Commit Graph

20611 Commits

Author SHA1 Message Date
Hans Petter Selasky
81a9354828 Add example to ng_bpf(4) showing how ng_bpf(4) can be used to prevent spoofing.
Differential Revision:	https://reviews.freebsd.org/D26488
MFC after:	1 week
Reviewed by:	pi, bcr (manpages)
Submitted by:	lutz_donnerhacke.de (Lutz Donnerhacke)
Sponsored by:	Mellanox Technologies // NVIDIA Networking
2020-09-21 18:17:01 +00:00
Mitchell Horne
cba446e2c2 Add getenv(9) boolean parsing functions
This adds the getenv_bool() function, to parse a boolean value from a
kernel environment variable or tunable. This works for traditional
boolean values like "0" and "1", and also "true" and "false"
(case-insensitive). These semantics do not yet apply to sysctls declared
using SYSCTL_BOOL with CTLFLAG_TUN (they still only parse 1 and 0).

Also added are two wrapper functions, getenv_is_true() and
getenv_is_false(). These are slightly simpler for callers wishing to
perform a single check of a configuration variable.

Reviewed by:	jhb (slightly earlier version)
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26270
2020-09-21 15:24:44 +00:00
Toomas Soome
e307eb94ae loader: zfs should support bootonce an nextboot
bootonce feature is temporary, one time boot, activated by
"bectl activate -t BE", "bectl activate -T BE" will reset the bootonce flag.

By default, the bootonce setting is reset on attempt to boot and the next
boot will use previously active BE.

By setting zfs_bootonce_activate="YES" in rc.conf, the bootonce BE will
be set permanently active.

bootonce dataset name is recorded in boot pool labels, bootenv area.

in case of nextboot, the nextboot_enable boolean variable is recorded in
freebsd:nvstore nvlist, also stored in boot pool label bootenv area.
On boot, the loader will process /boot/nextboot.conf if nextboot_enable
is "YES", and will set nextboot_enable to "NO", preventing /boot/nextboot.conf
processing on next boot.

bootonce and nextboot features are usable in both UEFI and BIOS boot.

To use bootonce/nextboot features, the boot loader needs to be updated on disk;
if loader.efi is stored on ESP, then ESP needs to be updated and
for BIOS boot, stage2 (zfsboot or gptzfsboot) needs to be updated
(gpart or other tools).

At this time, only lua loader is updated.

Sponsored by:	Netflix, Klara Inc.
Differential Revision:	https://reviews.freebsd.org/D25512
2020-09-21 09:01:10 +00:00
Gordon Bergling
918d5f5908 diskless(8): Correct Sections out of conventional order error
Event:		September 2020 Bugathon
MFC after:	1 week
2020-09-19 15:10:17 +00:00
Gordon Bergling
182ae6ca30 crypto(7): Correct Sections out of conventional order error
Event:		September 2020 Bugathon
MFC after:	1 week
2020-09-19 15:08:57 +00:00
Michal Meloun
95a85c125d Add NetBSD compatible bus_space_peek_N() and bus_space_poke_N() functions.
One problem with the bus_space_read_N() and bus_space_write_N() family of
functions is that they provide no protection against exceptions which can
occur when no physical hardware or device responds to the read or write
cycles. In such a situation, the system typically would panic due to a
kernel-mode bus error. The bus_space_peek_N() and bus_space_poke_N() family
of functions provide a mechanism to handle these exceptions gracefully
without the risk of crashing the system.

Typical example is access to PCI(e) configuration space in bus enumeration
function on badly implemented PCI(e) root complexes (RK3399 or Neoverse
N1 N1SDP and/or access to PCI(e) register when device is in deep sleep state.

This commit adds a real implementation for arm64 only. The remaining
architectures have bus_space_peek()/bus_space_poke() emulated by using
bus_space_read()/bus_space_write() (without exception handling).

MFC after:	1 month
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D25371
2020-09-19 11:06:41 +00:00
Mark Johnston
7afab8a67e Install library symlinks atomically.
As we do for shared library binaries, pass -S to install(1) when
installing symlinks.  Doing so helps avoid transient failures when
libraries are being reinstalled, which seems to be the root cause of
spurious libgcc_s.so link failures during CI builds.

PR:		233769
Reviewed by:	emaste
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D26453
2020-09-18 19:03:34 +00:00
Kyle Evans
fe815331bb build: provide a default WARNS for all in-tree builds
The current default is provided in various Makefile.inc in some top-level
directories and covers a good portion of the tree, but doesn't cover parts
of the build a little deeper (e.g. libcasper).

Provide a default in src.sys.mk and set WARNS to it in bsd.sys.mk if that
variable is defined. This lets us relatively cleanly provide a default WARNS
no matter where you're building in the src tree without breaking things
outside of the tree.

Crunchgen has been updated as a bootstrap tool to work on this change
because it needs r365605 at a minimum to succeed. The cleanup necessary to
successfully walk over this change on WITHOUT_CLEAN builds has been added.

There is a supplemental project to this to list all of the warnings that are
encountered when the environment has WARNS=6 NO_WERROR=yes:
https://warns.kevans.dev -- this project will hopefully eventually go away
in favor of CI doing a much better job than it.

Reviewed by:	emaste, brooks, ngie (all earlier version)
Reviewed by:	emaste, arichardson (depend-cleanup.sh change)
Differential Revision:	https://reviews.freebsd.org/D26455
2020-09-18 17:17:46 +00:00
Gordon Bergling
16694347a9 crypto_buffer(9): Bring back the reference for bus_dma(9)
The reference was accidentally deleted in r365855.

Reported by:	jhb
Pointy hat to:	gbe
2020-09-18 11:04:16 +00:00
Navdeep Parhar
a4a4ad2dd9 cxgbe(4): add support for stateless offloads for VXLAN traffic.
Hardware assistance includes checksumming (tx and rx), TSO, and RSS on
the inner traffic in a VXLAN tunnel.

Relnotes:	Yes
Sponsored by:	Chelsio Communications
2020-09-18 03:01:47 +00:00
Navdeep Parhar
b092fd6c97 if_vxlan(4): add support for hardware assisted checksumming, TSO, and RSS.
This lets a VXLAN pseudo-interface take advantage of hardware checksumming (tx
and rx), TSO, and RSS if the NIC is capable of performing these operations on
inner VXLAN traffic.

A VXLAN interface inherits the capabilities of its vxlandev interface if one is
specified or of the interface that hosts the vxlanlocal address. If other
interfaces will carry traffic for that VXLAN then they must have the same
hardware capabilities.

On transmit, if_vxlan verifies that the outbound interface has the required
capabilities and then translates the CSUM_ flags to their inner equivalents.
This tells the hardware ifnet that it needs to operate on the inner frame and
not the outer VXLAN headers.

An event is generated when a VXLAN ifnet starts. This allows hardware drivers to
configure their devices to expect VXLAN traffic on the specified incoming port.

On receive, the hardware does RSS and checksum verification on the inner frame.
if_vxlan now does a direct netisr dispatch to take full advantage of RSS. It is
not very clear why it didn't do this already.

Future work:
Rx: it should be possible to avoid the first trip up the protocol stack to get
the frame to if_vxlan just so it can decapsulate and requeue for a second trip
up the stack. The hardware NIC driver could directly call an if_vxlan receive
routine for VXLAN traffic instead.

Rx: LRO. depends on what happens with the previous item. There will have to to
be a mechanism to indicate that it's time for if_vxlan to flush its LRO state.

Reviewed by:	kib@
Relnotes:	Yes
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D25873
2020-09-18 02:37:57 +00:00
Gordon Bergling
60365150ae arch(7): Some markup fixes
- no blank before trailing delimiter

MFC after:	3 days
2020-09-17 21:24:11 +00:00
Gordon Bergling
9c946dc379 man(9): Some markup fixes
- whitespace at end of input line
- skipping paragraph macro: Pp after Sh

MFC after:	3 days
2020-09-17 21:08:11 +00:00
Gordon Bergling
8713e3ccba pwmbus(9): some markup fixes
- whitespace at end of input line

MFC after:	3 days
2020-09-17 20:55:42 +00:00
Gordon Bergling
ac81581df3 mbuf(9): Some markup fixes
- whitespace at end of input line
- no blank before trailing delimiter: Dv MJUM16BYTES

MFC after:	3 days
2020-09-17 20:53:24 +00:00
Gordon Bergling
fade09c8ac crypto_buffer(9): Sort the SEE ALSO section
MFC after:	3 days
2020-09-17 20:50:02 +00:00
Gordon Bergling
d2527db87a VOP_INACTIVE(9): Remove trailing whitespace
MFC after:	3 days
2020-09-17 20:42:41 +00:00
Gordon Bergling
6f563a6f49 domainset(9): Some markup fixes
- new sentence, new line
- whitespace at end of input line

MFC after:	3 days
2020-09-17 20:37:54 +00:00
Gordon Bergling
27f21fadda rmlock(9): Some markup fixes
- new sentence, new line

MFC after:	3 days
2020-09-17 20:32:10 +00:00
Gordon Bergling
f2f6054441 bus_dma(9): Some markup fixes
- new sentence, new line
- no blank before trailing delimiter
- whitespace at end of input line

MFC after:	3 days
2020-09-17 20:25:31 +00:00
Alex Richardson
0e1e341b48 Stop using lorder and ranlib when building libraries
Use of ranlib or lorder is no longer necessary with current linkers
(probably anything newer than ~1990) and ar's ability to create an object
index and symbol table in the archive.
Currently the build system uses lorder+tsort to sort the .o files in
dependency order so that a single-pass linker can use them. However,
we can use the -s flag to ar to add an index to the .a file which makes
lorder unnecessary.
Running ar -s is equivalent to running ranlib afterwards, so we can also
skip the ranlib invocation.

Similarly, we don't have to pass the .o files for shared libraries in
dependency order since both ld.bfd and ld.lld will correctly resolve
references between the .o files.

This removes many fork()+execve calls for each library so should speed up
builds a bit. Additionally lorder.sh uses a regular expression that is not
supported by the macOS libc or glibc and results in many warnings when
cross-building (see D25989).

There is one functional change: lorder.sh removed duplicated .o files
from the linker command line which now no longer happens. I fixed the duplicates
in the base system in r364649. I also checked the ports tree for uses of
bsd.lib.mk and found one duplicate source file which I fixed in r548168.
Most ports use CMake/autotools rather than bsd.lib.mk but if this breaks any
ports that I missed in my search please let me know.

Avoiding the shell script actually speeds up the linking step noticeably: I
measured how long it takes to rebuild the .a and .so files for lib/libc using a
basic benchmark: `rm $LIBC_OBJDIR/*.so* $LIBC_OBJDIR/*.a* && /usr/bin/time make -DWITHOUT_TESTS -s > /dev/null`
Without this change ~4.5 seconds and afterwards ~3.1 seconds.
Looking at truss -cf output we can see that the number fork() system
calls goes down from 27 to 12 (and the speedup while tracing is more
noticeable: 81 seconds -> 65 seconds).

See also https://www.gnu.org/software/coreutils/manual/html_node/tsort-background.html
for some more background:
This whole procedure has been obsolete since about 1980, because Unix
archives now contain a symbol table (traditionally built by ranlib, now
generally built by ar itself), and the Unix linker uses the symbol table
to effectively make multiple passes over an archive file.

Or alternatively https://www.unix.com/man-page/osf1/1/lorder/:
The lorder command is essentially obsolete.  Use the following command in
its place: % ar -ts file.a

Reviewed By:	 emaste, imp, dim
Differential Revision: https://reviews.freebsd.org/D26044
2020-09-17 15:07:25 +00:00
Baptiste Daroussin
dfe3db06bb Update to 2020.08.19
MFC after:	3 days
2020-09-16 07:30:18 +00:00
Stefan Eßer
160ea95362 src.conf.5: regen after r365753 2020-09-15 16:38:44 +00:00
Brandon Bergren
1d2a0dce33 [PowerPC] Remove obsolete MK_LOADER_FORCE_LE
In D12421, the ability to compile stand/ in little-endian was added, with the
intention to extend loader.kboot to run in Petitboot.

However, no further work was done, as the kernel then gained self-execution
capabilities as Petitboot was taught to load FreeBSD kernels directly.

The FreeBSD installer on powerpc64 (on POWER8 and POWER9) uses
/boot/etc/kboot.conf instead of loader.

As this option does nothing but cause stand/ to be miscompiled and actively
causes confusion, remove it.

(I have a functioning petitboot loader in my local tree, however, it turned
out to be quite inconvient to use due to the current petitboot plugin design
so I put it on hold.)

Reviewed by:	emaste, imp, jhibbits
Sponsored by:	Tag1 Consulting, Inc.
Differential Revision:	https://reviews.freebsd.org/D26430
2020-09-15 04:22:28 +00:00
Andrew Turner
2a6803de1c Use MACHINE_CPUARCH when checking for arm64
Use MACHINE_CPUARCH with arm64 (aarch64) when we build code that could run
on any 64-bit Arm instruction set. This will simplify checks in downstream
consumers targeting prototype instruction sets.

The only place we check for MACHINE_ARCH == aarch64 is when building the
device tree blobs. As these are targeting current generation ISAs.

Sponsored by:	Innovate UK
Differential Revision:	https://reviews.freebsd.org/D26370
2020-09-14 16:12:28 +00:00
Scott Long
e18eb7b14e Update bus_dma.9 for the expanded template API. Add some
clarifying language about the operation of parent tags in templates.
2020-09-14 06:26:36 +00:00
Scott Long
d58ff30aca Improve the documenation for bus_dma templates. Also add notes to
make it clear that filters may not work correctly and that their use
is deprecated.

MFC after:	3 days
2020-09-11 19:45:26 +00:00
Gordon Bergling
e6ca69017c Improvements for the src.conf(5) and build(7) man pages
PR:		203863 (based on)
Submitted by:	Russell Haley <russ dot haley at gmail dot com>
Reviewed by:	bcr, imp
Approved by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26343
2020-09-11 18:09:49 +00:00
Rainer Hurling
500e0f0833 Add author entity for rhurlin, part 2
Forgot to submit step 5 from procedure 1 in Chap. 6 of the Committers Guide:
Update Mentor and Mentee Information

Reviewed by:	arrowd (mentor), tcberner (mentor)
Approved by:	arrowd (mentor), tcberner (mentor)
2020-09-10 13:57:57 +00:00
Li-Wen Hsu
95407a79cb Remove vm_map_create(9) KPI's manpage according to r364302
Submitted by:	Ka Ho Ng <khng300@gmail.com>
Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D26372
2020-09-10 06:32:25 +00:00
Robert Wing
37d72a9177 periodic.conf(5): don't truncate interface names reported by 420.status-network.
The daily periodic script, 420.status-network uses netstat(1) to report
interface status. By default, netstat(1) truncates interface names.

Add the '-W' flag (avoid truncating interface names) as the default for
'daily_status_network_netstat_flags' in periodic.conf(5).

The default 420.status-network command is now 'netstat -i -d -W -n'.

PR:     163572
Reported by: kes-kes@yandex.ru
Reviewed by: allanjude (mentor) bcr (manpages)
Approved by: allanjude (mentor)
MFC after:  1 week
Differential Revision:  https://reviews.freebsd.org/D26023
2020-09-09 19:07:34 +00:00
Kyle Evans
a5a160704a src.conf(5): regen after r365491 2020-09-09 00:41:31 +00:00
Kyle Evans
d3980671b3 opts: FREEBSD_UPDATE no longer relies on PORTSNAP
phttpget is no longer tied to the portsnap build as of r365490.

MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D26255
2020-09-09 00:40:54 +00:00
Ed Maste
f83a16e0ec src.conf.5: regen after r365439, WITH_/WITHOUT_CLEAN option 2020-09-08 00:48:18 +00:00
Ed Maste
7576679986 Add WITH_/WITHOUT_CLEAN option to replace NO_CLEAN
This allows use of the standard src.conf configuration for controlling
whether the tree is cleaned before build or not.  The default is still
to clean.

Setting either NOCLEAN or NO_CLEAN will mention the new src.conf option.
NOCLEAN remains a .warning, while for now NO_CLEAN is .info.

Reviewed by:	bdrewery (earlier version)
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D22762
2020-09-08 00:44:35 +00:00
Alan Somers
5e20b96c65 nsswitch.conf.5: style fixes
Fix some whitespace, and remove the .Tn macro

Reported by:	mandoc, igor
Reviewed by:	bcr (manpages)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26345
2020-09-07 13:44:54 +00:00
Li-Wen Hsu
eddaeb2095 Slightly improve usb(4)
- Mention USB 3.0
- Update links
- Fix `mandoc -T lint` warnings

Reviewed by:	bcr, hselasky
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D26349
2020-09-07 07:44:14 +00:00
Alan Somers
04bd07fd15 nsswitch.conf(5): recommend placing cache after files
When cache precedes files, and nscd is configured to allow negative caching,
commands like "pw groupadd" can fail. The sequence of events looks like:

1. A command like pkg(8) looks up the group, and finds it absent.
2. pkg invokes pw(8) to add the group
3. pkg queries the group, but nscd says it doesn't exist, since it has a
   negative cache entry for that group.

See also: https://lists.freebsd.org/pipermail/freebsd-current/2012-January/031595.html

Reviewed by:	bcr (manpages)
MFC after:	1 week
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D26184
2020-09-06 20:32:13 +00:00
Dimitry Andric
7d4374f65f Turn MALLOC_PRODUCTION into a regular src.conf(5) option
For historical reasons, defining MALLOC_PRODUCTION in /etc/make.conf has
been used to turn off potentially expensive debug checks and statistics
gathering in the implementation of malloc(3).

It seems more consistent to turn this into a regular src.conf(5) option,
e.g. WITH_MALLOC_PRODUCTION / WITHOUT_MALLOC_PRODUCTION. This can then
be toggled similar to any other source build option, and turned on or
off by default for e.g. stable branches.

Reviewed by:	imp, #manpages
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D26337
2020-09-05 23:30:17 +00:00
Mateusz Guzik
ea0a0939ef sx: fix up manpage after r363113
No date change as there is no new information.

Submitted by:	sigsys@gmail.com
Differential Revision: https://reviews.freebsd.org/D26341
2020-09-05 20:22:02 +00:00
Rick Macklem
9c4368e73c Add entries for the OID used for NFS-over-TLS "user@domain".
The NFS-over-TLS server daemon (rpc.tlsservd) can optionally replace user
credentials in the RPC header with ones derived from a username specified
by the form "user@domain", if this exists in the client's X.509 v3 certificate.
Specifically, "user@domain" needs to be in the "otherName" component of
subjectjAltName, with a unique OID as assigned by this update.

This patch adds a subtree for the "otherName" component of subjectAltName in
X.509 v3 cerificates and a value for "user@domain" as used by NFS-over-TLS.

Reviewed by:	phk, gordon
Differential Revision:	https://reviews.freebsd.org/D26225
2020-09-03 20:42:30 +00:00
John Baldwin
4d135bbd7f libifconfig now depends on libm due to usage of log10().
ld.bfd in particular requires -lm to come after libifconfig on the
command line when linking rescue.

Reviewed by:	freqlabs, adrian
Differential Revision:	https://reviews.freebsd.org/D26258
2020-09-02 22:10:08 +00:00
Ian Lepore
ac07cdf8f7 In ltc430x(4), add the ability to configure control register 2 via FDT or
hints data.  Control register 2 holds the settings a user might want to
configure, such as the timeout value for idle busses and whether to enable
the mass-writes feature.

Also add hint support for disconnecting idle busses (which was already
supported using FDT data).

Update the manpage with the new features, and also split the hints section
into separate lists of required and optional hints.
2020-09-02 19:37:47 +00:00
Mark Johnston
2d838cd867 Add the MEM_EXTRACT_PADDR ioctl to /dev/mem.
This allows privileged userspace processes to find information about the
physical page backing a given mapping.  It is useful in applications
such as DPDK which perform some of their own memory management.

Reviewed by:	kib, jhb (previous version)
MFC after:	2 weeks
Sponsored by:	Juniper Networks, Inc.
Sponsored by:	Klara Inc.
Differential Revision:	https://reviews.freebsd.org/D26237
2020-09-02 18:12:47 +00:00
Andrew Turner
d14897f960 When CPUTYPE is an architecture name use -march
Allow architecture names to be passed in to the build system via CPUTYPE.
This allows the user to use values such as armv8.1-a or armv8-a+crc as
the CPUTYPE.

Sponsored by:	Innovate UK
2020-09-02 11:53:26 +00:00
John-Mark Gurney
df94ce0f90 add Xr to device_get_sysctl(9) to make this easier to find 2020-09-01 20:42:48 +00:00
Ian Lepore
e439fa62ef Document the fact that you must set an i2c slave address as well as the
upstream iicbus to configure this device using hints.
2020-09-01 19:06:08 +00:00
Ed Maste
55c9a224e2 release.7: update for current context
It's no longer unusual to be able to build a release with a single
command, so drop "actually" that hints at a surprise.  Also just use
"network install directory" instead of referencing FTP; it's more
likely to be HTTP now.

Reviewed by:	gjb
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D26260
2020-09-01 15:30:40 +00:00
John Baldwin
73fd212c81 Suppress -Wempty-body warnings in GCC 6.x and later.
libc++ in LLVM 11 uses an empty else clause in
include/c++/v1/__thread_support which triggers this warning.

Reviewed by:	dim, emaste
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D26257
2020-08-31 21:57:01 +00:00
Warner Losh
8df7e154a2 Add deprecation notice for apm BIOS
Add deprecation notice for apm bios, aka the apm(4) device. The apm(8)
command will remain, at least for a while, since ACPI emulates the apm
ioctl interface.

Discussed on: arch@
Relnotes: yes
MFC After: 3 days
2020-08-31 21:04:00 +00:00