Commit Graph

254975 Commits

Author SHA1 Message Date
dim
3e583736c9 Merge ^/head r338731 through r338987. 2018-09-27 20:00:07 +00:00
gordon
19c946c159 Clear stack allocated data structure to prevent kernel memory leak.
Reported by:	Thomas Barabosch, Fraunhofer FKIE
Reviewed by:	wes@
Approved by:	re (implicit)
Approved by:	so
Security:	FreeBSD-EN-18:12.mem
Security:	CVE-2018-17155
2018-09-27 18:39:54 +00:00
ygy
12af918bba Add description, parameters, options, sysctl and examples of using AQMs to ipfw man page. CoDel, PIE, FQ-CoDel and FQ-PIE AQM for Dummynet exist in FreeBSD 11 and 10.3.
Submitted by:	ralsaadi@swin.edu.au
Reviewed by:	AllanJude
Approved by:	re (gjb)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D12507
2018-09-27 18:14:01 +00:00
jhb
aec136b8f3 Don't clear DR6 for debug exceptions from userland.
This reverts part of r333368.  The attempt to clear DR6 was occuring
too soon as trapsignal() does not pause to let the debugger notice the
SIGTRAP and query DR6.  The signal exchange does not occur until much
later during ast().  As a result, GDB was no longer recognizing
hardware breakpoints and watchpoints on x86.

In addition, any userland programs that want to inspect DR6 in a
SIGTRAP handler don't have a way to do this if we clear DR6 in the
exception handler.

Instead of relying on the kernel to clear DR6, debuggers will have to
explicitly clear it after a trace trap (which they needed to do on
older kernels anyway).

Reviewed by:	kib
Approved by:	re (delphij)
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D17319
2018-09-27 17:33:59 +00:00
mjg
09cca5134d amd64: reimplement libc memcmp and bcmp with kernel memcmp
Both are significantly slower than hand-coded loops. See r338963 for
kernel commit.

bcmp differs from memcmp by always returning 1 when a difference is
found, as opposed to going for a value bigger or lower than 0
depending on what it is. This means it can do less work. For now the
code is duplicated and modified. This will get deduplicated after
another round of optimization when memcmp will get a longer-term form.

Both tested with the glibc suite. While the suite does not have a test
for bcmp, I created a wrapper routine which verified that values match
(0 vs 0, 1 vs non-zero).

Reviewed by:	kib
Approved by:	re (gjb)
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17336
2018-09-27 17:08:29 +00:00
mjg
b091ea3772 amd64: macroify and mostly depessimize copyinstr
See r338968 for details.

Reviewed by:	kib
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17288
2018-09-27 15:53:36 +00:00
bz
3555315153 In in6_pcbpurgeif0() called, e.g., from if_clone_destroy(),
once we have a lock, make sure the inp is not marked freed.
This can happen since the list traversal and locking was
converted to epoch(9).  If the inp is marked "freed", skip it.

This prevents a NULL pointer deref panic later on.

Reported by:	slavash (Mellanox)
Tested by:	slavash (Mellanox)
Reviewed by:	markj (no formal review but caught my unlock mistake)
Approved by:	re (kib)
2018-09-27 15:32:37 +00:00
mjg
970686fcda amd64: mostly depessimize copystr
- remove a forward branch in the common case
- replace xchg + lodsb/stosb loop with simple movs

A simple test on Intel(R) Core(TM) i7-4600U CPU @ 2.10GH copying
/foo/bar/baz in a loop goes from 295715863 ops/s to 465807408.

Further changes are pending.

Reviewed by:	kib
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17281
2018-09-27 15:27:53 +00:00
mjg
f4f40b7c3e amd64: clean up copyin/copyout
- move the PSL.AC comment to the fault handler
- stop testing for zero-sized ops. after several minutes of package
building there were no copyin calls with zero bytes and very few
copyout. the semantic of returning 0 in this case is preserved
- shorten exit paths by clearing %eax earlier
- replace xchg with 3 movs. this is what compilers do. a naive
benchmark on EPYC suggests about 1% increase in thoughput thanks to
this change.
- remove the useless movb %cl,%al from copyout. it looks like a
leftover from many years ago

Reviewed by:	kib
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17286
2018-09-27 15:24:16 +00:00
0mp
6502337973 lib(4): Fix mdoc issues.
- Fix "mandoc -Tlint" warnings.
- Use the "Er" macro for errors.
- Add an extra newline for readability.
- Reference m_pullup(9) and m_defrag(9).
- Use the "Fx" macro when talking about FreeBSD versions.

Reviewed by:	bcr
Approved by:	re (gjb), krion (mentor)
Differential Revision:	https://reviews.freebsd.org/D17270
2018-09-27 14:52:42 +00:00
kib
64a37e7928 Remove -m (update) from ldconfig -32 & -soft invocation on startup.
Since r154114 which introduced ldconfig_local32_dirs, ldconfig -32 was
called with -m. This means that ld-elf32.so.hints paths set is not
cleared for compat32 on boot, unlike ld,so,hints.  Same -m was used in
r294295 for ld-elf-soft.so.hints on arm.  The patch fixes the
asymmetry.

Noted by:	Andreas Longwitz <longwitz@incore.de>
Reviewed by:	brooks, emaste, imp
Discussed with:	bdrewery
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D17331
2018-09-27 14:31:41 +00:00
mjg
378786ebf3 amd64: implement memcmp in assembly
Both the in-kernel C variant and libc asm variant have very poor performance.
The former compiles to a single byte comparison loop, which breaks down even
for small sizes. The latter uses rep cmpsq/b which turn out to have very poor
throughput and are slower than a hand-coded 32-byte comparison loop.

Depending on size this is about 3-4 times faster than the current routines.

Reviewed by:	kib
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17328
2018-09-27 14:05:44 +00:00
andrew
4ddccdfc0e Export ID_AA64PFR0_EL1 to userland
Create a user view of the ID_AA64PFR0_EL1 register with values common
across all CPUs.

Approved by:	re (kib)
Sponsored by:	ABT Systems Ltd
Differential Revision:	https://reviews.freebsd.org/D17301
2018-09-27 13:54:09 +00:00
andrew
9fab1c4f94 Move the undefined instruction handler to identcpu.c so we have access
to the registers from boot.

Approved by:	re (kib)
Sponsored by:	ABT Systems Ltd
Differential Revision:	https://reviews.freebsd.org/D17301
2018-09-27 13:50:57 +00:00
0mp
fc4dfb419b Cross-reference style.Makefile(5) from make(1) and make.conf(5).
Reviewed by:	krion, mat, sjg
Approved by:	re (gjb), krion (mentor), mat (mentor)
Sponsored by:	Bally Wulff Games & Entertainment GmbH
Differential Revision:	https://reviews.freebsd.org/D17170
2018-09-27 12:20:32 +00:00
0mp
56e8b45337 newvers.sh: Unbreak building in Git repositories.
Building the kernel in Git repositories when git-svn is not available and
the "help.autocorrect" Git parameter is enabled results in Git trying to
replace the "svn" command (it does not know) with "serve". As a result the
output of the "git server" command is appended to the value of the
environmental variable VERINFO, which causes the auto generated vers.c
file to contain invalid C syntax (missing newline escapes):

    #define "@(#)FreeBSD 12.0-ALPHA7  r000eversion 2
    0015agent=git/2.19.0
    000cls-refs
    0012fetch=shallow
    0012server-option
    0000=5e2272613fa(splash-vt)"
    #define VERSTR "FreeBSD 12.0-ALPHA7  r000eversion 2
    0015agent=git/2.19.0
    000cls-refs
    0012fetch=shallow
    0012server-option
    0000=5e2272613fa(splash-vt)\n"

Using `-c help.autocorrect=0` seems to be a good solution as it does not
modify user's environment. I am not sure, however, if we should use
programs (or Git commands), which we are not sure exist (we never check if
git-svn is available on the host), as there may be more unexpected
behaviors like this one.

Reviewed by:	eadler, emaste, krion
Approved by:	re (gjb), krion (mentor)
Sponsored by:	Bally Wulff Games & Entertainment GmbH
Differential Revision:	https://reviews.freebsd.org/D17271
2018-09-27 12:15:31 +00:00
0mp
e65e357a63 msdosfs(5): Explain how to determine version of the FAT file system.
While here, remove deprecated Tn macros.

Reviewed by:	bcr
Approved by:	re (gjb), krion (mentor)
Sponsored by:	Bally Wulff Games & Entertainment GmbH
Differential Revision:	https://reviews.freebsd.org/D17237
2018-09-27 12:08:53 +00:00
andrew
f81459bd83 Handle a guest executing a vm instruction by trapping and raising an
undefined instruction exception. Previously we would exit the guest,
however an unprivileged user could execute these.

Found with:	syzkaller
Reviewed by:	araujo, tychon (previous version)
Approved by:	re (kib)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D17192
2018-09-27 11:16:19 +00:00
kib
5982fcac46 Provide refobj context when doing libmap substitution inside
search_library_path().

This corrects the scope of libmap matches.

Reported and tested by:	Andreas Longwitz <longwitz@incore.de>
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
2018-09-26 21:28:14 +00:00
kib
9593a6d4aa When doing lm_add(), check for duplicates.
This is useful when lm_find() moves the match to the global mapping,
since lm_find() could be called with a same path more than once.

Reported and tested by:	Andreas Longwitz <longwitz@incore.de>
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
2018-09-26 21:27:08 +00:00
np
c62dd85a5c cxgbe(4): Enable support for per-connection rate limiting in the default
firmware configuration files.

Approved by:	re@ (gjb@)
Sponsored by:	Chelsio Communications
2018-09-26 21:16:07 +00:00
sef
9d49d7417f Add per-session locking to cryptosoft (swcr).
As part of ZFS Crypto, I started getting a series of panics when I did not
have AESNI loaded.  Adding locking fixed it, and I concluded that the
Reinit function altered the AES key schedule.  This locking is not as
fine-grained as it could be (AESNI uses per-cpu locking), but
it's minimally invasive.

Sponsored by: iXsystems Inc
Reviewed by: cem, mav
Approved by: re (gjb), mav (mentor)
Differential Revision: https://reviews.freebsd.org/D17307
2018-09-26 20:23:12 +00:00
imp
7978d887d8 Relax syntax requirements of source string
The original spec for the strings describing the PNP info didn't allow
spaces. Several times now people have broken the install by including
them. Relax the syntax to allow them after the ; which is where
people's muscle memory tends to put them.

Approved by: re@ (gjb)
2018-09-26 19:41:06 +00:00
imp
e09f72f534 Remove bogus spaces.
Spaces aren't allowed in these strings.

Approved by: re@ (glen)
2018-09-26 19:41:00 +00:00
bdrewery
c496f06161 Handle overflow of uid or gid in arguments for chown
chown incorrectly allows a uid or gid greater than UID_MAX/GID_MAX respectively.
Using such an argument rolls over to accounts such as root, operator, etc.

Approved by:	re (gjb)
Relnotes:	yes
Reviewed by:	cem, kib
Submitted by:	Don Morris <dgmorris@earthlink.net>
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D15119
2018-09-26 18:40:57 +00:00
imp
7c0d7c1091 Add PNP info to PCI attachments of cbb, cxgb, ida, iwn, ixl, ixlv,
mfi, mps, mpr, mvs, my, oce, pcn, ral, rl. This only labels existing
pci device tables, and has no probe / attach code changes.

Reviewed by: imp, chuck
Submitted by: Lakhan Shiva Kamireddy <lakhanshiva@gmail.com>
Sponsored by: Google, Inc. (GSoC 2018)
Approved by: re (glen)
2018-09-26 17:12:30 +00:00
imp
8efc2b3f05 Reapply, with minor tweaks, r338025, from the original commit:
Remove unused and easy to misuse PNP macro parameter

Inspired by r338025, just remove the element size parameter to the
MODULE_PNP_INFO macro entirely.  The 'table' parameter is now required to
have correct pointer (or array) type.  Since all invocations of the macro
already had this property and the emitted PNP data continues to include the
element size, there is no functional change.

Mostly done with the coccinelle 'spatch' tool:

  $ cat modpnpsize0.cocci
    @normaltables@
    identifier b,c;
    expression a,d,e;
    declarer MODULE_PNP_INFO;
    @@
     MODULE_PNP_INFO(a,b,c,d,
    -sizeof(d[0]),
     e);

    @singletons@
    identifier b,c,d;
    expression a;
    declarer MODULE_PNP_INFO;
    @@
     MODULE_PNP_INFO(a,b,c,&d,
    -sizeof(d),
     1);

  $ rg -l MODULE_PNP_INFO -- sys | \
    xargs spatch --in-place --sp-file modpnpsize0.cocci

(Note that coccinelle invokes diff(1) via a PATH search and expects diff to
tolerate the -B flag, which BSD diff does not.  So I had to link gdiff into
PATH as diff to use spatch.)

Tinderbox'd (-DMAKE_JUST_KERNELS).
Approved by: re (glen)
2018-09-26 17:12:14 +00:00
ae
07abcaa574 Add "src-ip" or "dst-ip" keyword to the output, when we are printing the
rest of rule options.

Reported by:	lev
Approved by:	re (gjb)
MFC after:	1 week
2018-09-26 15:37:48 +00:00
emaste
0c702323b4 add REPRODUCIBLE_BUILD note to UPDATING
Reported by:	bz
Approved by:	re (gjb)
2018-09-26 15:07:06 +00:00
ae
6c193bda23 Fix witness warning in xform_init().
Do not call crypto_newsession() while holding xforms_lock mutex.
Release mutex before invoking crypto_newsession(), and use
ipsec_kmod_enter()/ipsec_kmod_exit() functions to protect from doing
access to unloaded kernel module memory.

Move xform-releated functions into subr_ipsec.c to be able use
ipsec_kmod_* functions. Also unconditionally build ipsec_kmod_*
functions, since now they are always used by IPSec code.

Add xf_cntr field to struct xformsw, it is used by ipsec_kmod_*
functions. Also constify xf_name field, since it is not expected to be
modified.

Approved by:	re (kib)
Differential Revision:	https://reviews.freebsd.org/D17302
2018-09-26 14:47:51 +00:00
emaste
6af7b6a1fe Clarify UPDATING entry about lld
The workaround described in the 20180530 entry is no longer required.
Amend that entry and add a new 20180530 entry noting lld is the
default amd64 linker.

Reviewed by:	imp
Approved by:	re (kib)
2018-09-26 14:32:36 +00:00
slavash
f297c4c762 Add PCIV_INVALID definition
From PCI Spec rev 2.2, 6.2.1. Device Identification:
Vendor ID This field identifies the manufacturer of the device. Valid
vendor identifiers are allocated by the PCI SIG to ensure uniqueness.
0FFFFh is an invalid value for Vendor ID.

MFC after:      3 days
Approved by:    re (Glen), hselasky (mentor), kib (mentor)
Sponsored by:   Mellanox Technologies
2018-09-26 13:16:55 +00:00
tuexen
26444c890a Whitespace changes and fixing a typo. No functional change.
Approved by:	re (kib@)
MFC after:	1 week
2018-09-26 10:24:50 +00:00
np
a62d8e729c cxgbe(4): Treat base/end of firmware parameters as signed integers when
figuring out whether the range is valid or not.

Approved by:	re@ (rgrimes@)
MFC after:	1 week
Sponsored by:	Chelsio Communications
2018-09-26 02:27:37 +00:00
kib
ebeb3285f5 Fix some uses of dmaplimit.
dmaplimit is the first byte after the end of DMAP.

Reported by:	"Johnson, Archna" <Archna.Johnson@netapp.com>
Reviewed by:	alc, markj
Approved by:	re (gjb)
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D17318
2018-09-25 20:07:58 +00:00
andreast
bbfa8d7720 Bring the 32-bit powerpc (PowerMac) back to live. The commit 338486 reworked
some TLS bits. This broke operation on the PowerMac. Namely one could not login.
At login the screen/shell was giving back lots of backslashes and the login
shell dumped core.

The fix to this issue is to revert the powerpc commit from 338486 and to
increase the TLS_TCB_SIZE to 16.
Reverting only did not help, login was possible but userland applications
aborted with strange messages.

I tested this patch with world/kernel builds and with port upgrades.
Additionally a full gcc8 bootstrap was successfully completed.

Reviewed by: jhibbits@
Approved by: re (Glen)
2018-09-25 19:29:35 +00:00
emaste
a1844f4acd Do not remove ld man page if lld is enabled and binutils is not
Reported by:	Mark Millard
Approved by:	re (gjb)
Sponsored by:	The FreeBSD Foundation
2018-09-25 18:54:18 +00:00
kib
fc00112ea8 Fix an issue in r338862.
For pmap_invalidate_all_pcid(), only reset pm_gen for non-kernel
pmaps, as it was done before the conversion to ifuncs.  The reset is
useless but innocent for kernel_pmap. Coverity reported that cpuid is
used uninitialized in this case.

Reported by:	cem
Reviewed by:	alc, cem, markj
CID:	 1395807
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
Differential revision:	https://reviews.freebsd.org/D17314
2018-09-25 18:24:25 +00:00
mjg
32bf729b0a zfs: depessimize zfs_root with rmlocks
Currently vfs calls the root method on each absolute lookup and when
crossing mount points.

zfs_root ends up looking up the inode internally as if it was not
instantianted which results in significant lock contention on systems
like EPYC.

Store the vnode in the mount point and protect the access with rmlocks.
This is a temporary hack for 12.0.

Sample result:

before:
make -s -j 128 buildkernel 2778.09s user 3319.45s system 8370% cpu 1:12.85 total

after:
make -s -j 128 buildkernel 3199.57s user 1772.78s system 8232% cpu 1:00.40 total

Tested by:	pho (zfs mount/unmount tests)
Reviewed by:	kib, mav, sef (different parts)
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17233
2018-09-25 17:58:06 +00:00
brooks
225ce82f4b Don't override LDFLAGS set in bsd.cpu.mk.
This is a direct commit to a generated file.  Simon plans to fix this
upstream before the next import.

PR:		231557
Approved by:	re (gjb)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
2018-09-25 15:25:42 +00:00
np
eb5896f52d cxgbe(4): Link related changes.
- Switch to using 32b port/link capabilities in the driver.  The 32b
  format is used internally by firmwares > 1.16.45.0 and the driver will
  now interact with the firmware in its native format, whether it's 16b
  or 32b.  Note that the 16b format doesn't have room for 50G, 200G, or
  400G speeds.

- Add a bit in the pause_settings knobs to allow negotiated PAUSE
  settings to override manual settings.

- Ensure that manual link settings persist across an administrative
  down/up as well as transceiver unplug/replug.

- Remove unused is_*G_port() functions.

Approved by:	re@ (gjb@)
MFC after:	1 month
Sponsored by:	Chelsio Communications
2018-09-25 05:52:42 +00:00
jhibbits
0b4a4336f2 powerpc: Blacklist the top 64kB range of the lower 4GB PA space
The PHB4 host bridge used by the POWER9 uses a 64kB range in 32-bit
space at the address 0xffff0000-0xffffffff.  Reserve this range so that
DMA memory cannot be allocated within this range.  This fixes seemingly
random crashes on a POWER9 system.  Ideally this range will have been
reserved by the firmware, but as of now this is not the case.

Submitted by:	git_bdragon.rtk0.net
Reviewed by:	nwhitehorn
Approved by:	re(kib)
Differential Revision:	https://reviews.freebsd.org/D17183
2018-09-25 02:34:28 +00:00
cperciva
7fe1a71446 Recognize the Amazon PCI serial device found in i3.metal EC2 instances
as an NS8250 UART.

Reviewed by:	sbruno, imp
Approved by:	re (delphij)
Sponsored by:	https://www.patreon.com/cperciva
Differential Revision:	https://reviews.freebsd.org/D17250
2018-09-24 22:15:04 +00:00
0mp
93e2db7e42 sysctl(8): Add a standard exit status section.
Reviewed by:	bcr
Approved by:	re (gjb), krion (mentor)
Differential Revision:	https://reviews.freebsd.org/D17147
2018-09-24 20:46:45 +00:00
markj
625c57d19c Add more NUMA-specific low memory predicates.
Use these predicates instead of inline references to vm_min_domains.
Also add a global all_domains set, akin to all_cpus.

Reviewed by:	alc, jeff, kib
Approved by:	re (gjb)
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17278
2018-09-24 19:24:17 +00:00
mmacy
465919069e restore pmccontrol -L behavior on x86
When I updated counter definition handling for x86 I broke
'pmccontrol -L' listing counter names. This just changes
pmccontrol to call the library function on x86.

PR:	230984
Approved by:	re (kib@)
2018-09-24 19:06:09 +00:00
jhb
82dcbd5dab Restore the API of the kf_sa_local and kf_sa_peer members.
In 11.x and earlier these were accessible as direct members of 'struct
kinfo_file'.  Existing code already knows about the new location of
these members as well, so wrapper macros did not work for these
fields.  Instead, define an anonymous struct containing the fields
from 'struct kinfo_file' in FreeBSD 11 that were not part of the
'kf_un' union.  This anonymous struct is then placed in an anonymous
union along with the new 'kf_un' union.  This preserves the API of
both structure layouts without requiring any wrapper macros.

PR:		231525
Reviewed by:	kib
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17262
2018-09-24 18:20:38 +00:00
jhb
7815615253 Implement pmap_sync_icache().
This invokes "fence" on the hart performing the write followed by an IPI
to execute "fence.i" on all harts.

This is required to support userland debuggers setting breakpoints in
user processes.

Reviewed by:	br (earlier version), markj
Approved by:	re (gjb)
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D17139
2018-09-24 17:41:29 +00:00
mav
d88eb6692d Fix use-after-free in RAID0 error reporting of GEOM_RAID.
PR:		231510
Submitted by:	yangx92@hotmail.com
Approved by:	re (gjb)
MFC after:	1 week
2018-09-24 16:58:55 +00:00
alc
337ee8ed9f Passing UMA_ZONE_NOFREE to uma_zcreate() for swpctrie_zone and swblk_zone is
redundant, because uma_zone_reserve_kva() is performed on both zones and it
sets this same flag on the zone.  (Moreover, the implementation of the swap
pager does not itself require these zones to be UMA_ZONE_NOFREE.)

Reviewed by:	kib, markj
Approved by:	re (gjb)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D17296
2018-09-24 16:49:02 +00:00