Commit Graph

242799 Commits

Author SHA1 Message Date
Mark Johnston
4fa0295937 Chase r350037.
Reported by:	jenkins
MFC with:	r350037
Sponsored by:	The FreeBSD Foundation
2019-07-16 16:02:20 +00:00
Eric van Gyzen
9d3ecb7e62 Adds signal number format to kern.corefile
Add format capability to core file names to include signal
that generated the core. This can help various validation workflows
where all cores should not be considered equally (SIGQUIT is often
intentional and not an error unlike SIGSEGV or SIGBUS)

Submitted by:	David Leimbach (leimy2k@gmail.com)
Reviewed by:	markj
MFC after:	1 week
Relnotes:	sysctl kern.corefile can now include the signal number
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D20970
2019-07-16 15:51:09 +00:00
Mark Johnston
7af2abed6a Always use the software DBM bit for now.
r350004 added most of the machinery needed to support hardware DBM
management, but it did not intend to actually enable use of the hardware
DBM bit.

Reviewed by:	andrew
MFC with:	r350004
Sponsored by:	The FreeBSD Foundation
2019-07-16 15:41:09 +00:00
Mark Johnston
32e09b04ce Fix the arm64 page table entry attribute mask.
It did not include the DBM or contiguous bits.

Reported by:	andrew
Reviewed by:	andrew
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2019-07-16 15:38:01 +00:00
Mark Johnston
9da9cb48e9 Propagate attribute changes during demotion.
After r349117 and r349122, some mapping attribute changes do not trigger
superpage demotion. However, pmap_demote_l2() was not updated to ensure
that the replacement L3 entries carry any attribute changes that
occurred since promotion.

Reported and tested by:	manu
Reviewed by:	alc
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20965
2019-07-16 14:40:49 +00:00
Michael Tuexen
1f69b3fb55 Add support for ICMPv6 messages indicating a parameter problem related
to an unrecognized next header.

MFC after:		2 weeks
2019-07-16 12:57:59 +00:00
Michael Tuexen
64694fdcc0 Let packet_op() explicitly return the type and code instead of doing
this implicitly by encoding it in a number space.

No functional change intended.

This is done as a preparation to add support for ICMPv6 mesages
indicating a parameter problem related to the next header.

MFC after:		2 weeks
2019-07-16 12:38:17 +00:00
Michael Tuexen
83c022b5c0 Whitespace change. No functional change.
MFC after:		2 weeks
2019-07-16 10:06:41 +00:00
Andriy Gapon
a70e114dc6 bge: check that the bus is a pci bus before using it as such
This fixes the following panic on powerpc:
  pci_get_vendor failed for pcib1 on bus ofwbus0, error = 2

PR:		238730
Reported by:	Dennis Clarke <dclarke@blastwave.org>
Tested by:	Dennis Clarke <dclarke@blastwave.org>
MFC after:	2 weeks
2019-07-16 08:36:49 +00:00
Mariusz Zaborski
5eac9c1cb0 strings: extends rights
The libelf is using mmap if it can, if not it was fall backing to read.

Reported by:	markj
2019-07-16 04:17:25 +00:00
Justin Hibbits
8d00d89228 powerpc: Fix casueword(9) post-r349951
'=' asm constraint marks a variable as write-only.  Because of this, gcc
throws away the initialization of 'res', causing garbage to be returned if
the CAS was successful.  Use '+' to mark res as read/write, so that the
initialization stays in the generated asm.  Also, fix the reservation
clearing stwcx store index register in casueword32, and only do the dummy
store when needed, skip it if the real store has already succeeded.
2019-07-16 03:55:27 +00:00
Mariusz Zaborski
5ff84ed38f strings: fix entering to the capability mode
Reported by:	markj
2019-07-16 03:32:21 +00:00
Alan Cox
43184d8e5c Revert r349973. Upon further reflection, I realized that the comment
deleted by r349973 is still valid on i386.  Restore it.

Discussed with:	   markj
2019-07-16 03:09:03 +00:00
Warner Losh
237024606a Use a different approach to range check.
gcc hates dt < CC_DT_NONE since it can never be true when dt is an unsigned
type. Since that's a compiler choice and may be affected by weird stuff, instead
use (unsigned)dt > CC_DT_UNKNOWN to test for bounds error since that will work
regardless of the signedness of dt.
2019-07-15 23:43:38 +00:00
Olivier Cochard
f53a2a1f61 Fix filename to avoid skipping lib/libc/net/servent test.
PR:		239177
Approved by:	ngie
MFC after:	1 month
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D20943
2019-07-15 23:41:00 +00:00
Warner Losh
d455c0d04a Implement a devtype command.
List the device's protocol. The returned value is one of the following:
	ata	direct attach ATA or SATA device
	satl	a SATA device attached via SAS
	scsi	A parallel SCSI or SAS
	nvme	A direct attached NVMe device
	mmcsd	A MMC or SD attached device

Reviewed by: scottl@, rpokala@
Differential Revision: https://reviews.freebsd.org/D20950
2019-07-15 22:33:37 +00:00
John Baldwin
32451fb9fc Add ptrace op PT_GET_SC_RET.
This ptrace operation returns a structure containing the error and
return values from the current system call.  It is only valid when a
thread is stopped during a system call exit (PL_FLAG_SCX is set).

The sr_error member holds the error value from the system call.  Note
that this error value is the native FreeBSD error value that has _not_
been translated to an ABI-specific error value similar to the values
logged to ktrace.

If sr_error is zero, then the return values of the system call will be
set in sr_retval[0] and sr_retval[1].

Reviewed by:	kib
MFC after:	1 month
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D20901
2019-07-15 21:48:02 +00:00
Ian Lepore
0cc1098a1a In nxprtc(4), use the countdown timer for better timekeeping resolution
on PCx2129 chips too.

The datasheet for the PCx2129 chips says that there is only a watchdog
timer, no countdown timer.  It turns out the countdown timer hardware is
there and works just the same as it does on a PCx2127 chip, except that you
can't use it to trigger an interrupt or toggle an output pin.  We don't need
interrupts or output pins, we only need to read the timer register to get
sub-second resolution.  So start treating the 2129 chips the same as 2127.
2019-07-15 21:47:40 +00:00
Ian Lepore
a134d96ef1 Fix nxprtc(4) on systems that support i2c repeat-start correctly.
An obscure footnote in the datasheets for the PCx2127, PCx2129, and
PCF8523 rtc chips states that the chips do not support i2c repeat-start
operations.  When the driver was originally written and tested, the i2c
bus on that system also didn't support repeat-start and just quietly
turned repeat-start operations into a stop-then-start, making it appear
that the nxprtc driver was working properly.

The repeat-start situation only comes up on reads, so instead of using
the standard iicdev_readfrom(), use a local nxprtc_readfrom(), which is
just a cut-and-pasted copy of iicdev_readfrom(), modified to send two
separate start-data-stop sequences instead of using repeat-start.
2019-07-15 21:40:58 +00:00
John Baldwin
c8ea87310c Add a test for PT_GET_SC_ARGS.
Reviewed by:	kib
MFC after:	1 month
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D20899
2019-07-15 21:26:55 +00:00
John Baldwin
c18ca74916 Don't pass error from syscallenter() to syscallret().
syscallret() doesn't use error anymore.  Fix a few other places to permit
removing the return value from syscallenter() entirely.
- Remove a duplicated assertion from arm's syscall().
- Use td_errno for amd64_syscall_ret_flush_l1d.

Reviewed by:	kib
MFC after:	1 month
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D2090
2019-07-15 21:25:16 +00:00
John Baldwin
1af9474b26 Always set td_errno to the error value of a system call.
Early errors prior to a system call did not set td_errno.  This commit
sets td_errno for all errors during syscallenter().  As a result,
syscallret() can now always use td_errno without checking TDP_NERRNO.

Reviewed by:	kib
MFC after:	1 month
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D20898
2019-07-15 21:16:01 +00:00
Michael Tuexen
8a3cfbff92 Don't free read control entries, which are still on the stream queue when
adding them the the read queue fails

MFC after:		1 week
2019-07-15 20:45:01 +00:00
Warner Losh
40152db5d3 Use the more proper term of SATL instead of ATA_BEHIND_SCSI.
Most people know SAS attached SATA devices by the name SAT or SATL
(with the latter being a little more common). Change the device type
ATA_BEHIND_SCSI to SATL since it's more specific and meaningful.

Suggested by: scottl@
2019-07-15 20:25:41 +00:00
Konstantin Belousov
9f7b7da5bf In do_sem2_wait(), balance umtx_key_get() with umtx_key_release() on retry.
Reported by:	ler
Bisected and reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	12 days
2019-07-15 19:18:25 +00:00
Mark Johnston
ca2cae0b4d Implement software access and dirty bit management for arm64.
Previously the arm64 pmap did no reference or modification tracking;
all mappings were treated as referenced and all read-write mappings
were treated as dirty.  This change implements software management
of these attributes.

Dirty bit management is implemented to emulate ARMv8.1's optional
hardware dirty bit modifier management, following a suggestion from alc.
In particular, a mapping with ATTR_SW_DBM set is logically writeable and
is dirty if the ATTR_AP_RW_BIT bit is clear.  Mappings with
ATTR_AP_RW_BIT set are write-protected, and a write access will trigger
a permission fault.  pmap_fault() handles permission faults for such
mappings and marks the page dirty by clearing ATTR_AP_RW_BIT, thus
mapping the page read-write.

Reviewed by:	alc
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20907
2019-07-15 17:13:32 +00:00
Mark Johnston
1fd21cb005 pmap_clear_modify() needs to clear PTE_W.
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2019-07-15 15:45:33 +00:00
Mark Johnston
24074d28ec Fix reference counting in pmap_ts_referenced() on RISC-V.
pmap_ts_referenced() does not necessarily clear the access bit from
all accessed mappings of a given page.  Thus, if a scan of the mappings
needs to be restarted, we should be careful to avoid double-counting
accessed mappings whose access bits were not cleared in a previous
attempt.

Reported by:	alc
Reviewed by:	alc
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20926
2019-07-15 15:43:15 +00:00
Emmanuel Vadot
e52acf6a46 Remove duplicated device firmware entry in generic arm kernel config added in r333191
Submitted by:	Daniel Engberg (daniel.engberg.lists@pyret.net)
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D20680
2019-07-15 15:07:55 +00:00
Warner Losh
37165f2306 Remove RELEASE_CRUNCH here. It's obsolete.
Remove RELEASE_CRUNCH here. It's obsolete and hasn't worked in a while.  The
build options need to be revisited, since many older ones are listed, while
newer useful ones are not. But that rototilling I'll leave to others.
2019-07-15 15:02:40 +00:00
Michael Tuexen
248bd1b80f Add support for MSG_EOR and MSG_EOF in sendmsg() for SCTP.
This is an FreeBSD extension, not covered by Posix.

This issue was found by running syzkaller.

MFC after:		1 week
2019-07-15 14:54:04 +00:00
Michael Tuexen
25fa310a5f Fix socket state handling when freeing an SCTP endpoint.
This issue was found by runing syzkaller.

MFC after:		1 week
2019-07-15 14:52:52 +00:00
Warner Losh
6c35c7d1b6 Replace complicated expression to disable libedit when no libthr is being built
with a simpler one.
2019-07-15 14:23:51 +00:00
Warner Losh
01b0122954 Remove all the RELEASE_CRUNCH instances that partially disable IPSEC
We remove IPSEC only in parts of the tree, and not others. RELEASE_CRUNCH to
disable it has not kept up with all its uses. Remove it. Should there be a real
need to disable IPSEC, one that hasn't shown up in the base system to date,
it can be re-added behind a WITHOUT_IPSEC build option.
2019-07-15 14:19:39 +00:00
Konstantin Belousov
ad038195bd In do_lock_pi(), do not return prematurely.
If umtxq_check_susp() indicates an exit, we should clean the resources
before returning.  Do it by breaking out of the loop and relying on
post-loop cleanup.

Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	12 days
Differential revision:	https://reviews.freebsd.org/D20949
2019-07-15 08:39:52 +00:00
Konstantin Belousov
40bd868ba7 Correctly check for casueword(9) success in do_set_ceiling().
After r349951, the return code must be checked instead of old == new
comparision.

Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	12 days
Differential revision:	https://reviews.freebsd.org/D20949
2019-07-15 08:38:01 +00:00
Warner Losh
91f5df38c9 MK_OPENSSL makes RELEASE_CRUNCH redundant here
Since these things are more completely controlled by the MK_OPENSSL knob, remove
RELEASE_CRUNCH here. It's no longer needed for the release and other users can
use the more proper knob if they so desire.
2019-07-15 07:39:28 +00:00
Warner Losh
ab152d0263 Now that we have MK_LS_COLORS, we don't need RELEASE_CRUNCH check here.
The RELEASE_CRUNCH check is redundant here. We don't need it for releases
anymore, and picobsd can control this more directly without making it a special
case.
2019-07-15 07:35:46 +00:00
Michael Tuexen
a85b7f125b Improve the input validation for l_linger.
When using the SOL_SOCKET level socket option SO_LINGER, the structure
struct linger is used as the option value. The component l_linger is of
type int, but internally copied to the field so_linger of the structure
struct socket. The type of so_linger is short, but it is assumed to be
non-negative and the value is used to compute ticks to be stored in a
variable of type int.

Therefore, perform input validation on l_linger similar to the one
performed by NetBSD and OpenBSD.

Thanks to syzkaller for making me aware of this issue.

Thanks to markj@ for pointing out that a similar check should be added
to so_linger_set().

Reviewed by:		markj@
MFC after:		2 weeks
Differential Revision:	https://reviews.freebsd.org/D20948
2019-07-14 21:44:18 +00:00
Konstantin Belousov
b7b6b7a9c5 PR: 239143
Reported and tested by:	Wes Maag <jwmaag@gmail.com>
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-07-14 21:08:54 +00:00
Randall Stewart
e5926fd368 This is the second in a number of patches needed to
get BBRv1 into the tree. This fixes the DSACK bug but
is also needed by BBR. We have yet to go two more
one will be for the pacing code (tcp_ratelimit.c) and
the second will be for the new updated LRO code that
allows a transport to know the arrival times of packets
and (tcp_lro.c). After that we should finally be able
to get BBRv1 into head.

Sponsored by:	Netflix Inc
Differential Revision:	https://reviews.freebsd.org/D20908
2019-07-14 16:05:47 +00:00
Michael Tuexen
8a956abe12 When calling sctp_initialize_auth_params(), the inp must have at
least a read lock. To avoid more complex locking dances, just
call it in sctp_aloc_assoc() when the write lock is still held.

Reported by:		syzbot+08a486f7e6966f1c3cfb@syzkaller.appspotmail.com
MFC after:		1 week
2019-07-14 12:04:39 +00:00
Chuck Tuffli
94c15665a5 Fix a typo in r349969
OUI_FRREBSD_NVME_HIGH should have been OUI_FREEBSD_NVME_HIGH

Caught by:	Gary Jennejohn
2019-07-14 03:49:48 +00:00
Cy Schubert
d096fc9ccd Calculate the offset of the interface name using FR_NAME rather than
calclulating it "by hand". This improves consistency with the rest of
the code and is in line with planned fixes and other work.

MFC after:	1 week
2019-07-14 02:46:34 +00:00
Cy Schubert
49a28fbdd2 Recycle the unused FR_CMPSIZ macro which became orphaned in ipfilter 5
prior to its import into FreeBSD. This macro calculates the size to be
compared within the frentry structure. The ipfilter 4 version of the
macro calculated the compare size based upon the static size of the
frentry struct. Today it uses the ipfilter 5 method of calculating the
size based upon the new to ipfilter 5 fr_size value found in the
frentry struct itself.

No effective change in code is intended.

MFC after:	1 week
2019-07-14 02:46:30 +00:00
Cy Schubert
d4af744b6a style(9)
MFC after:	3 days
2019-07-14 02:46:26 +00:00
Ian Lepore
fbcfc75aed Add an entry mentioning the permission/mode change to daily accounting files. 2019-07-13 16:48:27 +00:00
Alan Cox
f884dbbcfc Revert r349442, which was a workaround for bus errors caused by an errant
TLB entry.  Specifically, at the start of pmap_enter_quick_locked(), we
would sometimes have a TLB entry for an invalid PTE, and we would need to
issue a TLB invalidation before exiting pmap_enter_quick_locked().  However,
we should never have a TLB entry for an invalid PTE.  r349905 has addressed
the root cause of the problem, and so we no longer need this workaround.

X-MFC after:	r349905
2019-07-13 16:32:19 +00:00
Ian Lepore
1e121c3ef1 Limit access to system accounting files.
In 2013 the security chapter of the Handbook was updated in r42501 to
suggest limiting access to the system accounting file [*1] by creating the
initial file with a mode of 0600. This was in part based on a discussion in
the forums [*2]. Unfortunately, this advice is overridden by the fact that a
new file is created as part of periodic daily processing, and the file mode
is set by the rc.d/accounting script.

These changes update the accounting script to create the directory with mode
0750 if it doesn't already exist, and to create the daily file with mode
0640. This limits write access to root only, read access to root and members
of wheel, and eliminates world access completely. For admins who want to
prevent even members of wheel from accessing the files, the mode of the
/var/account directory can be manually changed to 0700, because the script
never creates or changes that directory if it already exists.

The accounting_rotate_log() function now also handles the error cases of no
existing log file to rotate, and attempting to rotate the file multiple
times (.0 file already exists).

Another small change here eliminates the complexity of the mktemp/chmod/mv
sequence for creating a new acct file by using install(1) with the flags
needed to directly create the file with the desired ownership and
modes. That allows coalescing two separate if checkyesno accounting_enable
blocks into one.

These changes were inspired by my investigation of PR 202203.

[1] https://www.freebsd.org/doc/handbook/security-accounting.html
[2] http://forums.freebsd.org/showthread.php?t=41059

PR:		202203
Differential Revision:	https://reviews.freebsd.org/D20876
2019-07-13 16:07:38 +00:00
Alan Cox
f138406359 Remove a stale comment.
Reported by:	markj
MFC after:	1 week
2019-07-13 15:53:28 +00:00