Tomasz Napierala
cca5be248f Make tws(4) use xpt_alloc_ccb()/xpt_free_ccb() instead of malloc/free.
Reviewed by:	imp
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26841
2020-11-23 13:02:23 +00:00
Edward Tomasz Napierala
3bd46ad76d Don't check return from xpt_alloc_ccb() for being NULL; since it's not
the _nowait wariant, it cannot fail.

Suggested by:	mav
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
2020-11-23 12:59:56 +00:00
Edward Tomasz Napierala
2ef735f477 Make hptmv(4) use xpt_alloc_ccb/xpt_free_ccb instead of malloc/free.
Reviewed by:	imp, mav
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26842
2020-11-23 12:57:24 +00:00
Edward Tomasz Napierala
3df3c40de4 smartpqi: don't bzero the new ccb; xpt_alloc_ccb_nowait() already does that.
Reviewed by:	imp
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26838
2020-11-23 12:54:19 +00:00
Edward Tomasz Napierala
6feb84e8e7 arcmsr(4): don't bzero newly allocated ccb; xpt_alloc_ccb() already does that.
Reviewed by:	delphij, imp, ching2048@areca.com.tw
Tested by:	ching2048@areca.com.tw
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26840
2020-11-23 12:50:38 +00:00