Commit Graph

269394 Commits

Author SHA1 Message Date
dfr
2d0c4feb90 Add support for the timecreate attribute
This maps to the va_birthtime VFS attribute.
2020-06-14 11:41:57 +00:00
tsoome
abe4bafbe3 loader.efi: update console after gfx mode change
The gfx mode change should be coordinated with console setup.
2020-06-14 10:13:40 +00:00
tuexen
f47ef49e59 Cleanups, no functional change.
MFC after:		1 week
2020-06-14 09:50:00 +00:00
tsoome
e417d8e439 Move font related data structured to sys/font.c and update vtfontcvt
Prepare support to be able to handle font data in loader, consolidate
data structures to sys/font.h and update vtfontcvt.

vtfontcvt update is about to output set of glyphs in form of C source,
the implementation does allow to output compressed or uncompressed font
bitmaps.

Reviewed by:	bcr
Differential Revision:	https://reviews.freebsd.org/D24189
2020-06-14 06:58:58 +00:00
gbe
7d6a229043 libc manpages: various improvements from NetBSD
- Add STANDARDS and HISTORY sections within the appropriate manpages
- Mention two USENIX papers within kqueue(2) and strlcpy(3)

Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
Obtained from:	NetBSD
MFC after:	7 days
Differential Revision: https://reviews.freebsd.org/D24650
2020-06-14 05:59:30 +00:00
gbe
7376ccd520 Add HISTORY sections to ZFS and dtrace manpage
Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
MFC after:		7 days
Differential Revision:	https://reviews.freebsd.org/D23833
2020-06-14 05:50:28 +00:00
gbe
0954064f6e libutil: Document function HISTORY within the manpages
Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
MFC after:	7 days
Differential Revision:	https://reviews.freebsd.org/D24795
2020-06-14 05:35:02 +00:00
gbe
714893bd28 Add a HISTORY section to ctime(3)
Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
Obtained from:	OpenBSD
MFC after:	7 days
Differential Revision:	https://reviews.freebsd.org/D24635
2020-06-14 05:08:15 +00:00
rmacklem
0d32fd8ea6 Oops, r362158 committed a duplicate definition of MAXSECFLAVORS.
This patch gets rid of the duplicate.
2020-06-14 01:22:19 +00:00
rmacklem
1bfe4e8613 Modify mountd to use the new struct export_args committed by r362158.
r362158 modified struct export_args for make the ex_flags field 64bits
and also changed the anonymous credentials to allow more than 16 groups.
This patch fixes mountd.c to use the new structure.
It does allocate larger exportlist and grouplist structures now.
That will be fixed in a future commit.
The only visible change will be that the credentials provided for the
-maproot and -mapall exports options can now have more than 16 groups.

Reviewed by:	kib, freqlabs
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D25088
2020-06-14 00:40:00 +00:00
adrian
7229b0806f [net80211] Treat frames without an rx status as not a decap'ed A-MSDU.
Drivers for NICs which do A-MSDU decap in hardware / driver will need to
set the rx status, so if it's missing then treat it as not a decap'ed
A-MSDU.
2020-06-14 00:23:06 +00:00
adrian
8451ef3116 [net80211] Also convert the ddb path
Whoops - this belonged in my previous commit.
2020-06-14 00:21:48 +00:00
rmacklem
e039c7b58c Add an entry to UPDATING for r362158. 2020-06-14 00:15:44 +00:00
rmacklem
177c658e0d Version bump for r362158, since the arguments for vfs_checkexp() changed. 2020-06-14 00:12:29 +00:00
rmacklem
003cac51d9 Fix export_args ex_flags field so that is 64bits, the same as mnt_flags.
Since mnt_flags was upgraded to 64bits there has been a quirk in
"struct export_args", since it hold a copy of mnt_flags
in ex_flags, which is an "int" (32bits).
This happens to currently work, since all the flag bits used in ex_flags are
defined in the low order 32bits. However, new export flags cannot be defined.
Also, ex_anon is a "struct xucred", which limits it to 16 additional groups.
This patch revises "struct export_args" to make ex_flags 64bits and replaces
ex_anon with ex_uid, ex_ngroups and ex_groups (which points to a
groups list, so it can be malloc'd up to NGROUPS in size.
This requires that the VFS_CHECKEXP() arguments change, so I also modified the
last "secflavors" argument to be an array pointer, so that the
secflavors could be copied in VFS_CHECKEXP() while the export entry is locked.
(Without this patch VFS_CHECKEXP() returns a pointer to the secflavors
array and then it is used after being unlocked, which is potentially
a problem if the exports entry is changed.
In practice this does not occur when mountd is run with "-S",
but I think it is worth fixing.)

This patch also deleted the vfs_oexport_conv() function, since
do_mount_update() does the conversion, as required by the old vfs_cmount()
calls.

Reviewed by:	kib, freqlabs
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D25088
2020-06-14 00:10:18 +00:00
adrian
207f3e7109 [net80211] Handle offloaded AMSDU in AMPDU reordering.
In the 11n world, most NICs did A-MPDU receive/transmit offloading but
not A-MSDU offloading.  So, the net80211 A-MPDU receive path would just
receive MPDUs, do the reordering bit, pass it up to the rest of
net80211 for crypto decap and then do A-MSDU decap before throwing ethernet
frames up to the rest of the system.

However 11ac and 11ax NICs are increasingly doing A-MSDU offload (and
newer 11ax stuff does socket offload, but hey I don't want to scare people
JUST yet) - so although A-MPDU reordering may be done in the OS, A-MSDUs
look like a normal MPDU.  This means that all the MSDUs are actually
faked into a set of MPDUs with matching 802.11 header - the sequence number,
QoS header and any encryption verification bits (like IV) are just copied.

This shows up as MASSIVE packet loss in net80211, cause after the first MPDU
we just toss the rest.

(And don't get me started about ethernet decap with A-MPDU host reordering;
we'll have to cross that bridge for later 11ac and 11ax bits too.)

Anyway, this work changes each A-MPDU reorder slot into an mbufq.
The mbufq is treated as a whole set of frames to pass up to the stack
and reordered/de-duped as a group.  The last frame in the reorder list
is checked to see if it's an A-MSDU final frame so any duplicates are
correctly tossed rather than double-received.  Other than that, the
rest of the logic is unchanged.

The previous commit did a small subset of this - if there wasn't any reordering
going on then it'd accept the A-MSDUs.  This is the rest of the needed work.

This is a no-op for 11n NICs doing A-MPDU reordering but needing software
A-MSDU decap - they aren't tagged as A-MSDU and so any subsequent
frames added to the reorder slot are tossed.

Tested:

* QCA9880 (ath10k/athp) - STA/AP mode;
* RT3593 (if_rsu) - 11n STA+DWDS mode (I'm committing through it rn);
* QCA9380 (if_ath) - STA/AP mode.
2020-06-13 23:35:22 +00:00
adrian
67fae78da3 [net80211] separate out node allocation and node initialisation.
This is a new, optional (for now!) method that drivers can use to separate
node allocation and node initialisation.  Right now they're the same, and
drivers that need to do node allocation via firmware commands need to sleep
and thus they need to defer node allocation into an internal taskqueue.

Right now they're just separate but not deferred.  Later on if I get the time
we'll start deferring the node and key related operations but that requires
making a bunch of other stuff (notably things that generate frames!) also
async/deferred.

Tested:

* RT3593, STA/DWDS mode
* AR9380, STA/AP modes
* QCA9880 (athp) - STA/AP modes
2020-06-13 22:20:02 +00:00
tuexen
f6fa051646 Remove usage of empty macro.
MFC after:		1 week
2020-06-13 21:23:26 +00:00
tuexen
18a7e41cfe Simpify a condition, no functional change.
MFC after:		1 week
2020-06-13 18:38:59 +00:00
kib
dffbc53f60 Fix ldd for PIE binaries after rtld stopped accepting binaries for dlopen.
ldd proclaims ET_DYN objects as shared libraries and tries to
dlopen(RTLD_TRACE) them to get dependencies. Since PIE binaries are
ET_DYN | DF_1_PIE, refusal to dlopen such binaries breaks ldd.

Fix it by reading and parsing dynamic segment looking for DF_FLAG_1
and taking DF_1_PIE into account when deciding between binary and
library.

Reported by:	Dewayne Geraghty <dewayne@heuristicsystems.com.au>
Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25257
2020-06-13 18:21:31 +00:00
kib
c7344298e1 procctl(2): document PROC_KPTI
Reviewed by:	bcr
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25258
2020-06-13 18:19:42 +00:00
kib
e49a8a8537 procctl(2): consistently refer to the data pointer as 'data'.
Reviewed by:	bcr
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25258
2020-06-13 18:18:34 +00:00
fernape
7f1b94237d sockstat(1): Add EXAMPLES to man page
Add three examples showing the use of -4, -6, -l, -L, -p and -P

Reviewed by:	gbe@
Approved by:	bcr@
2020-06-13 17:36:08 +00:00
yuripv
430cfd638e nvi: fallback to ISO8859-1 as last resort
Current logic of using user's locale encoding that is UTF-8 doesn't make
much sense if we already failed the looks_utf8() check and skipped
encoding set using "fileencoding" as being UTF-8 as well; fallback to
ISO8859-1 in that case.

Reviewed by:	Zhihao Yuan <lichray@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D24919
2020-06-13 14:11:02 +00:00
yuripv
e81e5abf25 awk(1): use -version instead of -V
-V is OpenBSD specific, use -version instead.

While here, fix issue reported by mandoc lint and drop nonexistent
script(7) reference.

PR:		247004
Reviewed by:	0mp, markj
Differential Revision:	https://reviews.freebsd.org/D25164
2020-06-13 09:16:07 +00:00
yuripv
e13e14499c locale: exit 1 if unknown keyword was specified
PR:		241906
Submitted by:	Akos Somfai <akos.somfai@gmail.com>
2020-06-13 08:37:24 +00:00
cy
3132c3cb3a MFV r362143:
Update sqlite3 to 3.32.2 (3320200).

CVE-2020-11655: SQLite through 3.31.1 allows attackers to cause a denial of
service (segmentation fault) via a malformed window-function query because
the AggInfo object's initialization is mishandled.

CVE-2020-13434: SQLite through 3.32.0 has an integer overflow in
sqlite3_str_vappendf in printf.c.

CVE-2020-13435: SQLite through 3.32.0 has a segmentation fault in
sqlite3ExprCodeTarget in expr.c.

CVE-2020-13630: ext/fts3/fts3.c in SQLite before 3.32.0 has a
use-after-free in fts3EvalNextRow, related to the snippet feature

CVE-2020-13631: SQLite before 3.32.0 allows a virtual table to be renamed
to the name of one of its shadow tables, related to alter.c and build.c.

CVE-2020-13632: ext/fts3/fts3_snippet.c in SQLite before 3.32.0 ha s a
NULL pointer dereference via a crafted matchinfo() query.

PR:		247149
Reported by:	spam123@bitbert.com
MFC after:	3 days
Security:	vuxml: c4ac9c79-ab37-11ea-8b5e-b42e99a1b9c3
		https://nvd.nist.gov/vuln/detail/CVE-2020-11655
		https://nvd.nist.gov/vuln/detail/CVE-2020-13434
		https://nvd.nist.gov/vuln/detail/CVE-2020-13435
		https://nvd.nist.gov/vuln/detail/CVE-2020-13630
		https://nvd.nist.gov/vuln/detail/CVE-2020-13631
		https://nvd.nist.gov/vuln/detail/CVE-2020-13632
2020-06-13 04:47:59 +00:00
cem
9346d926aa Fix !DEBUGNET build after r362138
X-MFC-With:	r362138
2020-06-13 03:16:09 +00:00
cem
4040c34651 Flip kern.tty_info_kstacks on by default
It's a useful debug aid for anyone using Ctrl-T today, and doesn't seem to be
widely known.  So, enable it out of the box to help people find it.

It's a tunable and sysctl, so if you don't like it, it's easy to disable
locally.

If people really hate it, we can always flip it back.

Reported by:	Daniel O'Connor
2020-06-13 03:04:40 +00:00
dougm
fc9d80af5f Linuxkpi uses the rb-tree structures without using their interfaces,
making them break when the representation changes. Revert changes that
eliminated the color field from rb-trees, leaving everything as it was
before.

Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D25250
2020-06-13 01:54:09 +00:00
cem
60bf309c61 net80211: Add framework for debugnet(4) support
Allow net80211 drivers to register a small vtable of debugnet-related
methods.

This is not a functional change.  Driver support is needed, similar to
debugnet(4) for wired NICs.

Reviewed by:	adrian, markj (earlier version both)
Differential Revision:	https://reviews.freebsd.org/D17308
2020-06-13 00:59:36 +00:00
jhb
146a3e8d47 Allow <sys/elf_common.h> to be used in assembly.
Hide C-only declarations under #ifndef LOCORE.  This will be used by
future changes to define ELF notes in assembly.

Reviewed by:	kib
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D25211
2020-06-12 23:43:44 +00:00
jhb
dec88c11f5 Allow <sys/param.h> to be included from userland assembly files.
This will be used by future changes to define ELF notes in assembly.

Reviewed by:	kib
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D25211
2020-06-12 23:42:36 +00:00
jhb
7b05931360 Various optimizations to software AES-CCM and AES-GCM.
- Make use of cursors to avoid data copies for AES-CCM and AES-GCM.

  Pass pointers into the request's input and/or output buffers
  directly to the Update, encrypt, and decrypt hooks rather than
  always copying all data into a temporary block buffer on the stack.

- Move handling for partial final blocks out of the main loop.

  This removes branches from the main loop and permits using
  encrypt/decrypt_last which avoids a memset to clear the rest of the
  block on the stack.

- Shrink the on-stack buffers to assume AES block sizes and CCM/GCM
  tag lengths.

- For AAD data, pass larger chunks to axf->Update.  CCM can take each
  AAD segment in a single call.  GMAC can take multiple blocks at a
  time.

Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D25058
2020-06-12 23:10:30 +00:00
jhb
8435834a04 Fix a regression in r361804 for TLS 1.3.
I was not including the record type stored in the first byte of the
trailer as part of the payload to be encrypted and hashed.

Sponsored by:	Netflix
2020-06-12 22:27:26 +00:00
kib
8fedf92a4e Control for Special Register Buffer Data Sampling mitigation.
New microcode update for Intel enables mitigation for SRBDS, which
slows down RDSEED and related instructions.  The update also provides
a control to limit the mitigation to SGX enclaves, which should
restore the speed of random generator by the cost of potential
cross-core bufer sampling.

See https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling

GIve the user control over it.

Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25221
2020-06-12 22:14:45 +00:00
kib
41e58e9462 x86: add bits definitions for SRBDS mitigation control.
See https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling

Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25221
2020-06-12 22:12:57 +00:00
kib
2f9345080e rtld: set osrel when in the direct exec mode.
Rtld itself is a shared object which does not have vendor note, so
after the direct exec of ld-elf.so.1 process has p_osrel set to zero.
This affects the ABI of syscalls.

Set osrel to the __FreeBSD_version value at compile time right after
rtld identified direct exec mode.  Then, switch to the osrel read from
the binary note or zero if no note, right before starting calling
ifunc resolvers, which is the first byte of the user code.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2020-06-12 22:10:03 +00:00
sjg
c88c40a35e verify_pcr_export: bump kenv_mvallen if needed
The loader.ve.hashed list can easily exceed KENV_MVALLEN.
If so, bump kenv_mvallen to a multiple of KENV_MVALLEN to
accommodate the value.

Reviewed by:	stevek
MFC after:	1 week
2020-06-12 21:55:30 +00:00
vangyzen
d33a155527 Honor db_pager_quit in some vm_object ddb commands
These can be rather verbose.

MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2020-06-12 21:53:08 +00:00
sjg
d1decc9653 mac_veriexec_fingerprint_check_vnode: v_writecount > 0 means active writers
v_writecount can actually be < 0 for text,
so check for v_writecount > 0

Reviewed by:	stevek
MFC after:	1 week
2020-06-12 21:51:20 +00:00
sjg
48922d113c Minor cleanup of initialized variables
Sort the list and cleanup trailing white-space

Reviewed by:	stevek
MFC after:	1 week
2020-06-12 21:48:46 +00:00
jhb
8abd951159 Fix AES-CCM requests with an AAD size smaller than a single block.
The amount to copy for the first block is the minimum of the size of
the AAD region or the remaining space in the first block.

Reported by:	cryptocheck -z
MFC after:	2 weeks
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D25140
2020-06-12 21:33:02 +00:00
jhb
bb2575e27d Various fixes to TLS for MIPS.
- Clear the current thread's TLS pointer on exec. Previously the TLS
  pointer (and register) remain unchanged.

- Explicitly clear the TLS pointer when new threads are created.

- Make md_tls_tcb_offset per-process instead of per-thread.

  The layout of the TLS and TCB are identical for all threads in a
  process, it is only the TLS pointer values themselves that vary by
  thread.  This also makes setting md_tls_tcb_offset in
  cpu_set_user_tls() redundant with the setting in exec_setregs(), so
  only set it in exec_setregs().

Submitted by:	Alfredo Mazzinghi (1)
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24957
2020-06-12 21:21:18 +00:00
vangyzen
754af14f97 FPU init: allocate initial state from UMA to ensure alignment
The Intel Instruction Set Reference says this about the XSAVE instruction:

    Use of a destination operand not aligned to 64-byte boundary
    (in either 64-bit or 32-bit modes) results in a general-protection
    (#GP) exception.

This alignment happens naturally when all malloc buckets are powers
of two.  However, this change is necessary on some systems when
certain non-power-of-two (and non-multiple of 64) malloc buckets
are defined.

Reviewed by:	cem; kib; earlier version by jhb
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D25098
2020-06-12 21:17:56 +00:00
vangyzen
13341723a9 FPU: make xsave_area_desc static
...because it can be.

Reviewed by:	cem kib
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D25098
2020-06-12 21:12:26 +00:00
vangyzen
92b04896cb FPU init: Do potentially blocking operations before disabling interrupts
In particular, uma_zcreate creates sysctl oids, which locks an sx lock,
which uses IPIs under contention.  IPIs tend not to work very well
when interrupts are disabled.  Who knew, right?

Reviewed by:	cem kib
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D25098
2020-06-12 21:10:45 +00:00
rrs
255d51414d So it turns out with the right window scaling you can get the code in all stacks to
always want to do a window update, even when no data can be sent. Now in
cases where you are not pacing thats probably ok, you just send an extra
window update or two. However with bbr (and rack if its paced) every time
the pacer goes off its going to send a "window update".

Also in testing bbr I have found that if we are not responding to
data right away we end up staying in startup but incorrectly holding
a pacing gain of 192 (a loss). This is because the idle window code
does not restict itself to only work with PROBE_BW. In all other
states you dont want it doing a PROBE_BW state change.

Sponsored by:	Netflix Inc.
Differential Revision: 	https://reviews.freebsd.org/D25247
2020-06-12 19:56:19 +00:00
gallatin
4fcce7ef5e x86: Bump default msi/msix vector limit to 2048
Given that 64c/128t CPUs are currently available, and that many
devices (nvme, many NICs) desire to map 1 MSI-X vector per core,
or even 1 per-thread, it is becoming far easier to see MSI-X interrupt
setup fail due to msi vector exhaustion, and devices fail to attach at
boot on large system.

This bump costs 12KB on amd64 (and 6KB on i386), which seems
worth the trade off for a better out of the box experience on
high end hardware.

Reviewed by:	jhb
MFC after:	21 days
Sponsored by:	Netflix
2020-06-12 18:41:12 +00:00
kevans
11f9e29b36 posix_spawn: fix for some custom allocator setups
libc cannot assume that aligned_alloc and free come from jemalloc, or that
any application providing its own malloc and free is actually providing
aligned_alloc.

Switch back to malloc and just make sure we're passing a properly aligned
stack into rfork_thread, as an application perhaps can't reasonably replace
just malloc or just free without headaches.

This unbreaks ksh93 after r361996, which provides malloc/free but no
aligned_alloc.

Reported by:	freqlabs
Diagnosed by:	Andrew Gierth <andrew_tao173.riddles.org.uk>
X-MFC-With:	r361996
2020-06-12 18:13:32 +00:00