Commit Graph

258211 Commits

Author SHA1 Message Date
dim
cd43497b98 Pull in r339734 from upstream llvm trunk (by Eli Friedman):
[ARM] Make PerformSHLSimplify add nodes to the DAG worklist correctly.

  Intentionally excluding nodes from the DAGCombine worklist is likely
  to lead to weird optimizations and infinite loops, so it's generally
  a bad idea.

  To avoid the infinite loops, fix DAGCombine to use the
  isDesirableToCommuteWithShift target hook before performing the
  transforms in question, and implement the target hook in the ARM
  backend disable the transforms in question.

  Fixes https://bugs.llvm.org/show_bug.cgi?id=38530 . (I don't have a
  reduced testcase for that bug. But we should have sufficient test
  coverage for PerformSHLSimplify given that we're not playing weird
  tricks with the worklist. I can try to bugpoint it if necessary,
  though.)

  Differential Revision: https://reviews.llvm.org/D50667

This should fix a possible hang when compiling sys/dev/nxge/if_nxge.c
(which exists now only in the stable/11 branch) for arm.
2019-02-12 18:32:14 +00:00
trasz
68c8581f77 Fix markup - use .Pa for the directory component, not .Fa.
Reported by:	0mp
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2019-02-12 13:01:55 +00:00
luporl
7f37c2acdb [ppc64] prevent infinite loop on icache sync
At moea64_sync_icache(), when the 'va' argument has page size
alignment, round_page() will return the same value as 'va'.
This would cause 'len' to be 0 and thus an infinite loop.

With this change, 'lim' will always point to the next page boundary.

This issue occurred especially during debugging sessions, when a breakpoint
was placed on an exact page-aligned offset, for instance.

Reviewed by:	jhibbits
Differential Revision:	https://reviews.freebsd.org/D19149
2019-02-12 11:29:03 +00:00
tuexen
6903958c2a Improve input validation for raw IPv4 socket using the IP_HDRINCL
option.

This issue was found by running syzkaller on OpenBSD.
Greg Steuck made me aware that the problem might also exist on FreeBSD.

Reported by:		Greg Steuck
MFC after:		1 month
Differential Revision:	https://reviews.freebsd.org/D18834
2019-02-12 10:17:21 +00:00
lwhsu
1e690381ab Remove empty files
Approved by:	markj (mentor)
Sponsored by:	The FreeBSD Foundation
2019-02-12 08:16:05 +00:00
bwidawsk
71c558aa94 termcap: Add an entry for kitty
The project is here:
https://github.com/kovidgoyal/kitty/

I created a port (which now needs updating):
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233010

If only we could use terminfo :(

MFC after:      5 days
Approved by:    bapt
Differential Revision:	https://reviews.freebsd.org/D19060
2019-02-12 05:15:36 +00:00
pfg
793037178f UMA: unsign some variables related to allocation in hash_alloc().
As a followup to r343673, unsign some variables related to allocation
since the hashsize cannot be negative. This gives a bit more space to
handle bigger allocations and avoid some implicit casting.

While here also unsign uh_hashmask, it makes little sense to keep that
signed.

MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19148
2019-02-12 04:33:05 +00:00
ngie
872ad8da9c Bump __FreeBSD_version__ for r343891
This will allow upstream consumers, e.g., capsicum-test and third-party
packages (via ports(7)), to test for a specific `__FreeBSD_version__` and
expect `renameat(2)` to be functional.

PR:		222258
Approved by:	emaste (mentor)
Reviewed by:	emaste
MFC with:	r343891
Differential Revision: https://reviews.freebsd.org/D19154
2019-02-12 03:32:40 +00:00
kevlo
e5dd63f354 Remove entry for Intenso product. 2019-02-12 02:55:25 +00:00
kevlo
17f97d252a Remove duplicate vendor id in r334650. Intenso doesn't have a USB VID. 2019-02-12 02:48:16 +00:00
kevans
96ccc495bf libbe(3): Belatedly note the BE_DESTROY_ORIGIN option added in r343977
X-MFC-With: r343977
2019-02-12 02:16:21 +00:00
pkelsey
6ce26106c0 Fix the fix added in r343287 for spurious HFSC bandwidth check errors
The logic added in r343287 to avoid false-positive
sum-of-child-bandwidth check errors for HFSC queues has a bug in it
that causes the upperlimit service curve of an HFSC queue to be pulled
down to its parent's linkshare service curve if it happens to be above
it.

Upon further inspection/reflection, this generic
sum-of-child-bandwidths check does not need to be fixed for HFSC - it
needs to be skipped.  For HFSC, the equivalent check is to ensure the
sum of child linkshare service curves are at or below the parent's
linkshare service curve, and this check is already being performed by
eval_pfqueue_hfsc().

This commit reverts the affected parts of r343287 and adds new logic
to skip the generic sum-of-child-bandwidths check for HFSC.

MFC after:	1 day
Sponsored by:	RG Nets
Differential Revision:	https://reviews.freebsd.org/D19124
2019-02-11 22:58:43 +00:00
dab
a8b33d582f CID 1009492: Logically dead code in sys/cam/scsi/scsi_xpt.c
In `probedone()`, for the `PROBE_REPORT_LUNS` case, all paths that
fall to the bottom of the case set `lp` to `NULL`, so the test for a
non-NULL value of `lp` and call to `free()` if true is dead code as
the test can never be true. Fix by eliminating the whole if
statement. To guard against a possible future change that accidentally
violates this assumption, use a `KASSERT()` to catch if `lp` is
non-NULL.

Reviewed by:	cem
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D19109
2019-02-11 22:09:26 +00:00
brooks
3a2450df1c mdmfs: Fix many bugs in automatic md(4) creation.
This code allocated a correctly sized buffer, read past the end of the
source buffer, writing off the end of the target buffer, and then writing
a '\0' terminator past the end of the target buffer (in the wrong place).
It then leaked the buffer.

Switch to a statically sized buffer on the stack and update the source
pointer and
length before use so the correct things are copied.

Fix a logic error in the checks that the format of the line is as
expected and move on out of an assert.

Remove an unneeded close(). fclose() closes the descriptor.

Found with:	CheriABI
Obtained from:	CheriBSD
Reviewed by:	kib, jhb, markj
Differential Revision:	https://reviews.freebsd.org/D19122
2019-02-11 21:31:26 +00:00
jhb
7a00254565 Enable PCI BAR reallocation by default.
When pci_realloc_bars was first added, the intention was to eventually
enable it by default, but it was left disabled to preserve existing
behavior.  The setting is pretty conservative in that it does not
attempt to allocate resources for BARs that the BIOS/firmware leaves
disabled.  It only attempts to reallocate resources for a BAR that the
firmware programmed during boot but that conflicts with another
resource during the kernel's device scan.

PR 221350 is an example of a machine that this knob fixes.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D18965
2019-02-11 20:47:09 +00:00
trasz
feb99cffcd Add explanation of branches to the ports(7) man page.
Reviewed by:	matthew@, freebsd@mhka.no
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D19146
2019-02-11 20:46:32 +00:00
ae
68fa2ad519 Remove `set' field from state structure and use set from parent rule.
Initially it was introduced because parent rule pointer could be freed,
and rule's information could become inaccessible. In r341471 this was
changed. And now we don't need this information, and also it can become
stale. E.g. rule can be moved from one set to another. This can lead
to parent's set and state's set will not match. In this case it is
possible that static rule will be freed, but dynamic state will not.
This can happen when `ipfw delete set N` command is used to delete
rules, that were moved to another set.
To fix the problem we will use the set number from parent rule.

Obtained from:	Yandex LLC
MFC after:	1 week
Sponsored by:	Yandex LLC
2019-02-11 18:10:55 +00:00
cracauer
48cc2cb19f Bump .Dd for today's edit.
Thank you Enji Cooper
2019-02-11 16:31:15 +00:00
cracauer
f47b0a3159 Clarify NFSv4 /etc/exports semantics, with working example.
The existing wording has been confusing users for years.
2019-02-11 15:51:28 +00:00
tuexen
ac714b57d1 Fix flags used when compiling kern_kcov.c and subr_coverage.c.
Without this fix, the usage of kernel coverage would lockup the system.
Thanks to Andrew for suggesting the final form of the fix.

PR:			235611
Reviewed by:		andrew@, emaste@
Differential Revision:	https://reviews.freebsd.org/D19135
2019-02-11 15:38:05 +00:00
ganbold
2e44973003 Add sensors support for AXP803/AXP813. Sensor values such as
battery charging, charge state, voltage, charging current, discharging current,
battery capacity etc. can be obtained via sysctl.

Reviewed by:	manu
Differential Revision:	https://reviews.freebsd.org/D19145
2019-02-11 14:31:19 +00:00
gonzo
9e141fd88f Fix off-by-one error in BERI virtio driver
The hardcoded ident is exactly 20 bytes long but sprintf adds terminating zero,
so there is one byte written out of array bounds.As a fix use strncpy it
appends \0 only if space allows and its behavior matches virtio spec:

When VIRTIO_BLK_T_GET_ID is issued, the device identifier, up to 20 bytes, is
written to the buffer. The identifier should be interpreted as an ascii string.
It is terminated with \0, unless it is exactly 20 bytes long.

PR:		202298
Reviewed by:	br
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D18852
2019-02-11 07:42:32 +00:00
pkelsey
a7b65055d5 Place pf_altq_get_nth_active() under the ALTQ ifdef
MFC after:	1 week
2019-02-11 05:39:38 +00:00
pkelsey
1231387b19 Reduce the time it takes the kernel to install a new PF config containing a large number of queues
In general, the time savings come from separating the active and
inactive queues lists into separate interface and non-interface queue
lists, and changing the rule and queue tag management from list-based
to hash-bashed.

In HFSC, a linear scan of the class table during each queue destroy
was also eliminated.

There are now two new tunables to control the hash size used for each
tag set (default for each is 128):

net.pf.queue_tag_hashsize
net.pf.rule_tag_hashsize

Reviewed by:	kp
MFC after:	1 week
Sponsored by:	RG Nets
Differential Revision:	https://reviews.freebsd.org/D19131
2019-02-11 05:17:31 +00:00
kevans
3e9f4c04bb bectl(8): commit missing test modifications from r343993
X-MFC-With:	r343993
2019-02-11 04:00:42 +00:00
kevans
4d060aa696 bectl(8): Add -o flag to destroy to clean up the origin snapshot of BE
We can't predict when destruction of origin is needed, and currently we have
a precedent for not prompting for things. Leave the decision up to the user
of bectl(8) if they want the origin snapshot to be destroyed or not.

Emits a warning when -o isn't used and an origin snapshot is left to be
cleaned up, for the time being. This is handy when one drops the -o flag but
really did want to clean up the origin.

A couple of -e ignore's have been sprinkled around the test suite for places
that we don't care that the origin's not been cleaned up. -o functionality
tests will be added in the future, but are omitted for now to reduce
conflicts with work in flight to fix bits of the tests.

Reported by:	Shawn Webb
MFC after:	1 week
2019-02-11 04:00:01 +00:00
cem
5e8683b78d gbde(8) - simplify randomisation with arc4random_buf
Submitted by:	David CARLIER <devnexen AT gmail.com>
Differential Revision:	https://reviews.freebsd.org/D18678
2019-02-11 00:11:02 +00:00
avos
955ed771da net80211(4): hide casts for 'i_seq' field offset calculation inside
ieee80211_getqos() and reuse it in various places.

Checked with RTL8188EE, HOSTAP mode + RTL8188CUS, STA mode.

MFC after:	2 weeks
2019-02-10 23:58:56 +00:00
oshogbo
b426d2edcc libnv: fix memory leaks
Free the data array for NV_TYPE_DESCRIPTOR_ARRAY case.

MFC after:	2 weeks
2019-02-10 23:30:54 +00:00
oshogbo
1790653b1d libnv: fix memory leaks
nvpair_create_stringv: free the temporary string; this fix affects
nvlist_add_stringf() and nvlist_add_stringv().

nvpair_remove_nvlist_array (NV_TYPE_NVLIST_ARRAY case): free the chain
of nvpairs (as resetting it prevents nvlist_destroy() from freeing it).
Note: freeing the chain in nvlist_destroy() is not sufficient, because
it would still leak through nvlist_take_nvlist_array().  This affects
all nvlist_*_nvlist_array() use

Submitted by:	Mindaugas Rasiukevicius <rmind@netbsd.org>
Reported by:	clang/gcc ASAN
MFC after:	2 weeks
2019-02-10 23:28:55 +00:00
cem
a7ab0783e1 Prevent overflow for usertime/systime in caclru1
PR:		76972 and duplicates
Reported by:	Dr. Christopher Landauer <cal AT aero.org>,
		Steinar Haug <sthaug AT nethelp.no>
Submitted by:	Andrey Zonov <andrey AT zonov.org> (earlier version)
MFC after:	2 weeks
2019-02-10 23:07:46 +00:00
jilles
bdbf8ff3c0 sh: Restore $((x)) error checking after fix for $((-9223372036854775808))
SVN r342880 was designed to fix $((-9223372036854775808)) and things like
$((0x8000000000000000)) but also broke error detection for values of
variables without dollar sign ($((x))).

For compatibility, overflow in plain literals continues to be ignored and
the value is clamped to the boundary (except 9223372036854775808 which is
changed to -9223372036854775808).

Reviewed by:	se (although he would like error checking to be removed)
MFC after:	2 weeks
X-MFC-with:	r342880
Differential Revision:	https://reviews.freebsd.org/D18926
2019-02-10 22:23:05 +00:00
avos
c757937316 ifconfig(8): display 802.11n rates correctly for 'roam:rate' parameter
MFC after:	5 days
2019-02-10 21:32:39 +00:00
marius
dc4502cae7 As struct cryptop is wrapped in #ifdef _KERNEL, userland doesn't
need to drag in <sys/_task.h> either.
2019-02-10 21:27:03 +00:00
kp
af0e61e653 pfctl: Fix ifa_grouplookup()
Setting the length of the request got lost in r343287, which means SIOCGIFGMEMB
gives us the required length, but does not copy the names of the group members.
As a result we don't get a correct list of group members, and 'set skip on
<ifgroup>' broke.

This produced all sorts of very unexpected results, because we would end up
applying 'set skip' to unexpected interfaces.

X-MFC-with:	r343287
2019-02-10 21:22:55 +00:00
kevans
45f6749b44 libbe(3): Add a destroy option for removing the origin
Currently origin snapshots are left behind when a BE is destroyed, whether
it was an auto-created snapshot or explicitly specified via, for example,
`bectl create -e be@mysnap ...`.

Removing it automatically could be argued as a POLA violation in some
circumstances, so provide a flag to be_destroy for it. An accompanying
option will be added to bectl(8) to utilize this.

Some minor style/consistency nits in the affected areas also addressed.

Reported by:	Shawn Webb
MFC after:	1 week
2019-02-10 21:19:09 +00:00
jhibbits
5e39797ea9 powerpc: Clamp MAXCPU for MPC85XXSPE kernel to 2
SoCs with e500v2 chips only have at most 2 cores, and there are no plans to
release any more e500v2-based SoCs.  Clamping MAXCPU down to 2 saves 5MB of
data, and 1.5MB bss.
2019-02-10 20:21:20 +00:00
nwhitehorn
86f1471687 Performance improvements for octe(4):
- Distribute RX load across multiple cores, if present. This reverts
  r217212, which is no longer relevant (I think because of the newer
  SDK).
- Use newer APIs for pinning taskqueue entries to specific cores.
- Deepen RX buffers.

This more than doubles NAT forwarding throughput on my EdgeRouter Lite from,
with typical packet mixture, 90 Mbps to over 200 Mbps. The result matches
forwarding throughput in Linux without the UBNT hardware offload on the same
hardware, and thus likely reflects hardware limits.

Reviewed by:	jhibbits
2019-02-10 20:13:59 +00:00
np
276561ace9 cxgbe(4): Ignore unused interrupts.
Sponsored by:	Chelsio Communications
2019-02-10 19:20:03 +00:00
pluknet
d9fad5273b Sync "struct addrinfo" declaration with netdb.h.
Notably, unlike in OpenBSD, which the man page was copied from,
ai_canonname and ai_addr come in different order.

PR:		225880
MFC after:	1 week
2019-02-10 19:07:47 +00:00
kib
e8307d185a struct xswdev on amd64 requires compat32 shims after ino64.
i386 is the only architecture where uint64_t does not specify 8-bytes
alignment, which makes struct xswdev layout not compatible between
64bit and i386.

Reported and tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-02-10 19:01:05 +00:00
mmel
7986a38d8f Fix bug introduced by r343962.
DMAMAP_DMAMEM_ALLOC is property of dmamap, not dmatag.

MFC after:	1 week
Reported by:	ian
Pointy hat:	mmel
2019-02-10 18:28:37 +00:00
kib
08849e56ba Implement Address Space Layout Randomization (ASLR)
With this change, randomization can be enabled for all non-fixed
mappings.  It means that the base address for the mapping is selected
with a guaranteed amount of entropy (bits). If the mapping was
requested to be superpage aligned, the randomization honours the
superpage attributes.

Although the value of ASLR is diminshing over time as exploit authors
work out simple ASLR bypass techniques, it elimintates the trivial
exploitation of certain vulnerabilities, at least in theory.  This
implementation is relatively small and happens at the correct
architectural level.  Also, it is not expected to introduce
regressions in existing cases when turned off (default for now), or
cause any significant maintaince burden.

The randomization is done on a best-effort basis - that is, the
allocator falls back to a first fit strategy if fragmentation prevents
entropy injection.  It is trivial to implement a strong mode where
failure to guarantee the requested amount of entropy results in
mapping request failure, but I do not consider that to be usable.

I have not fine-tuned the amount of entropy injected right now. It is
only a quantitive change that will not change the implementation.  The
current amount is controlled by aslr_pages_rnd.

To not spoil coalescing optimizations, to reduce the page table
fragmentation inherent to ASLR, and to keep the transient superpage
promotion for the malloced memory, locality clustering is implemented
for anonymous private mappings, which are automatically grouped until
fragmentation kicks in.  The initial location for the anon group range
is, of course, randomized.  This is controlled by vm.cluster_anon,
enabled by default.

The default mode keeps the sbrk area unpopulated by other mappings,
but this can be turned off, which gives much more breathing bits on
architectures with small address space, such as i386.  This is tied
with the question of following an application's hint about the mmap(2)
base address. Testing shows that ignoring the hint does not affect the
function of common applications, but I would expect more demanding
code could break. By default sbrk is preserved and mmap hints are
satisfied, which can be changed by using the
kern.elf{32,64}.aslr.honor_sbrk sysctl.

ASLR is enabled on per-ABI basis, and currently it is only allowed on
FreeBSD native i386 and amd64 (including compat 32bit) ABIs.  Support
for additional architectures will be added after further testing.

Both per-process and per-image controls are implemented:
- procctl(2) adds PROC_ASLR_CTL/PROC_ASLR_STATUS;
- NT_FREEBSD_FCTL_ASLR_DISABLE feature control note bit makes it possible
  to force ASLR off for the given binary.  (A tool to edit the feature
  control note is in development.)
Global controls are:
- kern.elf{32,64}.aslr.enable - for non-fixed mappings done by mmap(2);
- kern.elf{32,64}.aslr.pie_enable - for PIE image activation mappings;
- kern.elf{32,64}.aslr.honor_sbrk - allow to use sbrk area for mmap(2);
- vm.cluster_anon - enables anon mapping clustering.

PR:	208580 (exp runs)
Exp-runs done by:	antoine
Reviewed by:	markj (previous version)
Discussed with:	emaste
Tested by:	pho
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D5603
2019-02-10 17:19:45 +00:00
mmel
d856ea7e91 Don't allocate same clock twice..
MFC after:	1 week
Reported by:	jah
2019-02-10 14:30:15 +00:00
mmel
dd190a8f15 Properly handle alignment requests bigger that page size.
- for now, alignments bigger that page size is allowed only for buffers
   allocated by bus_dmamem_alloc(), cover this fact by KASSERT.
 - never bounce buffers allocated by bus_dmamem_alloc(), these always comply
   with the required rules (alignment, boundary, address range).

MFC after:	1 week
Reviewed by:	jah
PR:		235542
2019-02-10 14:25:29 +00:00
tuexen
b80fcf68dd Fix a locking issue when reporing outbount messages.
MFC after:		3 days
2019-02-10 14:02:14 +00:00
tuexen
eee3d66791 Fix a locking issue in the IPPROTO_SCTP level SCTP_PEER_ADDR_THLDS socket
option. The problem affects only setsockopt with invalid parameters.

This issue was found by syzkaller.

MFC after:		3 days
2019-02-10 13:55:32 +00:00
dim
e54591675d Fix the first couple of AddressSanitizer violations in usr.bin/top.
Avoid setting zero bytes beyond the length of the 'thisline' parameters
in i_process() and u_process(), and don't attempt to memset a negative
number of bytes.

MFC after:	1 week
2019-02-10 13:44:36 +00:00
dim
6390240351 Fix multiple warnings in usr.bin/top about variables shadowing global
declarations from base gcc, by renaming those variables.

MFC after:	1 week
2019-02-10 13:34:21 +00:00
dim
24a0b90e26 Fix multiple warnings in usr.bin/top about discarded qualifiers from
both clang and gcc, by either constifying variables, or when that is not
possible, using __DECONST.

MFC after:	1 week
2019-02-10 13:31:08 +00:00