Commit Graph

253912 Commits

Author SHA1 Message Date
John Baldwin
ba610be90a Add a kernel crypto driver using assembly routines from OpenSSL.
Currently, this supports SHA1 and SHA2-{224,256,384,512} both as plain
hashes and in HMAC mode on both amd64 and i386.  It uses the SHA
intrinsics when present similar to aesni(4), but uses SSE/AVX
instructions when they are not.

Note that some files from OpenSSL that normally wrap the assembly
routines have been adapted to export methods usable by 'struct
auth_xform' as is used by existing software crypto routines.

Reviewed by:	gallatin, jkim, delphij, gnn
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D26821
2020-10-20 17:50:18 +00:00
Edward Tomasz Napierala
91bc73618d Fix linprocfs(4) /proc/self/mem semantics to more closely match Linux.
Steam's Anti-Cheat might depend on it.

PR:		248223
Analyzed by:	Alex S <iwtcex@gmail.com>
Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D26816
2020-10-20 17:24:29 +00:00
Edward Tomasz Napierala
1a34e9fad6 Fix potential race condition in linux stat(2).
Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D25618
2020-10-20 17:19:10 +00:00
John Baldwin
bc3d569800 Move generated OpenSSL assembly routines into the kernel sources.
Sponsored by:	Netflix
2020-10-20 17:00:43 +00:00
John Baldwin
f54c6ef100 Use a template assembly file to generate the embedded MFS.
This uses the .incbin directive to pull in the MFS image contents.
Using assembly directly ensures that symbols can be defined with the
name and properties (such as .size) desired without having to rename
symbols, etc. via a second objcopy invocation.  Since it is compiled
by the C compiler driver, it also avoids the need for all of the
EMBEDFS* make variables.

Suggested by:	jrtc27
Reviewed by:	kib, markj
Obtained from:	CheriBSD
MFC after:	2 weeks
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D26781
2020-10-20 16:48:45 +00:00
Fernando Apesteguía
76ec6f51b9 realpath(1): Add EXAMPLES section.
Add a small example for this simple command.

Approved by:	manpages (gbe@)
Differential Revision:		https://reviews.freebsd.org/D26863
2020-10-20 13:15:26 +00:00
Fernando Apesteguía
ea772485d1 compress(1): Add EXAMPLES section
Add 5 examples showing basic usage.

Approved by:	manpages (gbe@)
Differential Revision:		https://reviews.freebsd.org/D26865
2020-10-20 13:05:25 +00:00
Mateusz Guzik
e9fb2bd9b8 ufs: catch up with removal of thread argument from VOP_INACTIVE 2020-10-20 09:46:20 +00:00
Mateusz Guzik
3fc7822de1 Bump __FreeBSD_version after VOP VPTOCNP and INACTIVE changes 2020-10-20 07:19:44 +00:00
Mateusz Guzik
ab21ed17ed vfs: drop the de facto curthread argument from VOP_INACTIVE 2020-10-20 07:19:03 +00:00
Mateusz Guzik
8ecd87a3e7 vfs: drop spurious cred argument from VOP_VPTOCNP 2020-10-20 07:18:27 +00:00
Xin LI
5011fb430a Further refinements of ptsname_r(3) interface:
- Hide ptsname_r under __BSD_VISIBLE for now as the specification
   is not finalized at this time.
 - Keep Symbol.map sorted.
 - Avoid the interposing of ptsname_r(3) from an user application
   from breaking ptsname(3) by making the implementation a static
   method and call the static function from ptsname(3) instead.

Reported by:	kib
Reviewed by:	kib, jilles
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D26845
2020-10-20 01:29:45 +00:00
Ruslan Bukin
bce74ff0ce Fix build: only set iommu buswide flag if IOMMU code is included.
Sponsored by:	Innovate DSbD
2020-10-19 22:32:36 +00:00
Ruslan Bukin
c489ab6141 Add IOMMU_BUSWIDE ahci quirk.
Some controllers use PCI function 1 as the requester ID for DMA transfers,
but the controllers are not PCI multifunction.

Set the iommu buswide flag for them. This should instruct an IOMMU driver
to use the same translation rule for all the devices and functions of
a bus.

This was discovered on the ARM Neoverse N1 System Development Platform
(ARM N1SDP).

Bug reference: https://bugzilla.kernel.org/show_bug.cgi?id=42679

Reported by:	andrew
Reviewed by:	kib, mav
Sponsored by:	Innovate DSbD
Differential Revision:	https://reviews.freebsd.org/D26857
2020-10-19 21:27:27 +00:00
Navdeep Parhar
ae5da4e14d cxgbe(4): Updates to the drop features from r366532.
MFC after:	1 week
Sponsored by:	Chelsio Communications
2020-10-19 21:11:49 +00:00
Ed Maste
2c19e8ed90 build vmware modules on arm64
pvscsi and vmxnet3 build and work.  Exclude vmci for now as it contains
x86-specific assembly.

Reported by:	Vincent Milum Jr
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2020-10-19 20:43:29 +00:00
Cy Schubert
bd0e0447cb Destroy cloned interfaces at netif stop, netif restart and shutdown.
This is especially important during shutdown because a child interface
of lagg with WOL enabled will not enable WOL at interface shutdown and
thus no WOL to wake up the device (and machine).

PR:		158734, 109980
Reported by:	Antonio Huete Jimenez <tuxillo at quantumachine.net>
		Marat N.Afanasyev <marat at zealot.ksu.ru>
reviewed by:	kp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26797
2020-10-19 20:37:38 +00:00
Edward Tomasz Napierala
3001e97deb Fix fallout from r366811.
PR:		250442
Reported by:	lwhsu
Reviewed by:	mav
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26855
2020-10-19 20:26:37 +00:00
John Baldwin
6b7ecdcd9d Re-enable receive flow control for TOE TLS sockets.
Flow control was disabled during initial TOE TLS development to
workaround a hang (and to match the Linux TOE TLS support for T6).
The rest of the TOE TLS code maintained credits as if flow control was
enabled which was inherited from before the workaround was added with
the exception that the receive window was allowed to go negative.
This negative receive window handling (rcv_over) was because I hadn't
realized the full implications of disabling flow control.

To clean this up, re-enable flow control on TOE TLS sockets.  The
existing TPF_FORCE_CREDITS workaround is sufficient for the original
hang.  Now that flow control is enabled, remove the rcv_over
workaround and instead assert that the receive window never goes
negative matching plain TCP TOE sockets.

Reviewed by:	np
MFC after:	2 weeks
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D26799
2020-10-19 20:08:50 +00:00
Navdeep Parhar
3f3e04a062 cxgbe(4): Fix page fault in t4_get_lb_stats with 2 port T5 cards.
PR:		250449
Reported by:	freqlabs@
MFC after:	1 week
Sponsored by:	Chelsio Communications
2020-10-19 20:08:47 +00:00
John Baldwin
e7f6b6cf69 Fix a couple of bugs for asym crypto introduced in r359374.
- Check for null pointers in the crypto_drivers[] array when checking
  for empty slots in crypto_select_kdriver().

- Handle the case where crypto_kdone() is invoked on a request where
  krq_cap is NULL due to not finding a matching driver.

Reviewed by:	markj
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D26811
2020-10-19 20:04:03 +00:00
Alex Richardson
4fa4bd6312 Enable SUBDIR_PARALLEL for lib/googletest
This saves a few seconds in a parallel build since we can build the
gtest_main and gmock subdirectories in parallel.

Reviewed By:	ngie
Differential Revision: https://reviews.freebsd.org/D26760
2020-10-19 19:51:03 +00:00
Alex Richardson
2ed3236082 Major improvement to build parallelism for googletest internal tests
Currently the googletest internal tests build after the matching library.
However, each of these is serialized at the top level makefile.
Additionally some of the tests (e.g. the gmock-matches-test) take up to
90 seconds to build with clang -O2. Having to wait for this test to
complete before continuing to the next directory seriously slows down the
parllelism of a -j32 build.
Before this change running `make -C lib/googletest -j32 -s` in buildenv
took 202 seconds, now it's 153 due to improved parallelism.

Reviewed By:	emaste (no objection)
Differential Revision: https://reviews.freebsd.org/D26748
2020-10-19 19:50:57 +00:00
Konstantin Belousov
6b56b0ca93 nullfs: ensure correct lock is taken after bypass.
If lower VOP relocked the lower vnode, it is possible that nullfs
vnode was reclaimed meantime.  In this case nullfs vnode no longer
shares lock with lower vnode, which breaks locking protocol.

Check for the condition and acquire nullfs vnode lock if detected.

Reported and tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2020-10-19 19:23:22 +00:00
Konstantin Belousov
c0baa3dc4a vgonel(): avoid recursing into VOP_INACTIVE().
It is a common pattern for filesystems' VOP_INACTIVE() implementation
to forcibly reclaim the vnode when its state is final.  For instance,
UFS vnode with zero link count is removed, and since it is
inactivated, the last open reference on it is dropped.

On the other hand, vnode might get spurious usecount reference for
many reasons.  If the spurious reference exists while vgonel() checks
for active state of the vnode, it would recurse into VOP_INACTIVE().

Fix it by checking and not doing inactivation when vgone() was called
from inactive VOP.

Reported and tested by:	pho
Discussed with:	mjg
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2020-10-19 19:20:23 +00:00
Ed Maste
575a4437a9 uma: fix KTR message after r366840
Reported by:	bz
Sponsored by:	The FreeBSD Foundation
2020-10-19 18:54:44 +00:00
Mateusz Guzik
6d5d469fc1 cache: promote negative entries based on more than one hit
During tinderbox and similar workloads negative entries get at least one
hit before they get evicted. In the current scheme this avoidably promotes
them.

Be conservative and stick to 2 hits for now.
2020-10-19 18:51:51 +00:00
John Baldwin
6bcf3c46d8 Check TF_TOE not the tod pointer to determine if TOE is active.
The TF_TOE flag is the check used in the rest of the network stack to
determine if TOE is active on a socket.  There is at least one path in
the cxgbe(4) TOE driver that can leave the tod pointer non-NULL on a
socket not using TOE.

Reported by:	Sony Arpita Das <sonyarpitad@chelsio.com>
Reviewed by:	np
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D26803
2020-10-19 18:24:06 +00:00
John Baldwin
ecedef531b Mark asymmetric cryptography via OCF deprecated for 14.0.
Only one MIPS-specific driver implements support for one of the
asymmetric operations.  There are no in-kernel users besides
/dev/crypto.  The only known user of the /dev/crypto interface was the
engine in OpenSSL releases before 1.1.0.  1.1.0 includes a rewritten
engine that does not use the asymmetric operations due to lack of
documentation.

Reviewed by:	cem, markj
MFC after:	1 week
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D26810
2020-10-19 18:21:41 +00:00
John Baldwin
eeb4c816d6 Properly clear PCB_KERNNPX in fpu_kern_leave().
PR:		250423
Reported by:	CI
Tested by:	lwhsu
2020-10-19 17:35:45 +00:00
Mark Johnston
4caea9b169 icmp6: Count packets dropped due to an invalid hop limit
Pad the icmp6stat structure so that we can add more counters in the
future without breaking compatibility again, last done in r358620.
Annotate the rarely executed error paths with __predict_false while
here.

Reviewed by:	bz, melifaro
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26578
2020-10-19 17:07:19 +00:00
Mark Johnston
d80126a6f4 link_elf_obj: Colour VM objects
This will cause the VM to back sufficiently large .text sections, such
as those in zfs.ko or amdgpu.ko on amd64, with superpage mappings when
possible.

Reviewed by:	alc, kib
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D26802
2020-10-19 16:57:59 +00:00
Mark Johnston
f09cbea31a uma: Respect uk_reserve in keg_drain()
When a reserve of free items is configured for a zone, the reserve must
not be reclaimed under memory pressure.  Modify keg_drain() to simply
respect the reserved pool.

While here remove an always-false uk_freef == NULL check (kegs that
shouldn't be drained should set _NOFREE instead), and make sure that the
keg_drain() KTR statement does not reference an uninitialized variable.

Reviewed by:	alc, rlibby
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D26772
2020-10-19 16:57:40 +00:00
Mark Johnston
1b2dcc8c54 uma: Avoid depleting keg reserves when filling a bucket
zone_import() fetches a free or partially free slab from the keg and
then uses its items to populate an array, typically filling a bucket.
If a single allocation causes the keg to drop below its minimum reserve,
the inner loop ends.  However, if the bucket is still not full and
M_USE_RESERVE is specified, the outer loop will continue to fetch items
from the keg.

If M_USE_RESERVE is specified and the number of free items is below the
reserved limit, we should return only a single item.  Otherwise, if the
bucket size is larger than the reserve, all of the reserved items may
end up in a single per-CPU bucket, invisible to other CPUs.

Reviewed by:	rlibby
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D26771
2020-10-19 16:55:03 +00:00
Mark Johnston
6351771b7c vmem: Allocate btags before looping in vmem_xalloc()
BT_MAXALLOC (4) is the number of boundary tags required to complete an
allocation in the worst case: two to clip a free segment, and two to
import from a parent arena.  vmem_xalloc() preallocates four boundary
tags before attempting a search to simplify the segment allocation code.
It implements a loop that:
1) ensures that BT_MAXALLOC boundary tags are available,
2) attempts to find and clip a free segment satisfying the allocation
   constraints, and failing that,
3) attempts to import a segment.

On !UMA_MD_SMALL_ALLOC platforms the btag zone has to handle recusion:
it needs boundary tags to allocate boundary tags.  Thus we reserve
2 * BT_MAXALLOC * mp_ncpus tags for use when recursing: the factor of 2
is because there are two layers of vmem arenas, the per-domain arena and
global arena.  For a single thread, 2 * BT_MAXALLOC tags should be
sufficient.

Because of the way the loop is structured, BT_MAXALLOC tags are not
sufficient.  The first bt_fill() call may allocate BT_MAXALLOC tags,
then import a segment (consuming two tags), then attempt to top up the
preallocation before carving into the imported free segment, thus
requiring up to six tags in the worst case.  Because we don't
preallocate that many, this bug can cause deadlocks in rare scenarios.

Fix the problem by moving the preallocation out the loop.  This assumes
that only a single import is ever required to satisfy an allocation
request.

Thanks to manu, emaste and lwhsu for helping test debug patches.

Reported by:	Jenkins (hardware CI lab)
Reviewed by:	alc, kib, rlibby
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D26770
2020-10-19 16:54:06 +00:00
Mark Johnston
33a9bce62f vmem: Simplify bt_fill() callers a bit
No functional change intended.

Reviewed by:	alc, kib, rlibby
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D26769
2020-10-19 16:52:27 +00:00
Andrew Turner
3493e48db6 Remove unused labels from the arm64 casueword*
These are unused so can be removed. While here renumber the remaining label
to be 1.

Sponsored by:	Innovate UK
2020-10-19 15:52:42 +00:00
Ruslan Bukin
94dfb28ee0 Assign the reserved apic region (GAS entry) to the iommu domain msi_entry.
Requested by:	kib
Reviewed by:	kib
Sponsored by:	Innovate DSbD
Differential Revision:	https://reviews.freebsd.org/D26859
2020-10-19 15:50:58 +00:00
Mark Johnston
8e2cbc5660 vmx: Implement pmap (de)activation in C
Rewrite the code that maintains pm_active and invalidates EPTP-tagged
TLB entries in C.  Previously this work was done in vmx_enter_guest(),
in assembly, but there is no good reason for that and it makes the TLB
invalidation algorithm for nested page tables harder to review.

No functional change intended.  Now, an error from the invept
instruction results in a kernel panic rather than a vmexit.  Such errors
should occur only as a result of VMM bugs.

Reviewed by:	grehan, kib
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D26830
2020-10-19 15:24:35 +00:00
Ruslan Bukin
e707c8be4e Manage MSI iommu pages.
This allows the interrupt controller driver only need a small change to
create a map for the page the device will write to raise an interrupt.

Submitted by:	andrew
Reviewed by:	kib
Sponsored by:	Innovate DSbD
Differential Revision:	https://reviews.freebsd.org/D26705
2020-10-19 13:10:21 +00:00
Andrew Turner
956cc8e1b9 Split the common arm64 fu* and su* asm to a macro
As these are mostly identical split out the common code to a macro.

Sponsored by:	Innovate UK
2020-10-19 12:46:03 +00:00
Andrew Turner
474c444e04 Move the arm64 userspace access checks to macros
In the functions that copy between userspace and kernel space we check the
user space address is valid before performing the copy. These are mostly
identical within each type of function so create two macros to perform the
check.

Obtained from:	CheriBSD
Sponsored by:	Innovate UK
2020-10-19 12:06:16 +00:00
Ryan Moeller
b8adbe1c15 efibootmgr: Use returned error code for error message, not errno
efivar_unix_path_to_device_path returns the error code, it does not set errno.

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26852
2020-10-19 10:38:40 +00:00
Mateusz Guzik
665c8c3e7d cache: refactor negative promotion/demotion handling
This will simplify policy changes.
2020-10-19 09:52:52 +00:00
Baptiste Daroussin
ae659caa0a Use asprintf instead of sbuf 2020-10-19 07:26:42 +00:00
Warner Losh
618cdd8964 Add more explicit instructions about updating motd
Not that you can regenerate the motd by editing motd.template and
running 'service motd restart' rather than rebooting.

Small wordsmithing by me, and updated the example from FreeBSD 2.1.6.1
release to 12.1 release.

Submitted by: Dan Mack
2020-10-19 01:16:39 +00:00
Kyle Evans
07335072e2 libbe(3): install MLINKS for all of the functions provided
MFC after:	1 week
2020-10-18 23:58:40 +00:00
Kyle Evans
513bd2fc81 libbe(3): document be_snapshot()
While toying around with lua bindings for libbe(3), I discovered that I
apparently never documented this, despite having documented
be_is_auto_snapshot_name that references it.

MFC after:	1 week
2020-10-18 23:42:00 +00:00
Kyle Evans
5773e924e7 libbe(3): const'ify a couple arguments
libbe will never need to mutate these as we either process them into a local
buffer or we just don't touch them and write to a separate out argument.

MFC after:	1 week
2020-10-18 23:32:47 +00:00
Adrian Chadd
40ec30d45e [zfs] Remove a non-existent directory in the build infra
This directory doesn't exist and causes gcc-6.4 to complain about
a non-existent include directory

Approved by:	kevans, imp
Differential Revision:	https://reviews.freebsd.org/D26846
2020-10-18 22:37:58 +00:00