Commit Graph

233964 Commits

Author SHA1 Message Date
Ed Maste
9b844631a6 Rename usr.bin/elfcopy to usr.bin/objcopy
We always install ELF Tool Chain's elfcopy as objcopy, so to avoid
confusion rename the src directory containing our reach-over Makefile
to match.

Requested by:	jhb
Sponsored by:	The FreeBSD Foundation
2018-06-21 14:28:20 +00:00
Justin Hibbits
22c1b4c0f1 Introduce PMCR-based cpufreq(4) driver, for IBM POWER8 and POWER9 systems
Summary: POWER8 and POWER9 use a single CPU register, per core, to change clock
speed.  Everything else is handled by the on-chip controller.  This change
necessitates a change to the cpufreq global kernel driver to bump supported
levels, as the device tree for these systems can have theoretically 256
different options.  On my POWER9 Talos, the list consists of 100 items.  At
16.67MHz intervals, that allows for a change of roughly 1.67GHz between lowest
and highest.

This has only been tested on the POWER9.  However, since they're similar, this
should work on POWER8 as well.

Reviewed By: nwhitehorn
Differential Revision: https://reviews.freebsd.org/D15932
2018-06-21 14:26:43 +00:00
Kyle Evans
770488d202 subr_hints: simplify a little bit
Some complexity exists in these bits that isn't needed. The sysctl handler,
upon change to '2', runs through the current set of hints and sets them in
the kenv.

However, this isn't at all necessary if we're pulling hints from the kenv,
static or dynamic, as the former will get added to the latter in
init_dynamic_kenv (see: kern_environment.c). We can reduce this
configuration to just adding static_hints to the kenv if we were previously
using them.

The changes in res_find are minimal and based on the observation that once
use_kenv gets set to '1' it will never be reset to '0', and it gets set to
'1' as soon as we hit fallback mode. Later work will refactor res_find a
little bit and eliminate this now-local, because it's become clear that
there's some funkiness revolving around use_kenv=1 and it being used to
imply that we're certainly looking at the dynamic_kenv.

Reviewed by:	ray
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D15940
2018-06-21 14:04:02 +00:00
Ruslan Bukin
c43e3c8659 PLIC driver was sponsored by ECATS contract, not CTSRD one. 2018-06-21 11:52:09 +00:00
Ilya Bakulin
5e03278fee Add MMCCAM support to AllWinner MMC driver
Using MMCCAM on AllWinner boards is now possible, reaching highest
possible data transfer speed.

For now, MMCCAM doesn't scan cards on boot. This means that scanning
has to be done manually and that it's not possible to mount root FS
from MMC/SD card since there is no block device at the boot time.

For manually scanning the cards, run:
# camcontrol rescan X:0:0
Where X is the bus number (look at camcontrol devlist to determine
bus number assigned to the MMC controller).

Reviewed by:	manu
Approved by:	imp (mentor)
Differential Revision:	https://reviews.freebsd.org/D15891
2018-06-21 11:49:21 +00:00
Ruslan Bukin
b47999470d Fix uma_zalloc_pcpu_arg() operation in case of !SMP build.
Reviewed by:	mjg
Sponsored by:	DARPA, AFRL
2018-06-21 11:43:54 +00:00
Edward Tomasz Napierala
b920f69bd0 "Kernel APIs" is a misnomer; use the proper name instead.
Suggested by:	kib@, ian@
MFC after:	2 weeks
2018-06-21 08:19:11 +00:00
Xin LI
80cb4b11eb Don't leak tmpstr.
MFC after:	2 weeks
2018-06-21 07:42:28 +00:00
Matt Macy
46374cbf54 udp_ctlinput: don't refer to unpcb after we drop the lock
Reported by: pho@
2018-06-21 06:10:52 +00:00
Kyle Evans
6a75ef5817 Don't remove loader.conf(5) when built WITHOUT_FORTH
The new stand/ structure installs loader.conf(5) and defaults/loader.conf
regardless of interpreter. The only thing gating installation now is
MK_BOOT.

Reported by:	eadler
2018-06-21 05:28:00 +00:00
Ed Maste
cb623f630c Makefile.inc1: rename build metadata file to toolchain-metadata.mk
The metadata file contains more than just compiler metadata.

Discussed with:	bdrewery
2018-06-21 02:15:50 +00:00
Eric Joyner
94c86dd038 ixl(4): Fix gcc build errors
By removing redundant function declarations.

Reported by:	ci.freebsd.org via Mark Millard <marklmi@yahoo.com>
MFC after:	1 month
2018-06-20 22:16:46 +00:00
Hans Petter Selasky
ce70c57262 Permit the kernel environment to set an array of numeric values for a single
sysctl(9) node.

Reviewed by:		kib@, imp@, jhb@
Differential Revision:	https://reviews.freebsd.org/D15802
MFC after:		1 week
Sponsored by:		Mellanox Technologies
2018-06-20 20:04:20 +00:00
Bryan Drewery
d406018534 Only look for NOTES as needed.
Sponsored by:	Dell EMC
2018-06-20 19:45:04 +00:00
Ed Maste
75e6ea22c5 acpidump.8: include NFIT in the man page list of tables
Was missed in r321298.

Reported by:	Ben Widawsky (in review D15931)
MFC after:	1 week
2018-06-20 19:40:54 +00:00
Kyle Evans
c7962400c9 Add debug.verbose_sysinit tunable for VERBOSE_SYSINIT
VERBOSE_SYSINIT is currently an all-or-nothing option. debug.verbose_sysinit
adds an option to have the code compiled in but quiet by default so that
getting this information from a device in the field doesn't necessarily
require distributing a recompiled kernel.

Its default is VERBOSE_SYSINIT's value as defined in the kernconf. As such,
the default behavior for simply omitting or including this option is
unchanged.

MFC after:	1 week
2018-06-20 19:23:56 +00:00
John Baldwin
14c5b433cf Correct path to removed asf(8) binary. 2018-06-20 19:22:33 +00:00
Edward Tomasz Napierala
4c156ba299 Improve wording.
MFC after:	2 weeks
2018-06-20 19:16:51 +00:00
Ed Maste
be72428e54 usr.bin/ar: use standard 2-Clause FreeBSD license
Many licenses on ar files contained small variations from the standard
FreeBSD license text. To avoid license proliferation switch to the usual
2-clause FreeBSD license after obtaining permission from all copyright
holders.

Approved by:	jkoshy, kaiw, kientzle
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14561
2018-06-20 18:43:17 +00:00
Bryan Drewery
6e6be2bbe2 Reduce exec and fstat overhead for non-build targets.
This is mostly targetting 'make showconfig' and 'make test-system-*' for
the benefit of makeman and universe-one-clang work.

Sponsored by:	Dell EMC
2018-06-20 17:20:39 +00:00
Bryan Drewery
be9309decd Regenerate for SYSTEM_LINKER 2018-06-20 16:15:03 +00:00
Bryan Drewery
a7d84af890 Add WITH_SYSTEM_LINKER, on by default, that avoids building lld when possible.
This works similar to WITH_SYSTEM_COMPILER added in r300354.  It only
supports lld via WITH_LLD_BOOTSTRAP.

When both SYSTEM_COMPILER and SYSTEM_LINKER logic passes then libclang
will not build in cross-tools.  If either check fails though then
libclang is built.

The .info is reworked to notify when libclang will be built since if
either clang or lld needs to be rebuilt, but not the other, the
notification can lead to confusion on why "clang is building".

-fuse-ld= is not used with this method so some combinations of compiler
and linker are expected to fail.

A new 'make test-system-linker' target is added to see the logic results.

Makefile.inc1:
  CROSS_BINUTILS_PREFIX support had to be moved higher up so that XLD
  could be set and MK_LLD_BOOTSTRAP disabled before checking SYSTEM_LINKER
  logic as done with SYSTEM_COMPILER.  This also required moving where
  bsd.linker.mk was read since XLD needs to be set before parsing it.  This
  creates a situation where src.opts.mk can not test LINKER_FEATURES or
  add LLD_BOOTSTAP to BROKEN_OPTIONS.

Reviewed by:	emaste (earlier version)
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D15894
2018-06-20 16:10:14 +00:00
Bryan Drewery
a883ed8c1d Fix sources needed for lld.
lld always needs these DWARF sources, as well as other default and extra
tools. XDL seems to be the best fit list.

Remove MK_LLD_IS_LD check from SRCS_MIW which is now reduced to just a
few files for llvm-objdump.

Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D15915
2018-06-20 16:10:10 +00:00
Bryan Drewery
781872781e Rework WITHOUT_LLD/TOOLCHAIN fix from r327892 for cross-tools.
MK_LLD is for the installed lld while MK_LLD_BOOTSTRAP is for the build
tool.  For WITH_SYSTEM_LINKER it is necesarry to separate the logic of
these two.  When building libllvm TOOLS_PREFIX will be defined and
MK_LLD_BOOTSTRAP should be checked instead.

Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D15837
2018-06-20 16:10:07 +00:00
Bryan Drewery
d74021d65b Rework how the ld link is handled in WORLDTMP from r322811.
LLD_BOOTSTRAP (build) is independent of LLD_IS_LD (installed) so they
should not be based on each other.

This is related to upcoming WITH_SYSTEM_LINKER work.

Reviewed by:	emaste
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D15836
2018-06-20 16:10:02 +00:00
Emmanuel Vadot
78442297f5 Add pmap_mapdev_attr for arm64
This is needed for efifb.
arm and ricv pmap (the two arch with arm64 that uses subr_devmap) have very
different implementation so for now only add this for arm64.

Tested with efifb on Pine64 with a few other patches.

Reviewed by:	cognet
Differential Revision:	https://reviews.freebsd.org/D15294
2018-06-20 16:07:35 +00:00
Emmanuel Vadot
a2d7053188 if_rk_dwc: Disable setting delays for now
The values for tx/rx delays differs accross the different DTS.
Mainline Linux set it to 0x24/0x18
Mostly-Vendor u-boot (the one maintained and developped) to 0x18/0x18
Mostly-Vendor linux (the one maintained and developped) to 0x26/0x11

By experience only 0x18/0x18 works so until the issue is resolved rely on
the bootloader settings.
2018-06-20 15:27:09 +00:00
Emmanuel Vadot
5f35d609c7 rk_gpio: Read the correct register for gpio read
Reported by:	jmcneill
2018-06-20 14:46:07 +00:00
Emmanuel Vadot
e167047518 if_rk_dwc: Fix delays handling
The property are named {t,r}x_delay and not {t,r}-delay.
The upper bits of the register are a mask of which bits is allowed
to be written, set it otherwise we write nothing.
OF_getencprop returns <0 = for an error.

Pointy Hat: myself
Reported by:	jmcneill (delay and mask bits)
2018-06-20 14:45:26 +00:00
Justin Hibbits
d23d5d73e8 Attach dev.cpu nodes on powerpc SMT cores, using only the first found thread
Summary: In order to use cpufreq(4), a dev.cpu attachment must be created.  If
the IBM property is found denoting SMT, attach only to the first thread setup,
so that a cpufreq device can bind.

Reviewed by:	nwhitehorn
Differential Revision: https://reviews.freebsd.org/D15921
2018-06-20 13:30:35 +00:00
Bjoern A. Zeeb
7938a4425a Instead of using hand-rolled loops where not needed switch them
to FOREACH_PROC_IN_SYSTEM() to have a single pattern to look for.

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D15916
2018-06-20 11:42:06 +00:00
Andrew Turner
c30e5927b6 Move the SYSINIT to allow userspace access to the ARM generic timer later
in the boot. It doesn't need to be early, so move it to the SI_ORDER_ANY
stage of SI_SUB_SMP.

Sponsored by:	DARPA, AFRL
2018-06-20 11:13:10 +00:00
Andrew Turner
1d802c646c Move the SMCCC SYSINIT later in the boot so the psci driver has attached.
Sponsored by:	DARPA, AFRL
2018-06-20 10:57:29 +00:00
Andrew Turner
95c4b3c735 Fix the SMCCC signatures, they are all 32-bit calls. This fixes SMCCC
version detection.

Sponsored by:	DARPA, AFRL
2018-06-20 10:02:50 +00:00
Bjoern A. Zeeb
7ffbcfe281 Sometimes it is helpful to get the path for a vnode.
Implement a ddb function walking the namecache to do this.

Reviewed by:		jhb, mjg
Inspired by:		gdb macro from jhb (old version)
Sponsored by:		iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D14898
2018-06-20 08:34:29 +00:00
Stephen J. Kiernan
593d37bb8e Fix build breakage in veriexec for 32-bit architectures.
fsid_t and ino_t are 64-bit entities, use uintmax_t typecast to ensure we
can print it on 32-bit or 64-bit architectures by using the %ju format for
prints.

Obtained from:	Juniper Networks, Inc.
2018-06-20 06:54:38 +00:00
Kyle Evans
7137597e15 sort(1): Fix -m when only implicit stdin is used for input
Observe:

printf "a\nb\nc\n" > /tmp/foo
# Next command results in no output
cat /tmp/foo | sort -m
# Next command results in proper output
cat /tmp/foo | sort -m -
# Also works:
sort -m /tmp/foo

Some const'ification was done to simplify the actual solution of adding "-"
explicitly to the file list if we didn't have any file arguments left over.

PR:		190099
MFC after:	1 week
2018-06-20 03:31:19 +00:00
Kyle Evans
36180cd53d sort(1): Add bits to allow easy checking against NetBSD tests
I'm looking at sort(1) failures, for better or worse.
2018-06-20 03:10:49 +00:00
Stephen J. Kiernan
ce16585796 This application (veriexecctl) handles reading a fingerprints file
containing paths, fingerprints, and optional option flags which in turn
get pushed into the MAC/veriexec meta-data store via the veriexec device.

The format of the fingerprints file is as follows:
path type fingerprint options

The type of fingerprint supported depends on what MAC/veriexec fingerprint
modules have been loaded into the system. The veriexecctl application is
able to determine which ones are available by consulting the
security.mac.veriexec.algorithms sysctl.

The following options are currently supported in MAC/veriexec and by the
veriexecctl application:

indirect
  If this option is set then the executable cannot be invoked directly, it
  can only be used as an interpreter in shell scripts.
file
  Indicates that the fingerprint is associated with a file, not an
  executable. Files have their fingerprints verified during open(2) and are
  automatically made read only. This option may be used to verify shared
  libraries have not been tampered with.
no_ptrace
  If this option is set then the executable cannot be traced with the
  ptrace(2) process tracing and debugging call.
trusted
  If this option is set then the executable is allowed to write to the
  mem(4) devices. By default, when verified execution is enforced, no
  process is allowed to write to the mem(4) devices.

The options are not case sensitive.

Reviewed by:	jtl, wblock
Obtained from:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D8575
2018-06-20 01:08:54 +00:00
Stephen J. Kiernan
b6b5dcf2d1 This library allows for user space applications to check file descriptors
or paths to see if they can be verified by MAC/veriexec.

Reviewed by:	jtl, wblock
Obtained from:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D8562
2018-06-20 00:55:18 +00:00
Stephen J. Kiernan
ed7b25da78 Device for user space to interface with MAC/veriexec.
The veriexec device features the following ioctl commands:

VERIEXEC_ACTIVE
  Activate veriexec functionality
VERIEXEC_DEBUG_ON
  Enable debugging mode and increment or set the debug level
VERIEXEC_DEBUG_OFF
  Disable debugging mode
VERIEXEC_ENFORCE
  Enforce veriexec fingerprinting (and acitvate if not already)
VERIEXEC_GETSTATE
  Get current veriexec state
VERIEXEC_LOCK
  Lock changes to veriexec meta-data store
VERIEXEC_LOAD
  Load veriexec fingerprint if secure level is not raised (and passes the
  checks for VERIEXEC_SIGNED_LOAD)
VERIEXEC_SIGNED_LOAD
  Load veriexec fingerprints from loader that supports signed manifest
  (and thus we can be more lenient about secure level being raised.)
  Fingerprints can be loaded if the meta-data store is not locked. Also
  securelevel must not have been raised or some fingerprints must have
  already been loaded, otherwise it would be dangerous to allow loading.
  (Note: this assumes that the fingerprints in the meta-data store at
         least cover the fingerprint loader.)

Reviewed by:	jtl
Obtained from:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D8561
2018-06-20 00:48:46 +00:00
Stephen J. Kiernan
fb47a3769c MAC/veriexec implements a verified execution environment using the MAC
framework.

The code is organized into a few distinct pieces:

* The meta-data store (in veriexec_metadata.c) which maps a file system
  identifier, file identifier, and generation key tuple to veriexec
  meta-data record.

* Fingerprint management (in veriexec_fingerprint.c) which deals with
  calculating the cryptographic hash for a file and verifying it. It also
  manages the loadable fingerprint modules.

* MAC policy implementation (in mac_veriexec.c) which implements the
  following MAC methods:

mpo_init
  Initializes the veriexec state, meta-data store, fingerprint modules,
  and registers mount and unmount EVENTHANDLERs

mpo_syscall
  Implements the following per-policy system calls:
  MAC_VERIEXEC_CHECK_FD_SYSCALL
    Check a file descriptor to see if the referenced file has a valid
    fingerprint.
  MAC_VERIEXEC_CHECK_PATH_SYSCALL
    Check a path to see if the referenced file has a valid fingerprint.

mpo_kld_check_load
  Check if loading a kld is allowed. This checks if the referenced vnode
  has a valid fingerprint.

mpo_mount_destroy_label
  Clears the veriexec slot data in a mount point label.

mpo_mount_init_label
  Initializes the veriexec slot data in a mount point label.
  The file system identifier is saved in the veriexec slot data.

mpo_priv_check
  Check if a process is allowed to write to /dev/kmem and /dev/mem
  devices.
  If a process is flagged as trusted, it is allowed to write.

mpo_proc_check_debug
  Check if a process is allowed to be debugged. If a process is not
  flagged with VERIEXEC_NOTRACE, then debugging is allowed.

mpo_vnode_check_exec
  Check is an exectuable is allowed to run. If veriexec is not enforcing
  or the executable has a valid fingerprint, then it is allowed to run.
  NOTE: veriexec will complain about mismatched fingerprints if it is
  active, regardless of the state of the enforcement.

mpo_vnode_check_open
  Check is a file is allowed to be opened. If verification was not
  requested, veriexec is not enforcing, or the file has a valid
  fingerprint, then veriexec will allow the file to be opened.

mpo_vnode_copy_label
  Copies the veriexec slot data from one label to another.

mpo_vnode_destroy_label
  Clears the veriexec slot data in a vnode label.

mpo_vnode_init_label
  Initializes the veriexec slot data in a vnode label.
  The fingerprint status for the file is stored in the veriexec slot data.

* Some sysctls, under security.mac.veriexec, for setting debug level,
  fetching the current state in a human-readable form, and dumping the
  fingerprint database are implemented.

* The MAC policy implementation source file also contains some utility
  functions.

* A set of fingerprint modules for the following cryptographic hash
  algorithms:
  RIPEMD-160, SHA1, SHA2-256, SHA2-384, SHA2-512

* Loadable module builds for MAC/veriexec and fingerprint modules.

 WARNING: Using veriexec with NFS (or other network-based) file systems is
          not recommended as one cannot guarantee the integrity of the files
          served, nor the uniqueness of file system identifiers which are
          used as key in the meta-data store.

Reviewed by:	ian, jtl
Obtained from:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D8554
2018-06-20 00:41:30 +00:00
Allan Jude
ec82884e87 Revert r335276
This was causing issues for people booting.
I will likely bring this back as an optional feature, similar to
boot0sio, like gptboot-serial or something.

PR:		221526
Reported by:	O. Hartmann <ohartmann@walstatt.org>, Thomas Laus <lausts@acm.org>
2018-06-20 00:14:54 +00:00
Mariusz Zaborski
a3552326dc Use capsicum helpers to cache NLS data. 2018-06-20 00:13:09 +00:00
Bryan Drewery
2d2aba181d TARGET_TRIPLE is needed much earlier now for CROSS_BINUTILS_PREFIX check.
This was missed in r335394 since the check became exists(/usr/local) in
my testing.

X-MFC-With:	r335394
MFC after:	2 weeks
Sponsored by:	Dell EMC
2018-06-19 23:57:12 +00:00
Mariusz Zaborski
7672a0148f Convert cap_enter() < 0 && errno != ENOSYS to caph_enter() < 0.
No functional change intended.
2018-06-19 23:43:14 +00:00
Bryan Drewery
d18e2bca4b Fix detection for binutils bootstrap package.
The path was changed recently in the port to be the full target triple.

MFC after:	2 weeks
Sponsored by:	Dell EMC
2018-06-19 23:40:42 +00:00
Bryan Drewery
4d64cb780b Let CROSS_BINUTILS_PREFIX work without a trailing slash.
Reported by:	jhb
MFC after:	2 weeks
Sponsored by:	Dell EMC
2018-06-19 23:40:39 +00:00
Bryan Drewery
8a854b3683 SYSTEM_COMPILER: Should use X_ vars for comparing wanted version.
It is XCC used during the build of target binaries that replaces the
bootstrap compiler.

Also slightly tweak style.

MFC after:	2 weeks
Sponsored by:	Dell EMC
2018-06-19 23:40:36 +00:00
Bryan Drewery
aafc33396e Fix X_COMPILER_* and X_LINKER_* not being passed to installworld environment.
This could lead to 'sh: head: not found' warnings which were a symptom
of running 'ld --version' during installworld.  This was only happening
with XCC or XLD set.  It is intended that cc and ld do not run during
installworld.  The metadata for these are already stored in
compiler-metadata.mk added in r316794.

This also removes redundant CROSSENV additions that were for
WITH_SYSTEM_COMPILER, WITHOUT_CROSS_COMPILER, and WITHOUT_TOOLCHAIN
which all don't have a cc or ld in their PATH during install.

Reported by:	Mark Millard
MFC after:	2 weeks
Sponsored by:	Dell EMC
2018-06-19 23:39:55 +00:00