Commit Graph

240164 Commits

Author SHA1 Message Date
Cy Schubert
052d159a8b MFV r344878:
4.2.8p12 --> 4.2.8p13

MFC after:	immediately
Security:	CVE-2019-8936
		VuXML: c2576e14-36e2-11e9-9eda-206a8a720317
Obtained from:	nwtime.org
2019-03-07 13:36:00 +00:00
Cy Schubert
360c01464a Import 4.2.8p13. 2019-03-07 13:01:16 +00:00
Kristof Provost
16b56c7f4e pf tests: Accelerate tests
Make the tests run slightly faster by having pft_ping.py end the capture
of packets as soon as it sees the expected packet, rather than
continuing to sniff.

MFC after:	2 weeks
2019-03-07 11:09:29 +00:00
Mateusz Piotrowski
fdca34e4a5 Do not reference deskutils/cal from cal.1.
The ports version of cal is an abandonware so in order to minimize the
potential bit rot of our documentation let's not mention it at all.
Interested users are going to find suitable alternatives anyway on their
own.

Reported by:	bapt
Approved by:	bapt (src)
Approved by:	krion (mentor, implicit), mat (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D19492
2019-03-07 11:09:25 +00:00
Mateusz Piotrowski
a832f42afb Document that cal(1) cannot start a week with Monday.
Reviewed by:	bcr
Approved by:	bcr (doc)
Approved by:	krion (mentor, implicit), mat (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D19491
2019-03-07 10:19:40 +00:00
Andrey V. Elsukov
40025d42fd Fix typo.
MFC after:	1 week
2019-03-07 10:01:32 +00:00
Michael Tuexen
e6dcce69ca After removing an entry from the stream scheduler list, set the pointers
to NULL, since we are checking for it in case the element gets inserted
again.

This issue was found by running syzkaller.

MFC after:		3 days
2019-03-07 08:43:20 +00:00
Justin Hibbits
058250a8ab powerpc: Save stack pointer in savectx
This allows 'show acttrace' to show backtrace on processes currently running
on CPUs.

Reported by:	Brandon Bergren
MFC after:	1 week
2019-03-07 04:43:08 +00:00
Andrey V. Elsukov
83354acf5a Fix the problem with O_LIMIT states introduced in r344018.
dyn_install_state() uses `rule` pointer when it creates state.
For O_LIMIT states this pointer actually is not struct ip_fw,
it is pointer to O_LIMIT_PARENT state, that keeps actual pointer
to ip_fw parent rule. Thus we need to cache rule id and number
before calling dyn_get_parent_state(), so we can use them later
when the `rule` pointer is overrided.

PR:		236292
MFC after:	3 days
2019-03-07 04:40:44 +00:00
Matt Macy
8ea23c2b5b add GPL text in addition to SPDX tags as requested by core
MFC after:	1 week
2019-03-07 03:53:48 +00:00
Matt Macy
030963c090 add gcov to LINT build
MFC after:	1 week
2019-03-07 03:50:34 +00:00
Matt Macy
b02af3b2cf Add build time GPL warning when GCOV is enabled
MFC after:	1 week
2019-03-07 03:47:41 +00:00
Alexander Motin
551b7d3a29 Add respective tunables to few ZFS sysctls.
MFC after:	1 week
2019-03-07 01:24:08 +00:00
Conrad Meyer
9a6a45d850 fuse: switch from DFLTPHYS/MAXBSIZE to maxcachebuf
On GENERIC kernels with empty loader.conf, there is no functional change.
DFLTPHYS and MAXBSIZE are both 64kB at the moment.  This change allows
larger bufcache block sizes to be used when either MAXBSIZE (custom kernel)
or the loader.conf tunable vfs.maxbcachebuf (GENERIC) is adjusted higher
than the default.

Suggested by:	ken@
2019-03-07 00:55:49 +00:00
Rebecca Cran
7b1f3e08d9 Document the efivar --load-option option
Reviewed by:	imp, kevans
Sponsored by:	Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D19263
2019-03-07 00:01:28 +00:00
Bjoern A. Zeeb
21231a7aa6 Update for IETF draft-ietf-6man-ipv6only-flag.
All changes are hidden behind the EXPERIMENTAL option and are not compiled
in by default.

Add ND6_IFF_IPV6_ONLY_MANUAL to be able to set the interface into no-IPv4-mode
manually without router advertisement options.  This will allow developers to
test software for the appropriate behaviour even on dual-stack networks or
IPv6-Only networks without the option being set in RA messages.
Update ifconfig to allow setting and displaying the flag.

Update the checks for the filters to check for either the automatic or the manual
flag to be set.  Add REVARP to the list of filtered IPv4-related protocols and add
an input filter similar to the output filter.

Add a check, when receiving the IPv6-Only RA flag to see if the receiving
interface has any IPv4 configured.  If it does, ignore the IPv6-Only flag.

Add a per-VNET global sysctl, which is on by default, to not process the automatic
RA IPv6-Only flag.  This way an administrator (if this is compiled in) has control
over the behaviour in case the node still relies on IPv4.
2019-03-06 23:31:42 +00:00
Conrad Meyer
e7df98863b FUSE: Prevent trivial panic
When open(2) was invoked against a FUSE filesystem with an unexpected flags
value (no O_RDONLY / O_RDWR / O_WRONLY), an assertion fired, causing panic.

For now, prevent the panic by rejecting such VOP_OPENs with EINVAL.

This is not considered the correct long term fix, but does prevent an
unprivileged denial-of-service.

PR:		236329
Reported by:	asomers
Reviewed by:	asomers
Sponsored by:	Dell EMC Isilon
2019-03-06 22:56:49 +00:00
John Baldwin
2e43efd0bb Drop "All rights reserved" from my copyright statements.
Reviewed by:	rgrimes
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D19485
2019-03-06 22:11:45 +00:00
John Baldwin
e91609a771 Divorce MK_GDB from MK_BINUTILS.
This permits legacy GDB to still be built and installed if
WITHOUT_BINUTILS is set (e.g. if base/binutils is installed).

Reviewed by:	emaste
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19480
2019-03-06 20:13:02 +00:00
John Baldwin
bfdf8aa9f7 Regenerate src.conf.5 for recent changes.
Updates include removal of DRM2 and addition of several options
related to secure booting.
2019-03-06 20:10:23 +00:00
Dimitry Andric
01c21ea0a7 Put in a temporary workaround for what is likely a gcc 6 bug (it does
not occur with gcc 7 or later).  This should prevent the following error
from breaking the head-amd64-gcc CI builds:

In file included from /workspace/src/contrib/llvm/tools/lldb/source/API/SBMemoryRegionInfo.cpp:14:0:
/workspace/src/contrib/llvm/tools/lldb/include/lldb/Target/MemoryRegionInfo.h:128:54: error: 'template<class _InputIterator> lldb_private::MemoryRegionInfos::MemoryRegionInfos(_InputIterator, _InputIterator, const allocator_type&)' inherited from 'std::__1::vector<lldb_private::MemoryRegionInfo>'
   using std::vector<lldb_private::MemoryRegionInfo>::vector;
                                                      ^~~~~~
/workspace/src/contrib/llvm/tools/lldb/include/lldb/Target/MemoryRegionInfo.h:128:54: error: conflicts with version inherited from 'std::__1::vector<lldb_private::MemoryRegionInfo>'

Reported by:	CI
2019-03-06 18:19:27 +00:00
Benedict Reuschling
1e61b94049 Update the core-secretary role.
With the last core election, matthew@ stepped down and handed over to jrm@ to
serve as new core secretary. Update this file to match.

Approved by:	core (implicit)
2019-03-06 17:37:56 +00:00
Mark Johnston
f3af92bd36 Reorder copyright lines to preserve the source of "All rights reserved."
Reported by:	rgrimes
MFC with:	r344829, r344830
2019-03-06 16:50:14 +00:00
Alexander Motin
fcc8734127 Flush stdout after each iteration.
Without this, if output is redirected from the console, it is buffered for
too long, making tool quite unusable.

MFC after:	1 week
Sponsored by:	iXsystems, Inc.
2019-03-06 15:19:04 +00:00
Adrian Chadd
34d5464b85 [ath_hal_ar9300] Add the missing bits from the previous HAL commit.
Noticed by: 75+ emails telling me I messed up.
2019-03-06 08:52:02 +00:00
Adrian Chadd
28adfbfe13 [athani] Add a simple tool to list and control ANI parameters.
This is a WIP tool I'm using to figure out why ANI is weirdly busted in my
home FreeBSD AP/STA setup.  Although athstats (mostly) gets the ANI statistics
correct, ANI is making the radio deaf it doesn't recover without being disabled.

It's very WIP.

Tested:

* Carambola 2,  (AR9331), AP/STA mode.
2019-03-06 07:58:19 +00:00
Adrian Chadd
7fbcfe69e7 [ath_hal] [ath_hal_ar9300] ANI fixes and preparation for userland control.
* The ani function bitmap was being badly used when determining if a command
  could be used.  In hostap modes only a couple of the ANI control parameters
  are enabled.

* The ani function bitmap was not being reset to HAL_ANI_ALL if transitioning
  from AP -> STA.

* Change mrcCckOff to mrcCck - 1 == on, rather than 1 == off.  This matches
  the API used to set the value from userland via the diagnostic API.

* Handle OFDM/CCK noise immunity level commands in ar9300_ani_control().
  These will only come from userland and it will go and program the rest of
  the ANI control parameters with the values in the ANI table.

* Ensure all of the ANI parameters can be tweaked at runtime, even if they're
  disabled.

Tested:

* carambola2 (AR9331), STA/AP modes
2019-03-06 07:54:29 +00:00
Marcin Wojtas
13ea0450a9 Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation
UEFI related headers were copied from edk2.

A new build option "MK_LOADER_EFI_SECUREBOOT" was added to allow
loading of trusted anchors from UEFI.

Certificate revocation support is also introduced.
The forbidden certificates are loaded from dbx variable.
Verification fails in two cases:

There is a direct match between cert in dbx and the one in the chain.
The CA used to sign the chain is found in dbx.
One can also insert a hash of TBS section of a certificate into dbx.
In this case verifications fails only if a direct match with a
certificate in chain is found.

Submitted by: Kornel Duleba <mindal@semihalf.com>
Reviewed by: sjg
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision:	https://reviews.freebsd.org/D19093
2019-03-06 06:39:42 +00:00
Rebecca Cran
ce37b71e68 Add retry loop around GetMemoryMap call to fix fragmentation bug
The call to BS->AllocatePages can cause the memory map to become framented,
causing BS->GetMemoryMap to return EFI_BUFFER_TOO_SMALL more than once. For
example this can happen on the MinnowBoard Turbot, causing the boot to stop
with an error. Avoid this by calling GetMemoryMap in a loop.

Reviewed by:	imp, tsoome, kevans
Differential Revision:	https://reviews.freebsd.org/D19341
2019-03-06 05:39:40 +00:00
Cy Schubert
151c6d1020 Remove an empty directory emptied by r343702.
MFC after:	3 days
2019-03-06 02:52:58 +00:00
Mark Johnston
3b5b20292b Implement minidump support for RISC-V.
Submitted by:	Mitchell Horne <mhorne063@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D18320
2019-03-06 00:01:06 +00:00
Mark Johnston
5e58ed820a Add riscv minidump support to libkvm.
Submitted by:	Mitchell Horne <mhorne063@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D19171
2019-03-05 23:59:55 +00:00
Mark Johnston
3a3dfb2815 Initialize dump_avail[] on riscv.
Submitted by:	Mitchell Horne <mhorne063@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D19170
2019-03-05 23:58:16 +00:00
Mark Johnston
91c3fda00b Add pmap_get_tables() for riscv.
This mirrors the arm64 implementation and is for use in the minidump
code.

Submitted by:	Mitchell Horne <mhorne063@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D18321
2019-03-05 23:56:40 +00:00
Marcel Moolenaar
835adc6898 Round # partitions up to fill the last GPT table sector
Set the number of partitions entries in the GPT header to a
multiple of the number of entries that fit in a sector.

PR:		236238
Reviewed by:	imp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19465
2019-03-05 22:55:33 +00:00
Dimitry Andric
0a4621159b Add a few missed files to the MK_LLVM_TARGET_BPF=yes case, otherwise
clang and various other executables will fail to link with undefined
symbols.

Reported by:	O. Hartmann <ohartmann@walstatt.org>
MFC after:	1 month
X-MFC-With:	r344779
2019-03-05 22:04:23 +00:00
Mark Johnston
6a85590370 Show wiring state of map entries in procstat -v.
Note that only entries wired by userspace are shown as such.  In
particular, entries transiently wired by sysctl_wire_old_buffer() are
not flagged as wired in procstat -v output.

Reviewed by:	kib (previous version)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19461
2019-03-05 19:45:37 +00:00
Ed Maste
3f877103dd freebsd-update.8: update example to contemporary versions
PR:		235761
Reported by:	linimon
MFC after:	1 week
2019-03-05 19:17:24 +00:00
Eric Joyner
bc408c7d61 Remove references to CONTIGMALLOC_WORKS in iflib and em
From Jake:
"The iflib_fl_setup() function tries to pick various buffer sizes based
on the max_frame_size value defined by the parent driver. However, this
code was wrapped under CONTIGMALLOC_WORKS, which was never actually
defined anywhere.

This same code pattern was used in if_em.c, likely trying to match
what iflib uses.

Since CONTIGMALLOC_WORKS is not defined, remove this dead code from
iflib_fl_setup and if_em.c

Given that various iflib drivers appear to be using a similar
calculation, it might be worth making this buffer size a value that the
driver can peek at in the future."

Submitted by:	Jacob Keller <jacob.e.keller@intel.com>
Reviewed by:	shurd@
MFC after:	1 week
Sponsored by:	Intel Corporation
Differential Revision:	https://reviews.freebsd.org/D19199
2019-03-05 19:12:51 +00:00
Ed Maste
80a8c751ea libllvm: promote WithColor and xxhash to SRCS_MIN
The armv6 build failed in CI due to missing symbols (from these two
source files) in the bootstrap Clang.

This affected only armv6 because other Clang-using archs are using LLD
as the bootstrap linker, and thus include SRCS_MIW via LLD_BOOTSTRAP.

Reported by:	CI, via lwhsu
Sponsored by:	The FreeBSD Foundation
2019-03-05 16:18:06 +00:00
Kristof Provost
3846e5755f tun tests: Test renaming and destroying a tun interface in a vnet jail
There was a problem destroying renamed tun interfaces in vnet jails. This was
fixed in r344794. Test the previously failing scenario.

PR:		235704
MFC after:	2 weeks
2019-03-05 15:49:30 +00:00
Alexander Leidinger
3df898baed remove the removed-from-source drm/drm2 parts 2019-03-05 15:23:28 +00:00
Hans Petter Selasky
1efeb40d1d Fix typos in libusb.
Found by:		Denis Ahrens <denis@h3q.com>
MFC after:		1 week
Sponsored by:		Mellanox Technologies
2019-03-05 14:47:15 +00:00
Kristof Provost
5ea5849a7b tun: VIMAGE fix for if_tun cloner
The if_tun cloner is not virtualised, but if_clone_attach() does use a
virtualised list of cloners.
The result is that we can't find the if_tun cloner when we try to remove
a renamed tun interface. Virtualise the cloner, and move the final
cleanup into a sysuninit so that we're sure this happens after all of
the vnet_sysuninits

Note that we need unit numbers to be system-unique (rather than unique
per vnet, as is done by if_clone_simple()). The unit number is used to
create the corresponding /dev/tunX device node, and this node must match
with the interface.
Switch to if_clone_advanced() so that we have control over the unit
numbers.

Reproduction scenario:
	jail -c -n foo persist vnet
	jexec test ifconfig tun create
	jexec test ifconfig tun0 name wg0
	jexec test ifconfig wg0 destroy

PR:		235704
Reviewed by:	bz, hrs, hselasky
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19248
2019-03-05 13:21:07 +00:00
Justin Hibbits
bc2b9c015f Fix binutils compilation error with Clang 8
Summary:
This change fixes the following compilation error when using clang 8 to cross
compile base to powerpc64:

```
/usr/src/gnu/usr.bin/binutils/libopcodes/../../../../contrib/binutils/opcodes/ppc-dis.c💯35:
error: arithmetic on a null pointer treated as a cast from integer to pointer is
a GNU extension [-Werror,-Wnull-pointer-arithmetic]
  info->private_data = (char *) 0 + dialect;
		       ~~~~~~~~~~ ^
1 error generated.
*** [ppc-dis.o] Error code 1

make[6]: stopped in /usr/src/gnu/usr.bin/binutils/libopcodes
1 error
```

Test Plan:
- buildworld for x86_64 (native)
- buildworld for powerpc64 (cross)
- buildworld for powerpc64 (native)

Submitted by:	alfredo.junior_eldorado.org.br
Reviewed By:	emaste, pfg, brooks
Differential Revision:	https://reviews.freebsd.org/D19235
2019-03-05 04:16:50 +00:00
Marcel Moolenaar
96937e3b23 Revert revision 254095
In revision 254095, gpt_entries is not set to match the on-disk
hdr_entries, but rather is computed based on available space.
There are 2 problems with this:

1.  The GPT backend respects hdr_entries and only reads and writes
    that number of partition entries.  On top of that, CRC32 is
    computed over the table that has hdr_entries elements.  When
    the common code works on what is possibly a larger number, the
    behaviour becomes inconsistent and problematic.  In particular,
    it would be possible to add a new partition that on a reboot
    isn't there anymore.
2.  The calculation of gpt_entries is based on flawed assumptions.
    The GPT specification does not dictate that sectors are layed
    out in a particular way that the available space can be
    determined by looking at LBAs.  In practice, implementations
    do the same thing, because there's no reason to do it any
    other way.  Still, GPT allows certain freedoms that can be
    exploited in some form or shape if the need arises.

PR:		229977
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19438
2019-03-05 04:15:34 +00:00
Hiroki Sato
9ae4c2a48d Fix grammar.
Submitted by:	Massimiliano Stucchi
2019-03-05 02:53:41 +00:00
Simon J. Gerraty
02a4bc589c Allow for reproducible build
Use SOURCE_DATE_EPOCH for BUILD_UTC if MK_REPRODUCIBLE_BUILD is yes.
Default SOURCE_DATE_EPOCH to 2019-01-01

Reviewed by:	emaste
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org/D19464
2019-03-04 22:04:21 +00:00
Alexander Motin
c3c93809f6 bridge: Fix spurious warnings about capabilities
Mask off the bits we don't care about when checking that capabilities
of the member interfaces have been disabled as intended.

Submitted by:	Ryan Moeller <ryan@ixsystems.com>
Reviewed by:	kristof, mav
MFC after:	1 week
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D18924
2019-03-04 22:01:09 +00:00
Simon J. Gerraty
fd1d7567d8 Add -d flag to load command
When doing load -t manifest -d increments debug level

Reviewed by:	stevek
2019-03-04 19:50:59 +00:00