The kernel builds reproducibly, except for the time, date, user, and
hostname baked into the kernel (reported at startup and via the
kern.version sysctl for uname). Add a build knob to disable the
inclusion of this metadata.
Reviewed by: jhb
MFC after: 1 month
Relnotes: Yes
Sponsored by: Reproducible Builds World Summit 2, Berlin
Differential Revision: https://reviews.freebsd.org/D8809
Build metadata (username, hostname, etc.) prevents the FreeBSD kernel
from building reproducibly. Add an option to disable inclusion of that
metadata but retain the release information and SVN/git VCS details.
See https://reproducible-builds.org/ for additional background.
Reviewed by: bapt
Obtained from: NetBSD
MFC after: 1 month
Sponsored by: Reproducible Builds World Summit 2, Berlin
Differential Revision: https://reviews.freebsd.org/D4347
for IPv6.
It gets performance benefits from reduced number of checks. It doesn't
copy mbuf to be able send ICMPv6 error message, because it keeps mbuf
unchanged until the moment, when the route decision has been made.
It doesn't do IPsec checks, and when some IPsec security policies present,
ip6_input() uses normal slow path.
Reviewed by: bz, gnn
Obtained from: Yandex LLC
MFC after: 1 month
Sponsored by: Yandex LLC
Differential Revision: https://reviews.freebsd.org/D8527
Changes include modifications in kernel crash dump routines, dumpon(8) and
savecore(8). A new tool called decryptcore(8) was added.
A new DIOCSKERNELDUMP I/O control was added to send a kernel crash dump
configuration in the diocskerneldump_arg structure to the kernel.
The old DIOCSKERNELDUMP I/O control was renamed to DIOCSKERNELDUMP_FREEBSD11 for
backward ABI compatibility.
dumpon(8) generates an one-time random symmetric key and encrypts it using
an RSA public key in capability mode. Currently only AES-256-CBC is supported
but EKCD was designed to implement support for other algorithms in the future.
The public key is chosen using the -k flag. The dumpon rc(8) script can do this
automatically during startup using the dumppubkey rc.conf(5) variable. Once the
keys are calculated dumpon sends them to the kernel via DIOCSKERNELDUMP I/O
control.
When the kernel receives the DIOCSKERNELDUMP I/O control it generates a random
IV and sets up the key schedule for the specified algorithm. Each time the
kernel tries to write a crash dump to the dump device, the IV is replaced by
a SHA-256 hash of the previous value. This is intended to make a possible
differential cryptanalysis harder since it is possible to write multiple crash
dumps without reboot by repeating the following commands:
# sysctl debug.kdb.enter=1
db> call doadump(0)
db> continue
# savecore
A kernel dump key consists of an algorithm identifier, an IV and an encrypted
symmetric key. The kernel dump key size is included in a kernel dump header.
The size is an unsigned 32-bit integer and it is aligned to a block size.
The header structure has 512 bytes to match the block size so it was required to
make a panic string 4 bytes shorter to add a new field to the header structure.
If the kernel dump key size in the header is nonzero it is assumed that the
kernel dump key is placed after the first header on the dump device and the core
dump is encrypted.
Separate functions were implemented to write the kernel dump header and the
kernel dump key as they need to be unencrypted. The dump_write function encrypts
data if the kernel was compiled with the EKCD option. Encrypted kernel textdumps
are not supported due to the way they are constructed which makes it impossible
to use the CBC mode for encryption. It should be also noted that textdumps don't
contain sensitive data by design as a user decides what information should be
dumped.
savecore(8) writes the kernel dump key to a key.# file if its size in the header
is nonzero. # is the number of the current core dump.
decryptcore(8) decrypts the core dump using a private RSA key and the kernel
dump key. This is performed by a child process in capability mode.
If the decryption was not successful the parent process removes a partially
decrypted core dump.
Description on how to encrypt crash dumps was added to the decryptcore(8),
dumpon(8), rc.conf(5) and savecore(8) manual pages.
EKCD was tested on amd64 using bhyve and i386, mipsel and sparc64 using QEMU.
The feature still has to be tested on arm and arm64 as it wasn't possible to run
FreeBSD due to the problems with QEMU emulation and lack of hardware.
Designed by: def, pjd
Reviewed by: cem, oshogbo, pjd
Partial review: delphij, emaste, jhb, kib
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4712
Table to find if the hardware supports PSCI, and if so what method the
kernel should use to interact with it.
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
If bufring is used for per-TX ring descs, don't update "available"
counter, which is only used to help debugging.
MFC after: 1 week
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D8674
- Defined an abstract NVRAM I/O API (bhnd_nvram_io), decoupling NVRAM/SPROM
parsing from the actual underlying NVRAM data provider (e.g. CFE firmware
devices).
- Defined an abstract NVRAM data API (bhnd_nvram_data), decoupling
higher-level NVRAM operations (indexed lookup, data conversion, etc) from
the underlying NVRAM file format parsing/serialization.
- Implemented a new high-level bhnd_nvram_store API, providing indexed
variable lookup, pending write tracking, etc on top of an arbitrary
bhnd_nvram_data instance.
- Migrated all bhnd(4) NVRAM device drivers to the common bhnd_nvram_store
API.
- Implemented a common bhnd_nvram_val API for parsing/encoding NVRAM
variable values, including applying format-specific behavior when
converting to/from the NVRAM string representations.
- Dropped the now unnecessary bhnd_nvram driver, and moved the
broadcom/mips-specific CFE NVRAM driver out into sys/mips/broadcom.
- Implemented a new nvram_map file format:
- Variable definitions are now defined separately from the SPROM
layout. This will also allow us to define CIS tuple NVRAM
mappings referencing the common NVRAM variable definitions.
- Variables can now be defined within arbitrary named groups.
- Textual descriptions and help information can be defined inline
for both variables and variable groups.
- Implemented a new, compact encoding of SPROM image layout
offsets.
- Source-level (but not build system) support for building the NVRAM file
format APIs (bhnd_nvram_io, bhnd_nvram_data, bhnd_nvram_store) as a
userspace library.
The new compact SPROM image layout encoding is loosely modeled on Apple
dyld compressed LINKEDIT symbol binding opcodes; it provides a compact
state-machine encoding of the mapping between NVRAM variables and the SPROM
image offset, mask, and shift instructions necessary to decode or encode
the SPROM variable data.
The compact encoding reduces the size of the generated SPROM layout data
from roughly 60KB to 3KB. The sequential nature SPROM layout opcode tables
also simplify iteration of the SPROM variables, as it's no longer
neccessary to iterate the full NVRAM variable definition table, but
instead simply scan the SPROM revision's layout opcode table.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D8645
MAXPAGESIZE is not well defined by the GNU ld documentation.
Different linkers, and different versions of the same linker, use
different MAXPAGESIZE values. Current versions of GNU gold and LLVM's
lld use 4K. When set to 4K the kernel panics at boot due to an issue
with x86bios.
Here we want the kernel physaddr to be the amd64 superpage size, so use
that value (2MB) explicitly. With this change GNU gold and LLVM lld can
link a working amd64 kernel.
PR: 214718 (x86bios)
Differential Revision: https://reviews.freebsd.org/D8610
Adds VLAN and port management abilities for etherswitchcfg(8).
The code is conditionally enabled for now, because it is not necessary on
single ethernet use cases.
Obtained from: pfSense
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC (Netgate)
an invalid address. It is also unneeded on arm64 as we use the ARM Generic
Timer driver.
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
FDT attachment to a new file. A separate ACPI attachment will then be added
to allow arm64 servers with ACPI to use it over FDT.
This should also help with merging this with the ofwpci driver, with
further work needed to remove restrictions this driver places on resource
allocation.
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D7319
uart we need to handle both it and FDT, and as such we need to have an
architecture specific driver.
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D7796
on the AES-NI code, and modified as needed for use on ARMv8. When loaded
the driver will check the appropriate field in the id_aa64isar0_el1
register to see if AES is supported, and if so the probe function will
signal the driver should attach.
With this I have seen up to 2000Mb/s from the cryptotest test with a single
thread on a ThunderX Pass 2.0.
Reviewed by: imp
Obtained from: ABT Systems Ltd
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8297
While there, make param.h guess proper MACHINE_ARCH on hardfloat targets
correctly as well, so tools like bmake can get their defaults right.
This does not help the kernel case, since we compile them with forced
-msoft-float and need to override an incorrect guess by param.h.
Reviewed by: br
Differential Revision: https://reviews.freebsd.org/D8574
This makes the file name and the variable naming in the file consistent.
Reviewed by: sephe
Approved by: sephe (mentor)
MFC after: 1 week
Sponsored by: Microsoft
Add the dependency on pci explicitly for the pcib and vmbus drivers.
The related Makefiles are updated accordingly too.
Reviewed by: sephe
Approved by: sephe (mentor)
MFC after: 1 week
Sponsored by: Microsoft
.hg may reside above FreeBSD sources root. Provide function findvcs()
that will climb up and seek for presence of a VCS directory.
Reviewed by: imp (earlier version of the patch)
Hardfloat is now default (use riscv64sf as TARGET_ARCH
for softfloat).
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D8529
The feature enables us to pass through physical PCIe devices to FreeBSD VM
running on Hyper-V (Windows Server 2016) to get near-native performance with
low CPU utilization.
The patch implements a PCI bridge driver to support the feature:
1) The pcib driver talks to the host to discover device(s) and presents
the device(s) to FreeBSD's pci driver via PCI configuration space (note:
to access the configuration space, we don't use the standard I/O port
0xCF8/CFC method; instead, we use an MMIO-based method supplied by Hyper-V,
which is very similar to the 0xCF8/CFC method).
2) The pcib driver allocates resources for the device(s) and initialize
the related BARs, when the device driver's attach method is invoked;
3) The pcib driver talks to the host to create MSI/MSI-X interrupt
remapping between the guest and the host;
4) The pcib driver supports device hot add/remove.
Reviewed by: sephe
Approved by: sephe (mentor)
MFC after: 1 week
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D8332
Core kernel is always compiled with -msoft-float on all of our platforms,
make sure we follow the suit with trampoline as well.
Reviewed by: adrian, br, imp
Differential Revision: https://reviews.freebsd.org/D8507
Summary:
This implements part of the gpio-poweroff and gpio-restart device tree
bindings. Optional properties are not handled currently. It also currently
only supports level-triggered reset.
Reviewed By: gonzo
Differential Revision: https://reviews.freebsd.org/D8521
VSS stands for "Volume Shadow Copy Service". Unlike virtual machine
snapshot, it only takes snapshot for the virtual disks, so both
filesystem and applications have to aware of it, and cooperate the
whole VSS process.
This driver exposes two device files to the userland:
/dev/hv_fsvss_dev
Normally userland programs should _not_ mess with this device file.
It is currently used by the hv_vss_daemon(8), which freezes and
thaws the filesystem. NOTE: currently only UFS is supported, if
the system mounts _any_ other filesystems, the hv_vss_daemon(8)
will veto the VSS process.
If hv_vss_daemon(8) was disabled, then this device file must be
opened, and proper ioctls must be issued to keep the VSS working.
/dev/hv_appvss_dev
Userland application can opened this device file to receive the
VSS freeze notification, hold the VSS for a while (mainly to flush
application data to filesystem), release the VSS process, and
receive the VSS thaw notification i.e. applications can run again.
The VSS will still work, even if this device file is not opened.
However, only filesystem consistency is promised, if this device
file is not opened or is not operated properly.
hv_vss_daemon(8) is started by devd(8) by default. It can be disabled
by editting /etc/devd/hyperv.conf.
Submitted by: Hongjiang Zhang <honzhan microsoft com>
Reviewed by: kib, mckusick
MFC after: 3 weeks
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D8224
The default (512) wastes quite a bit of space which doesn't really buy
us much on highly embedded systems which don't take a lot of locks in
parallel.
This makes it at least build time configurable so people can experiment.
It's usefull for development (for netboot) and it also helps to boot
FreeBSD on some embeded platforms (where we must boot kernel directly,
without standard boot loader).
MFC after: 3 weeks
- Split driver in two parts: FDT and non-FDT
- Instead of reattach gpioled nodes to GPIO bus use
gpio_pin_get_by_ofw_idx and add ofwbus and simplebus as parrent buses
Reviewed by: loos
Differential Revision: https://reviews.freebsd.org/D8233
Bay Trail has three banks of GPIOs exposed to userland as /dev/gpiocN,
where N is 1, 2, and 3. Pins in each bank are pre-named to match names
on boards schematics: GPIO_S0_SCnn, GPIO_S0_NCnn, and GPIO_S5_nn.
Controller supports edge-triggered and level-triggered interrupts but
current version of the driver does not have interrupts support
Summary:
i.MX5 and PowerPC use a very similar eSDHC controller, which is also
similar to the uSDHC controller used by i.MX6. The imx_sdhci driver works
almost completely with PowerPC, with some minor tweaks.
There is one caveat with this: reset currently does not work on PowerPC, so has
been #ifdef'd out until this can be tracked down and fixed. If resets are done
the controller will timeout all data transactions. Without a reset, it appears
to work just fine.
This is part 3, following up r308186 and r308187.
Test Plan:
This has been tested on a PowerPC QorIQ P1022 board. It has not been
tested on i.MX, but no regressions are expected.
Reviewed By: imp
Differential Revision: https://reviews.freebsd.org/D8407
Upstream the BUF_TRACKING and FULL_BUF_TRACKING buffer debugging code.
This can be handy in tracking down what code touched hung bios and bufs
last. The full history is especially useful, but adds enough bloat that
it shouldn't be enabled in release builds.
Function names (or arbitrary string constants) are tracked in a
fixed-size ring in bufs. Bios gain a pointer to the upper buf for
tracking. SCSI CCBs gain a pointer to the upper bio for tracking.
Reviewed by: markj
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8366
A grant-table user-space device will allow user-space applications to map
and share grants (Xen way to share memory) among Xen domains. This grant
table user-space device has been tested with the QEMU Qdisk Xen backed.
Submitted by: jaggi
Reviewed by: royger
Differential review: https://reviews.freebsd.org/D7293