249157 Commits

Author SHA1 Message Date
brooks
2144307d26 Improve wording of error message when CROSS_TOOLCHAIN is not found.
Reported by:	emaste, jhb
2018-02-26 19:02:11 +00:00
jhb
1eba2c6f7d Fix a typo: "now" -> "no". 2018-02-26 18:50:39 +00:00
kevans
de86fcf3f4 libsa: Partially revert r330023
The removal of tmo >= MAXTMO check should not have been done; this is
specifically what handles timeout if MAXWAIT == 0.

MFC after:	1 week
2018-02-26 18:24:24 +00:00
dab
f000e33bcb iconv uses strlen directly on user supplied memory
`iconv_sysctl_add` from `sys/libkern/iconv.c` incorrectly limits the
size of user strings, such that several out of bounds reads could have
been possible.

static int
iconv_sysctl_add(SYSCTL_HANDLER_ARGS)
{
	struct iconv_converter_class *dcp;
	struct iconv_cspair *csp;
	struct iconv_add_in din;
	struct iconv_add_out dout;
	int error;

	error = SYSCTL_IN(req, &din, sizeof(din));
	if (error)
		return error;
	if (din.ia_version != ICONV_ADD_VER)
		return EINVAL;
	if (din.ia_datalen > ICONV_CSMAXDATALEN)
		return EINVAL;
	if (strlen(din.ia_from) >= ICONV_CSNMAXLEN)
		return EINVAL;
	if (strlen(din.ia_to) >= ICONV_CSNMAXLEN)
		return EINVAL;
	if (strlen(din.ia_converter) >= ICONV_CNVNMAXLEN)
		return EINVAL;
...

Since the `din` struct is directly copied from userland, there is no
guarantee that the strings supplied will be NULL terminated. The
`strlen` calls could continue reading past the designated buffer
sizes.

Declaration of `struct iconv_add_in` is found in `sys/sys/iconv.h`:

struct iconv_add_in {
	int	ia_version;
	char	ia_converter[ICONV_CNVNMAXLEN];
	char	ia_to[ICONV_CSNMAXLEN];
	char	ia_from[ICONV_CSNMAXLEN];
	int	ia_datalen;
	const void *ia_data;
};

Our strings are followed by the `ia_datalen` member, which is checked
before the `strlen` calls:

if (din.ia_datalen > ICONV_CSMAXDATALEN)

Since `ICONV_CSMAXDATALEN` has value `0x41000` (and is `unsigned`),
this ensures that `din.ia_datalen` contains at least 1 byte of 0, so
it is not possible to trigger a read out of bounds of the `struct`
however, this code is fragile and could introduce subtle bugs in the
future if the `struct` is ever modified.

PR:		207302
Submitted by:	CTurt <cturt@hardenedbsd.org>
Reported by:	CTurt <cturt@hardenedbsd.org>
Reviewed by:	jhb, vangyzen
MFC after:	1 week
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D14521
2018-02-26 18:23:36 +00:00
kevans
89e0bb5305 libsa: Move MAXWAIT from net.h to net.c
It's not a setting that has any effect or use outside of the net.c context.
2018-02-26 18:14:37 +00:00
oshogbo
d61a5c4725 Fix typo. 2018-02-26 18:06:15 +00:00
trasz
bd43ba9e2b .Xr rctl(8) and cpuset(1).
PR:		225935
Submitted by:	D. Ebdrup <debdrup at gmail.com> (earlier version)
MFC after:	2 weeks
2018-02-26 18:04:17 +00:00
kevans
ba27e307c0 libsa: Add MAXWAIT to net for establishing max total timeout
Current timeout behavior is to progress in timeout values from MINTMO to
MAXTMO in MINTMO steps before finally timing out. This results in a fairly
long time before operations finally timeout, which may not be ideal for some
use-cases.

Add MAXWAIT that may be configured along with MINTMO/MAXTMO. If we attempt
to start our send/recv cycle over again but MAXWAIT > 0 and MAXWAIT seconds
have already passed, then go ahead and timeout.

This is intended for those that just want to say "timeout after 180 seconds"
rather than calculate and tweak MINTMO/MAXTMO to get their desired timeout.
The default is 0, or "progress from MINTMO to MAXTMO with no exception."

This has been modified since review to allow for it to be defined via CFLAGS
and doing appropriate error checking. Future work may add some Makefile foo
to respect LOADER_NET_MAXWAIT if it's specified in the environment and pass
it in as MAXWAIT accordingly.

Reviewed by:	imp, sbruno, tsoome (all previous version)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D14389
2018-02-26 18:01:35 +00:00
trasz
c2a7be7783 Fix gettytab(5) to document f0, f1, and f2 as unsupported; they've been gone
since r131091.

PR:             184691 (partial)
Submitted by:   naddy@
MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
2018-02-26 17:51:18 +00:00
imp
584cb1a9ab These two directories build man pages, so it's incorrect to tag them
NO_OBJ. Also, make sure the loader.conf.5 man gets built and installed.
2018-02-26 15:41:20 +00:00
kevans
e948d67cf5 lualoader: Re-work menu skipping bits
This is motivated by a want to reduce heap usage if the menu is being
skipped. Currently, the menu module must be loaded regardless of whether
it's being skipped or not, which adds a cool ~50-100KB worth of memory
usage.

Move the menu skip logic out to core (and remove a debug print), then check
in loader.lua if we should be skipping the menu and avoid loading the menu
module entirely if so. This keeps our memory usage below ~115KB for a boot
with the menu stripped.

Also worth noting: with this change, we no longer explicitly invoke autoboot
if we're skipping the menu. Instead, we let the standard loader behavior
apply: try to autoboot if we need to, then drop to a loader prompt if not or
if the autoboot sequence is interrupted. The only thing we still handle
before dropping to the loader autoboot sequence is loadelf(), so that we can
still apply any of our kernel loading behavior.
2018-02-26 15:37:32 +00:00
kevans
80f03abbf3 ofw_fdt: Simplify parts with new libfdt methods
libfdt now provides methods to iterate through subnodes and properties in a
convenient fashion.

Replace our ofw_fdt_{peer,child} searches with calls to their corresponding
libfdt methods. Rework ofw_fdt_nextprop to use the
fdt_for_each_property_offset macro, making it even more obvious what it's
doing.

No functional change intended.

Reviewed by:	nwhitehorn
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D14225
2018-02-26 14:00:23 +00:00
cognet
24fc3ea5c1 In do_ast, make sure the interrupts are enabled before calling ast().
We can reach that point with IRQs disabled, and calling ast() with IRQs 
disabled can lead to a deadlock.
This should fix the freezes on arm64 under load.

Reviewed by:	andrew
2018-02-26 13:12:51 +00:00
andrew
e442b960d2 Check all entries in the ACPI uart compat table and not just the first.
Sponsored by:	DARPA, AFRL
2018-02-26 08:45:38 +00:00
kevans
a9ed140ea3 style.lua(9): Add some additional notes about naming and commas
camelCase tends to be preferred for function identifiers, while
internal_underscores are preferred for variable identifiers. This convention
makes it a little bit easier to eyeball whether variable/function usage is
correct.

The optional commas for final table values are preferred to reduce chances
for error.
2018-02-26 04:55:08 +00:00
kevans
4e19f8f67d Add MAINTAINERS note for lualoader (stand/lua, specifically)
While it's a work in progress, at least, I would like a chance to review any
lua that goes into the tree for lualoader. I am also willing to help others
get started writing features or fixing any bugs wandered across.
2018-02-26 04:33:05 +00:00
kevans
0af574732d lualoader: screen argument fixes
screen was also guilty of not-so-great argument names, but it was also
guilty of handling color sequences on its own. Change those bits to using
the color module instead.

As a side note, between color and screen, I'm not 100% sure that returning
the color_value is the right thing to do if we won't generate the escape
sequences. This should be re-evaluated at a later time, and they should
likely return nil instead.
2018-02-26 04:12:54 +00:00
kevans
d4894b0aac lualoader: More argument name expansion, part 2
screen also has some instances, but it also has other cleanup to go with it.
Because of this, I will be committing the screen changes separately.
2018-02-26 04:08:54 +00:00
kevans
547ebe76cd lualoader: A little more general menu cleanup
Instead of a single-letter parameter ('m'), use something a little more
descriptive and meaningful: 'menudef' ("menu definition") -- these functions
expect to be passed a menudef, so call it what it is.

While here, throw an assertion in that we have a handler for the selected
menu item. This is more of a debugging aide so that it's more obvious when
one is testing a menudef that they've added an entry item that we don't
handle.

This is an improvement over the past behavior of ignoring the unknown menu
entry.
2018-02-26 03:46:17 +00:00
imp
c0169fbbfa loader.conf is loader agnostic, so remove 4th references. 2018-02-26 03:16:57 +00:00
imp
cf747b57ef Take a meat cleaver to defaults/loader.conf
Remove almost all of the _load=XXX options (kept only those relevant
to splash screens, since there were other settings).
Remove the excessively cutesy comment blocks.
Remove excessive comments and replace with similar content
Remove gratuitous blank lines (while leaving some)

We have too many modules to list them all here. There's no purpose in
doing so and it's a giant hassle to maintain. In addition the extra
~500 lines slow this down on small platforms. It slowed it down
so much small platforms forked, which caused other issues...
This is a compromise between those two extremes.
2018-02-26 03:16:53 +00:00
imp
f54f0690ba Go back to one loader.conf
We really only need one loader.conf. The other loader.conf was created
because the current one took forever to parse in FORTH. That will be
fixed in the next commit.
2018-02-26 03:16:47 +00:00
imp
dc6773a791 Add NO_OBJ to those directories that don't make anything.
For directories that don't many anything, add NO_OBJ=t just before we
include bsd.init.mk. This prevents them from creating an OBJ
directory. In addition, prevent defs.mk from creating the machine
related links in these cases. They aren't needed and break, at least
on stable, the read-only src tree build.
2018-02-26 03:16:04 +00:00
jhibbits
c1830d695e Correct a copy&paste-o -- altivec assist interrupt, not watchdog 2018-02-26 03:05:36 +00:00
pkelsey
91dbc8d21a Greatly reduce the number of #ifdefs supporting the TCP_RFC7413 kernel option.
The conditional compilation support is now centralized in
tcp_fastopen.h and tcp_var.h. This doesn't provide the minimum
theoretical code/data footprint when TCP_RFC7413 is disabled, but
nearly all the TFO code should wind up being removed by the optimizer,
the additional footprint in the syncache entries is a single pointer,
and the additional overhead in the tcpcb is at the end of the
structure.

This enables the TCP_RFC7413 kernel option by default in amd64 and
arm64 GENERIC.

Reviewed by:	hiren
MFC after:	1 month
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D14048
2018-02-26 03:03:41 +00:00
pkelsey
d2557e90a6 This is an implementation of the client side of TCP Fast Open (TFO)
[RFC7413]. It also includes a pre-shared key mode of operation in
which the server requires the client to be in possession of a shared
secret in order to successfully open TFO connections with that server.

The names of some existing fastopen sysctls have changed (e.g.,
net.inet.tcp.fastopen.enabled -> net.inet.tcp.fastopen.server_enable).

Reviewed by:	tuexen
MFC after:	1 month
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D14047
2018-02-26 02:53:22 +00:00
pkelsey
acbbc54961 Fix harmless locking bug in tfp_fastopen_check_cookie().
The keylist lock was not being acquired early enough.  The only side
effect of this bug is that the effective add time of a new key could
be slightly later than it would have been otherwise, as seen by a TFO
client.

Reviewed by:	tuexen
MFC after:	1 month
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D14046
2018-02-26 02:43:26 +00:00
ian
cf7b8c683d Add a SPI driver for imx5 and imx6.
It can be compiled into the kernel with "device imx_spi" or loaded as a
module, which is also named "imx_spi".
2018-02-26 02:28:32 +00:00
mckusick
0057f01722 Use a more straight-forward approach to relaxing the location
restraints when validating one of the backup superblocks.
2018-02-26 00:34:56 +00:00
dteske
20dcfaee39 Consistent casing for fallback SIGCHLD (s/Unknown/unknown/) 2018-02-26 00:04:21 +00:00
dteske
9799315b43 Updates and enhancements to signal.d to aid DTrace scripting
+ Add missing signals SIGTHR (32) and SIGLIBRT (33)
+ Add inline for converting SIG* int to string
+ Add inline for converting CLD_* int to string

Reviewed by:	markj
Sponsored by:	Smule, Inc.
Differential Revision:	https://reviews.freebsd.org/D14497
2018-02-25 23:59:47 +00:00
eugen
7000d8296a mac_portacl(4): stop panicing INVARIANTS-enabled kernel by loading .ko
when kernel already has options MAC_PORTACL.

PR:		183817
Approved by:	avg (mentor)
MFC after:	1 week
2018-02-25 23:10:13 +00:00
brooks
2405f0db88 Allow CROSS_TOOLCHAIN to be a path to a file.
This allows working with custom cross toolchains without the need to
create files in /usr/local/share/toolchains.

Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D14178
2018-02-25 20:21:30 +00:00
trasz
08613ce568 Prevent getty(8) from looping indefinitely if the device node doesn't
exist. This behaviour makes no sense for eg USB serial adapters, or
USB device-side serial templates.

This mostly reverts to pre-r135941 behaviour.

Reviewed by:	imp@
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14198
2018-02-25 20:15:06 +00:00
andrew
b3b2698361 Teach the Arm pl011 driver to attach to a SBSA uart. This is defined in
the Server Base System Architecture to be a subset of the pl011 r1p5. As
we don't use the removed features it is safe to just attach to the existing
driver as is.

Sponsored by:	DARPA, AFRL
2018-02-25 19:43:00 +00:00
andrew
375eca13d0 Rename the FDT compat_data array to a bus-specific name.
Sponsored by:	DARPA, AFRL
2018-02-25 19:33:27 +00:00
ian
f69685531b Add support for booting into kdb on arm platforms when the RB_KDB is set
(using "boot -d" at the loader propmt or setting boot_ddb in loader.conf).

Submitted by:	Thomas Skibo <thomasskibo@yahoo.com>
Differential Revision:	https://reviews.freebsd.org/D14428
2018-02-25 18:42:59 +00:00
ian
e45b8be45c Instead of building ofw_iicbus as a separate module, just compile it in to
the iicbus module for FDT-based systems.

The primary motivation for this is that host controller drivers which
declare DRIVER_MODULE(ofw_iicbus, thisdriver, etc, etc) now only need a
single MODULE_DEPEND(thisdriver, ofw_iicbus) for runtime linking to resolve
all the symbols.  With ofw_iicbus and iicbus in separate modules, drivers
would need to declare a MODULE_DEPEND() on both, because symbol lookup is
non-recursive through the dependency chain.  Requiring a driver to have
MODULE_DEPENDS() on both amounts to requiring the drivers to understand the
kobj inheritence details of how ofw_iicbus is implemented, which seems like
something they shouldn't have to know (and could even change some day).

Also, this is somewhat analogous to how the drivers get built when compiled
into the kernel.  You don't have to ask for ofw_iicbus separately, it just
gets built in along with iicbus when option FDT is in effect.
2018-02-25 18:26:50 +00:00
kevans
8c3970d0e0 lualoader: Track the menu currently drawn, instead of validity
This cleans up the odd approach to menu drawing. Instead of tracking
validity, we track the menu that was drawn on the screen. Whenever we draw a
menu, we'll set this to that menu.

Anything that invalidates the screen should go ahead and trigger an explicit
redraw, rather than finding a wy to set screen_invalid.

The currently drawn menu is then reset in menu.run as we exit the menu
system, so that dropping to the loader prompt or leaving menu.run() will
just behave as expected without doing redundant work every time we leave a
menu.
2018-02-25 17:02:50 +00:00
kevans
df80f25392 lualoader: Invalidate the screen from menu perspective upon mnu exit
In the common case, this will effectively do nothing as the menu will get
redrawn as we leave submenus regardless of whether the screen has been
marked invalid or not

However, upon escape to the loader prompt, one could do either of the
following to re-enter the menu system:

-- Method 1
require('menu').run()

-- Method 2
require('menu').process(menu.default)

With method 1, the menu will get redrawn anyways as we do this before
autoboot checking upon entry. With method 2, however, the menu will not be
redrawn without this invalidation.

Both methods are acceptable for re-entering the menu system, although the
latter method in the local module for processing new and interesting menus
is more expected.
2018-02-25 16:29:02 +00:00
mjg
b9b1579c76 Don't generate data in sysctl_out_proc unless we intend to copy out.
The first call is used to gauge how much spaces is needed. Just computing
the size instead of generating the output allows to not take the proctree
lock.
2018-02-25 15:16:58 +00:00
asomers
5f9d9ae52b Don't declare __assfail as static
It gets called by dmu_buf_init_user, which is inline but not static.  So it
needs global linkage itself.

Reported by:	GCC-6
MFC after:	17 days
X-MFC-With:	329722
2018-02-25 14:29:43 +00:00
dim
044c6471dc Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
6.0.0 (branches/release_60 r325932).  This corresponds to 6.0.0 rc3.

MFC after:	3 months
X-MFC-With:	r327952
PR:		224669
2018-02-25 13:20:32 +00:00
kp
fc599d4911 pf: Cope with overly large net.pf.states_hashsize
If the user configures a states_hashsize or source_nodes_hashsize value we may
not have enough memory to allocate this. This used to lock up pf, because these
allocations used M_WAITOK.

Cope with this by attempting the allocation with M_NOWAIT and falling back to
the default sizes (with M_WAITOK) if these fail.

PR:		209475
Submitted by:	Fehmi Noyan Isi <fnoyanisi AT yahoo.com>
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D14367
2018-02-25 08:56:44 +00:00
kevans
fc8afef4e4 lualoader: Explain deviation from naming guidelines
cli_execute is likely the only exception that we should make, due to it
being a global. We don't really need other globals, so this won't really end
up an epidemic.
2018-02-25 05:14:06 +00:00
kevans
e988dd98f8 lualoader: Pull autoboot handling out into menu.run()
There's no reason for autoboot handling to be mixed in with menu processing.
It is a distinct process that should only be done once when entering the
menu system.

menu.process has been modified to take an initial keypress to process and to
only draw the screen initially if it's been invalidated. The keypress is
kind of a kludge, although it could be argued to be a potentially useful
kludge if there are other processes that may need to feed a keypress into
the menu system.
2018-02-25 05:00:54 +00:00
kevans
257d3bf787 lualoader: Pull menu redrawing specifics out of menu.process
In general, every menu redraw is going to require a screen clear and cursor
reset. Each redraw also has the potential to invalidate the alias table, so
we move the alias table being used out into a module variable. This allows
third party consumers to also inspect or update the alias table if they need
to.

While here, stop searching the alias table once we've found a match.
2018-02-25 04:44:45 +00:00
kevans
c7da60c4f0 lualoader: Clean up menu handling a little bit
This is driven by an urge to separate out the bits that really only need to
happen when the menu system starts up. Key points:

- menu.process now does the bulk of menu handling. It retains autoboot
  handling for dubious reasons, and it no longer accepts a 'nil' menu to
  process as 'the default'. Its return value is insignificant.
- The MENU_SUBMENU handler now returns nothing. If menu.process has exited,
  then we continue processing menu items on the parent menu as expected.
- menu.run is now the entry point of the menu system. It checks whether the
  menu should be skipped, processes the default menu, then returns.
2018-02-25 04:11:08 +00:00
kevans
71999db645 lualoader: menu: Terminate final values in tables with a comma 2018-02-25 03:33:25 +00:00
kevans
814d027fbf lualoader: Don't explicitly index tables without reason
These indices were assigned the same values as they would've been implicitly
assigned anyways.

While here, throw terminating commas after the last value of tables.
2018-02-25 03:30:24 +00:00