225236 Commits

Author SHA1 Message Date
Andrey V. Elsukov
e54647920b Make user supplied data checks a bit stricter.
key_msg2sp() is used for parsing data from setsockopt(IP[V6]_IPSEC_POLICY)
call. This socket option is usually used to configure IPsec bypass for
socket. Only privileged user can set this socket option.
The message syntax is described here
	http://www.kame.net/newsletter/20021210/

and our libipsec is usually used to create the correct request.
Add additional checks:
* that sadb_x_ipsecrequest_len is not out of bounds of user supplied buffer
* that src/dst's sa_len is the same
* that 2*sa_len is not out of bounds of user supplied buffer
* that 2*sa_len fits into bounds of sadb_x_ipsecrequest

Reported by:	Ilja van Sprundel
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D11796
2017-08-09 19:58:38 +00:00
Glen Barber
16398a1141 Add a dependency on the kernel package for the runtime package.
The idea here is that, provided upstream pkg(8) maintainers accept
the proposed change, the kernel.ucl will contain a post-install
script causing pkg(8) to emit a message informing to reboot the
system after the kernel is upgraded using 'pkg upgrade', so the
new userland is installed on the running new kernel.  At present,
this functionality does not exist in pkg(8), but will help ensure
the upgrade path follows that from UPDATING.  To work around this
for now, evaluate ASSUME_ALWAYS_YES, and prompt the user if they
wish to proceed if not set to true.

Since there is a kernel dependency, and a non-GENERIC kernel may
be in use, update Makefile.inc1 to replace '%KERNCONF%' in the
runtime.ucl with the first-built kernel set either via command line
or in make.conf(5).

MFC after:	5 days
Sponsored by:	The FreeBSD Foundation
2017-08-09 19:16:54 +00:00
Ed Maste
39901227a5 lldb: Make i386-*-freebsd expression work on JIT path
* Enable i386 ABI creation for freebsd
* Added an extra argument in ABISysV_i386::PrepareTrivialCall for mmap
  syscall
* Unlike linux, the last argument of mmap is actually 64-bit(off_t).
  This requires us to push an additional word for the higher order bits.
* Prior to this change, ktrace dump will show mmap failures due to
  invalid argument coming from the 6th mmap argument.

Submitted by:	Karnajit Wangkhem
Differential Revision:	https://reviews.llvm.org/D34776
2017-08-09 19:09:23 +00:00
Ed Maste
4be62405c0 cat: fix build with -DNO_UDOM_SUPPORT
Sponsored by:	The FreeBSD Foundation
2017-08-09 18:23:46 +00:00
Kyle Evans
3e13c1fa27 capsicum_helpers: Add FIODTYPE to default ioctls allowed
FIODTYPE will be needed by hexdump(1) to speed up the -s flag on devices
that should be able to support fseek(3); specifically, in an attempt to
correct for the fact that most tape drives don't support seeking yet don't
indicate as such when fseeko(3) is invoked. Related: D10939

Reviewed by:	cem, emaste, oshogbo
Approved by:	emaste (mentor)
Differential Revision:	https://reviews.freebsd.org/D10937
2017-08-09 18:15:07 +00:00
Jung-uk Kim
b5669d0aa8 Split identify_cpu() into two functions for amd64 as we do for i386. This
reduces diff between amd64 and i386.  Also, it fixes a regression introduced
in r322076, i.e., identify_hypervisor() failed to identify some hypervisors.
This function assumes cpu_feature2 is already initialized.

Reported by:	dexuan
Tested by:	dexuan
2017-08-09 18:09:09 +00:00
Kyle Evans
f75f5a355e libusb(3): Expose device caps as libusb_bos_descriptor::dev_capability
Some libusb consumers in Linux-land (in this case, libusb4java) expect a
dev_capability member that they can use to enumerate the device
capabilities.

No particular layout is expected of this, just that it can be traversed
using the bLength member until bNumDeviceCapabilities are read and that the
consumer may then use one of the libusb_get_*_descriptor methods to extract
specific (usb 2.0 vs. ss) capability information.

In collaboration with:	hselasky
Reviewed by:	hselasky
Approved by:	emaste (mentor)
Differential Revision:	https://reviews.freebsd.org/D11494
2017-08-09 18:06:27 +00:00
Gleb Smirnoff
ef3266d58a Plug uninitialized stack variable leak in sendfile(2).
Reported by:	Ilja Van Sprundel <ivansprundel ioactive.com>
Submitted by:	Domagoj Stolfa <domagoj.stolfa gmail.com>
MFC after:	1 week
Security:	uninitialized stack variable leak
2017-08-09 17:48:38 +00:00
Dimitry Andric
9dc417c32b Upgrade our copies of clang, llvm and libc++ to r310316 from the
upstream release_50 branch.

MFC after:	2 months
X-MFC-with:	r321369
2017-08-09 17:32:39 +00:00
Warner Losh
0038725697 Also provide a warning for geom_fox.
Differential Review: https://reviews.freebsd.org/D11935
Requested by: jhb@
MFC After: 3 days
2017-08-09 16:37:37 +00:00
Warner Losh
20995eab57 Mark geom classes as deprecated.
geom_bsd, geom_mbr and geom_sunlabel have been obsolete since Marcel
Moolenaar's geom_part was in FreeBSD 7. They haven't been in GENERIC
since FreeBSD 8. Add warning when used.

geom_vol_ffs has been obsolete since ufs support to geom_label was
committed in FreeBSD 5. It hasn't been in GENERIC since FreeBSD 5.
Add warning when used.

geom_fox has been obsolete since gmultipath was committed in FreeBSD 7.
(no warning added, since this is a very obscure class).

These will all be removed in FreeBSD 12.

MFC After: 3 days
Differential Revision: https://reviews.freebsd.org/D11935

Note: Classes will be removed after MFC
2017-08-09 16:15:24 +00:00
Alexander Motin
2b2a6eb95e Missing remanant of 322309.
MFC after:	1 week
2017-08-09 13:46:16 +00:00
Jonathan Anderson
8551a2a6b1 Add birthday information for jonathan@.
As requested by mckusick@...
2017-08-09 13:25:27 +00:00
Andrey V. Elsukov
95e8b991ca Add to if_enc(4) ability to capture packets via BPF after pfil processing.
New flag 0x4 can be configured in net.enc.[in|out].ipsec_bpf_mask.
When it is set, if_enc(4) additionally captures a packet via BPF after
invoking pfil hook. This may be useful for debugging.

MFC after:	2 weeks
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D11804
2017-08-09 12:24:07 +00:00
Alexander Motin
6750c3d0fa Use "Ibex Peak" codename for "5 Series/3400 Series" chipsets.
This is shorter and unifies naming with later chipsets.

MFC after:	1 week
2017-08-09 12:21:17 +00:00
Alexander Motin
aaa9b2b3f3 Add new Intel Lewisburg and Union Point chipset PCI IDs.
While there, polish some old AHCI ones, since they are still reused.

MFC after:	1 week
2017-08-09 12:03:12 +00:00
Oleg Bulyzhin
ff21796d25 Fix comment typo. 2017-08-09 10:46:34 +00:00
Hans Petter Selasky
768a720e95 Print maximum MTU when trying to set invalid MTU in the mlx4en(4) driver.
Useful for debugging.

Submitted by:		Sepherosa Ziehau <sephe@dragonflybsd.org>
MFC after:		3 days
Sponsored by:		Mellanox Technologies
2017-08-09 10:32:51 +00:00
Hans Petter Selasky
a3d0173d98 Increment queue drops in the network statistics when transmitted packets
are dropped by the mlx4en(4) driver.

Submitted by:		Sepherosa Ziehau <sephe@dragonflybsd.org>
MFC after:		3 days
Sponsored by:		Mellanox Technologies
2017-08-09 10:30:55 +00:00
Hans Petter Selasky
f7833544f1 Add support for RX and TX statistics when the mlx4en(4) PCI device
is in VF or SRIOV mode typically in a virtual machine environment.

Submitted by:		Sepherosa Ziehau <sephe@dragonflybsd.org>
MFC after:		3 days
Sponsored by:		Mellanox Technologies
2017-08-09 10:27:21 +00:00
Alexander Motin
c901a9b1f1 Do not loose CCB flags after r320493.
There is at least CAM_UNLOCKED that should be kept.

MFC after:	3 days
2017-08-09 09:13:15 +00:00
Dag-Erling Smørgrav
d80fbbee5f Correct sysctl names. 2017-08-09 07:24:58 +00:00
Sepherosa Ziehau
9c6cae2431 hyperv/hn: Implement transparent mode network VF.
How network VF works with hn(4) on Hyper-V in transparent mode:

- Each network VF has a cooresponding hn(4).
- The network VF and the it's cooresponding hn(4) have the same hardware
  address.
- Once the network VF is attached, the cooresponding hn(4) waits several
  seconds to make sure that the network VF attach routing completes, then:
  o  Set the intersection of the network VF's if_capabilities and the
     cooresponding hn(4)'s if_capabilities to the cooresponding hn(4)'s
     if_capabilities.  And adjust the cooresponding hn(4) if_capable and
     if_hwassist accordingly. (*)
  o  Make sure that the cooresponding hn(4)'s TSO parameters meet the
     constraints posed by both the network VF and the cooresponding hn(4).
     (*)
  o  The network VF's if_input is overridden.  The overriding if_input
     changes the input packet's rcvif to the cooreponding hn(4).  The
     network layers are tricked into thinking that all packets are
     neceived by the cooresponding hn(4).
  o  If the cooresponding hn(4) was brought up, bring up the network VF.
     The transmission dispatched to the cooresponding hn(4) are
     redispatched to the network VF.
  o  Bringing down the cooresponding hn(4) also brings down the network
     VF.
  o  All IOCTLs issued to the cooresponding hn(4) are pass-through'ed to
     the network VF; the cooresponding hn(4) changes its internal state
     if necessary.
  o  The media status of the cooresponding hn(4) solely relies on the
     network VF.
  o  If there are multicast filters on the cooresponding hn(4), allmulti
     will be enabled on the network VF. (**)
- Once the network VF is detached.  Undo all damages did to the
  cooresponding hn(4) in the above item.

NOTE:
No operation should be issued directly to the network VF, if the
network VF transparent mode is enabled.  The network VF transparent mode
can be enabled by setting tunable hw.hn.vf_transparent to 1.  The network
VF transparent mode is _not_ enabled by default, as of this commit.

The benefit of the network VF transparent mode is that the network VF
attachment and detachment are transparent to all network layers; e.g. live
migration detaches and reattaches the network VF.

The major drawbacks of the network VF transparent mode:
- The netmap(4) support is lost, even if the VF supports it.
- ALTQ does not work, since if_start method cannot be properly supported.

(*)
These decisions were made so that things will not be messed up too much
during the transition period.

(**)
This does _not_ need to go through the fancy multicast filter management
stuffs like what vlan(4) has, at least currently:
- As of this write, multicast does not work in Azure.
- As of this write, multicast packets go through the cooresponding hn(4).

MFC after:	3 days
Sponsored by:	Microsoft
Differential Revision:	https://reviews.freebsd.org/D11803
2017-08-09 05:59:45 +00:00
Kirk McKusick
2f401b0a4b Add an entry to UPDATING for r322297 which restores the ability
of fsck to automatically find alternate superblocks when the
standard one is trashed or unavailable.

MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D11589
2017-08-09 05:21:57 +00:00
Kirk McKusick
77b63aa0fc Since the switch to GPT disk labels, fsck for UFS/FFS has been
unable to automatically find alternate superblocks. This checkin
places the information needed to find alternate superblocks to the
end of the area reserved for the boot block.

Filesystems created with a newfs of this vintage or later will
create the recovery information. If you have a filesystem created
prior to this change and wish to have a recovery block created for
your filesystem, you can do so by running fsck in forground mode
(i.e., do not use the -p or -y options). As it starts, fsck will
ask ``SAVE DATA TO FIND ALTERNATE SUPERBLOCKS'' to which you should
answer yes.

Discussed with: kib, imp
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D11589
2017-08-09 05:17:21 +00:00
Alan Cox
5471caf6f1 Introduce vm_page_grab_pages(), which is intended to replace loops calling
vm_page_grab() on consecutive page indices.  Besides simplifying the code
in the caller, vm_page_grab_pages() allows for batching optimizations.
For example, the current implementation replaces calls to vm_page_lookup()
on consecutive page indices by cheaper calls to vm_page_next().

Reviewed by:	kib, markj
Tested by:	pho (an earlier version)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D11926
2017-08-09 04:23:04 +00:00
Marcin Wojtas
29a263df94 Update pl310 node in Armada 38x DTS to match the one used in Linux
Since the cache controller nodes fixup is added to the platform code,
this patch aligns it to the Linux device tree representation.

Submitted by: Patryk Duda <pdk@semihalf.com>
Reviewed by: cognet (mentor)
Approved by: cognet (mentor)
Obtained from: Semihalf
Differential Revision: https://reviews.freebsd.org/D11884
2017-08-09 01:31:05 +00:00
Marcin Wojtas
75b2aa51b4 Enable pl310 coherent operation in platform init for Armada 38x
Updating PL310 sotfware context sc_io_coherent field in
platform_pl310_init() routine for Armada 38x helps to avoid
using 'arm,io-coherent' property, which is by default not present
in the device tree node in Linux.

This way another step for DT unification between two operating
systems is done. The improvemnt will also work after enabling
PLATFORM for Marvell ARMv7 SoCs.

Reviewed by: andrew, cognet (mentor)
Approved by: cognet (mentor)
Obtained from: Semihalf
Differential Revision: https://reviews.freebsd.org/D11883
2017-08-09 01:25:47 +00:00
Kyle Evans
d0bc27e435 df(1): Add --si as an alias for -H
Reviewed by:	cem (earlier version), emaste
Approved by:	emaste (mentor)
Differential Revision:	https://reviews.freebsd.org/D11749
2017-08-09 01:24:52 +00:00
Marcin Wojtas
30608f6dd6 Remove clock-frequency properties from Armada 38x timer nodes
Since the timers' base frequency setting is added to the platform code,
this patch removes clock-frequency properties from global
and twd timers, aligning both to the Linux device tree.

Submitted by: Patryk Duda <pdk@semihalf.com>
Reviewed by: cognet (mentor)
Approved by: cognet (mentor)
Obtained from: Semihalf
Differential Revision: https://reviews.freebsd.org/D11882
2017-08-09 01:20:53 +00:00
Kyle Evans
476c601b7a du(1): Add --si option to display in terms of powers of 1000
Reviewed by:	cem (earlier version), emaste
Approved by:	emaste (mentor)
Differential Revision:	https://reviews.freebsd.org/D11748
2017-08-09 01:19:19 +00:00
Marcin Wojtas
1070a9141c Dynamically configure timers' base frequency for Armada 38x
Instead of using 'clock-frequency' device tree property for global/twd
mpcore timers of Armada 38x SoCs, set it in platform_late_init stage
with arm_tmr_change_frequency() function.

Reviewed by: cognet (mentor)
Approved by: cognet (mentor)
Obtained from: Semihalf
Differential Revision: https://reviews.freebsd.org/D11881
2017-08-09 01:14:29 +00:00
Marcin Wojtas
edf3dd3b0a Enable using ofw_bus_find_compatible in early platform code
Before this patch function ofw_bus_find_compatible was using
memory allocations in order to find compatible node and the property's
length. This way there was always a suited buffer for property,
however this approach had also disadvantages - ofw_bus_find_compatible
couldn't be used when malloc is not available, e.g. during fdt fixup stage.

In order to remove the usage limitation of ofw_bus_find_compatible(),
this patch modifies the function to use ofw_bus_node_is_compatible()
(instead of the one without _int suffix), which uses a fixed
buffer on stack instead of dynamic allocations.

Submitted by: Patryk Duda <pdk@semihalf.com>
Reviewed by: nwhitehorn, cognet (mentor)
Approved by: cognet (mentor)
Obtained from: Semihalf
Differential Revision: https://reviews.freebsd.org/D11880
2017-08-09 01:06:40 +00:00
Kyle Evans
a0bf5d8a68 regex(3): Refactor fast/slow stepping bits in the matching engine
Adding features for matching is fairly straightforward, but this requires
some duplication because of this fast/slow setup. They can be fairly
trivially combined into a single walk(), so do it to make future additions
less error prone.

Reviewed by:	cem (earlier version), emaste, pfg
Approved by:	emaste (mentor)
Differential Revision:	https://reviews.freebsd.org/D11233
2017-08-09 01:04:36 +00:00
Marcin Wojtas
a355bb8846 Add support for "compatible" parameter in ofw_fdt_fixup
Sometimes it's convenient to provide fixup to many boards
that use the same SoC family (eg. Marvell Armada 38x).
Instead of putting multiple entries in fdt_fixup_table,
use one entry which refers to all boards with given SoC.

Submitted by: Patryk Duda <pdk@semihalf.com>
Reviewed by: nwhitehorn, cognet (mentor)
Approved by: cognet (mentor)
Obtained from: Semihalf
Differential Revision: https://reviews.freebsd.org/D11878
2017-08-09 00:56:29 +00:00
Marcin Wojtas
f2d9a004fb Restore original /soc ranges on Marvell Armada 38x boards
Because fdt_get_ranges can process now multiple 'ranges' entries,
restoring the ranges from original Linux device trees is possible.

Submitted by: Patryk Duda <pdk@semihalf.com>
Reviewed by: cognet (mentor)
Approved by: cognet (mentor)
Obtained from: Semihalf
Differential Revision: https://reviews.freebsd.org/D11877
2017-08-09 00:51:45 +00:00
Marcin Wojtas
bfd084c8c4 Enable parsing simple-bus 'ranges' with multiple entries
This patch makes possible to boot with up to 8 ranges in soc.
Dynamic allocation cannot be used, because ftd_get_ranges
function is called early, when malloc is not available.

Change is required for the alignment of Marvell Armada 38x
device trees present in sys/gnu/dts/arm - originally
the platform has 6 entries in simple-bus 'ranges'.

Submitted by: Patryk Duda <pdk@semihalf.com>
Reviewed by: manu, nwhitehorn, cognet (mentor)
Approved by: cognet (mentor)
Obtained from: Semihalf
Differential Revision: https://reviews.freebsd.org/D11876
2017-08-09 00:45:25 +00:00
Ian Lepore
b8c53507cb Remove the ds133x and s35390a i2c RTC drivers for now. They both do i2c
transfers in their probe() or attach() routines, and that doesn't work
when the low-level controller requires interrupts to be functional.

The DS133x family of chips is nearly identical to the DS1307 and support
for them should be added to that driver, then the ds133x driver can be
deleted.  The s35390a driver just needs a non-trivial workover.  In both
cases that work will be done and committed separately.
2017-08-08 22:58:34 +00:00
Renato Botelho
af71799848 Add missing parenthesis on error message
Approved by:	loos
MFC after:	3 days
Sponsored by:	Rubicon Communications, LLC (Netgate)
2017-08-08 22:40:26 +00:00
Kristof Provost
7f3ad01804 pf_get_sport(): Prevent possible endless loop when searching for an unused nat port
This is an import of Alexander Bluhm's OpenBSD commit r1.60,
the first chunk had to be modified because on OpenBSD the
'cut' declaration is located elsewhere.

Upstream report by Jingmin Zhou:
https://marc.info/?l=openbsd-pf&m=150020133510896&w=2

OpenBSD commit message:
 Use a 32 bit variable to detect integer overflow when searching for
 an unused nat port.  Prevents a possible endless loop if high port
 is 65535 or low port is 0.
 report and analysis Jingmin Zhou; OK sashan@ visa@
Quoted from: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_lb.c

PR:		221201
Submitted by:	Fabian Keil <fk@fabiankeil.de>
Obtained from:  OpenBSD via ElectroBSD
MFC after:	1 week
2017-08-08 21:09:26 +00:00
Warner Losh
5b896b567d Turns out to be even simpler to just not create /dev/efi if we don't
have a efi runtime.
2017-08-08 21:01:11 +00:00
Warner Losh
9057f54d74 Fail to open efirt device when no EFI on system.
libefivar expects opening /dev/efi to indicate if the we can make efi
runtime calls. With a null routine, it was always succeeding leading
efi_variables_supported() to return the wrong value. Only succeed if
we have an efi_runtime table. Also, while I'm hear, out of an
abundance of caution, add a likely redundant check to make sure
efi_systbl is not NULL before dereferencing it. I know it can't be
NULL if efi_cfgtbl is non-NULL, but the compiler doesn't.
2017-08-08 20:44:16 +00:00
Jeremie Le Hen
ac0ced90e0 rwho/ruptime/rwhod shouldn't be gated by RCMDS.
As peter@ points out in pr/220953:
"rwho, rwhod and ruptime are not part of the remote login suite (rsh, rlogin
etc).

They should *not* be in the rcmds package which is disabled by default.  We
rely on rwho/rwhod/ruptime in the freebsd.org cluster."

This commit is a re-commit of r322029 and r322031 with a better commit log, as
pointed out by ngie@.

This also includes the necesary changes to OptionalObsoleteFiles.inc, as
requested by jhb@.

PR:		220953
Reported by:	peter@, jhb@
Differential Revision:	https://reviews.freebsd.org/D11743
2017-08-08 20:17:07 +00:00
Jeremie Le Hen
eba789dcca Revert r322029 and r322031 so as to recommit them with a better commit log.
PR:		220953
Reported by:	ngie@
2017-08-08 20:07:08 +00:00
Alexander Motin
3a150601e1 Fix few issues of LinuxKPI workqueue.
LinuxKPI workqueue wrappers reported "successful" cancellation for works
already completed in normal way.  This change brings reported status and
real cancellation fact into sync.  This required for drm-next operation.

Reviewed by:	hselasky (earlier version)
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D11904
2017-08-08 19:36:34 +00:00
Ed Maste
5b240641ec Remove now-unused badsb declaration, missed in r322200
Sponsored by:	The FreeBSD Foundation
2017-08-08 18:31:40 +00:00
John Baldwin
d081dfc7cd Fix a NULL pointer dereference in mly_user_command().
If mly_user_command fails to allocate a command slot it jumps to an 'out'
label used for error handling.  The error handling code checks for a data
buffer in 'mc->mc_data' to free before checking if 'mc' is NULL.  Fix by
just returning directly if we fail to allocate a command and only using
the 'out' label for subsequent errors when there is actual cleanup to
perform.

PR:		217747
Reported by:	PVS-Studio
Reviewed by:	emaste
MFC after:	1 week
2017-08-08 17:49:57 +00:00
Dimitry Andric
2297469e56 Vendor import of libc++ release_50 branch r310316:
https://llvm.org/svn/llvm-project/libcxx/branches/release_50@310316
2017-08-08 16:53:40 +00:00
Dimitry Andric
ffe56ea4c3 Vendor import of clang release_50 branch r310316:
https://llvm.org/svn/llvm-project/cfe/branches/release_50@310316
2017-08-08 16:53:22 +00:00
Dimitry Andric
4e20bb0468 Vendor import of llvm release_50 branch r310316:
https://llvm.org/svn/llvm-project/llvm/branches/release_50@310316
2017-08-08 16:52:53 +00:00