executing :mincore_resid
The default process limits in FreeBSD is 64kB for unprivileged users,
which empirically is too low to run the :mincore_resid testcase.
Process limits are inherited, so even though the default limit for
root users is RLIM_INFINITY, the inherited limit with "sudo" with the
default login.conf will be 64kB.
Use setrlimit to set rlim_max for RLIMIT_MEMLOCK to RLIM_INFINITY to
avoid ENOMEM issues when calling mlock to wire the mmap'ed address
space.
setrlimit requires root access to increase rlim_max, so require root
privileges when running the test
Discovered when executing the tests with sudo, e.g.
"sudo kyua test -k /usr/tests/lib/libc/sys/Kyuafile mincore_test"
MFC after: 2 weeks
- Replace all remaining DPRINTF(N)'s with RSU_DPRINTF.
- Add new RSU_DEBUG_USB flag to track error codes returned by
usbd_do_request_flags().
- Improve few messages.
- Add partial promiscuous mode support (no management frames;
they cannot be received by the firmware and net80211 at the same time).
- Add monitor mode support (all frames).
Tested with Asus, USB-N10.
For horizontal (T-axis) wheel reporting which is not supported by
sysmouse protocol kern.evdev.sysmouse_t_axis sysctl is introduced.
It can take following values:
0 - no T-axis events (default)
1 - T-axis events are originated in ums(4) driver.
2 - T-axis events are originated in psm(4) driver.
Submitted by: Vladimir Kondratiev <wulf@cicgroup.ru>
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D8597
BUS_DMASYNC_PREREAD is required when setting up RX buffer, otherwise
data provided by card can be overwritten by data evicted from cache
Also use proper tag when setting up RX descriptor
Reviewed by: adrian, avos, ivadasz
Differential Revision: https://reviews.freebsd.org/D8717
This is required for USB Rx aggregation
(and fixes 'could not allocate RX mbuf' / few other failures).
While here, reduce the number of Rx buffers from 100 to 1 -
the driver never uses more than one Rx buffer.
Tested with Asus USB-N10.
Changes include modifications in kernel crash dump routines, dumpon(8) and
savecore(8). A new tool called decryptcore(8) was added.
A new DIOCSKERNELDUMP I/O control was added to send a kernel crash dump
configuration in the diocskerneldump_arg structure to the kernel.
The old DIOCSKERNELDUMP I/O control was renamed to DIOCSKERNELDUMP_FREEBSD11 for
backward ABI compatibility.
dumpon(8) generates an one-time random symmetric key and encrypts it using
an RSA public key in capability mode. Currently only AES-256-CBC is supported
but EKCD was designed to implement support for other algorithms in the future.
The public key is chosen using the -k flag. The dumpon rc(8) script can do this
automatically during startup using the dumppubkey rc.conf(5) variable. Once the
keys are calculated dumpon sends them to the kernel via DIOCSKERNELDUMP I/O
control.
When the kernel receives the DIOCSKERNELDUMP I/O control it generates a random
IV and sets up the key schedule for the specified algorithm. Each time the
kernel tries to write a crash dump to the dump device, the IV is replaced by
a SHA-256 hash of the previous value. This is intended to make a possible
differential cryptanalysis harder since it is possible to write multiple crash
dumps without reboot by repeating the following commands:
# sysctl debug.kdb.enter=1
db> call doadump(0)
db> continue
# savecore
A kernel dump key consists of an algorithm identifier, an IV and an encrypted
symmetric key. The kernel dump key size is included in a kernel dump header.
The size is an unsigned 32-bit integer and it is aligned to a block size.
The header structure has 512 bytes to match the block size so it was required to
make a panic string 4 bytes shorter to add a new field to the header structure.
If the kernel dump key size in the header is nonzero it is assumed that the
kernel dump key is placed after the first header on the dump device and the core
dump is encrypted.
Separate functions were implemented to write the kernel dump header and the
kernel dump key as they need to be unencrypted. The dump_write function encrypts
data if the kernel was compiled with the EKCD option. Encrypted kernel textdumps
are not supported due to the way they are constructed which makes it impossible
to use the CBC mode for encryption. It should be also noted that textdumps don't
contain sensitive data by design as a user decides what information should be
dumped.
savecore(8) writes the kernel dump key to a key.# file if its size in the header
is nonzero. # is the number of the current core dump.
decryptcore(8) decrypts the core dump using a private RSA key and the kernel
dump key. This is performed by a child process in capability mode.
If the decryption was not successful the parent process removes a partially
decrypted core dump.
Description on how to encrypt crash dumps was added to the decryptcore(8),
dumpon(8), rc.conf(5) and savecore(8) manual pages.
EKCD was tested on amd64 using bhyve and i386, mipsel and sparc64 using QEMU.
The feature still has to be tested on arm and arm64 as it wasn't possible to run
FreeBSD due to the problems with QEMU emulation and lack of hardware.
Designed by: def, pjd
Reviewed by: cem, oshogbo, pjd
Partial review: delphij, emaste, jhb, kib
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4712
don't need the extra debug facilities. Copied from the amd64
configuration of the same name.
Submitted by: Nikolai Lifanov
Reviewed by: emaste
MFC after: 2 weeks
Instead of taking an extra reference to deal with pfsync_q_ins()
and pfsync_q_del() taken and dropping a reference (resp,) make
it optional of those functions to take or drop a reference by
passing an extra argument.
Submitted by: glebius@
These functions may be called in DTrace probe context, so they cannot be
safely traced. Moreover, they are currently only used by DTrace, so their
corresponding FBT probes are not particularly useful.
MFC after: 2 weeks
- Duplicate test_unmount to _test_unmount
- Remove atf_check calls
- Call _test_unmount from test_unmount, checking the exit code
at the end, and returning it to maintain the test_unmount
"contract"
MFC after: 1 week
module loading is successful, but attempts to use it will not be
successful. This is similar to what we do (did?) with ACPI on non-ACPI
systems. We succeed if we can't find the necessary information to hook
into EFI, but still fail if we're unable to allocate resources if we
do find EFI.
Not Objected to by: kib@
MFC Afer: 3 days
away in the past from the current time. This should be plenty for the
scheduler to do its job. It provides assurance that the timestamp
returned is actually a valid one, not just some random garbage.
If we load a binary that is designed to be a library, it produces
relocatable code via assembler directives in the assembly itself
(rather than compiler options). This emits R_X86_64_PLT32 relocations,
which are not handled by the kernel linker.
Submitted by: gallatin
Reviewed by: kib
