Commit Graph

8330 Commits

Author SHA1 Message Date
ae
0fb6ad528e Merge projects/ipsec into head/.
Small summary
 -------------

o Almost all IPsec releated code was moved into sys/netipsec.
o New kernel modules added: ipsec.ko and tcpmd5.ko. New kernel
  option IPSEC_SUPPORT added. It enables support for loading
  and unloading of ipsec.ko and tcpmd5.ko kernel modules.
o IPSEC_NAT_T option was removed. Now NAT-T support is enabled by
  default. The UDP_ENCAP_ESPINUDP_NON_IKE encapsulation type
  support was removed. Added TCP/UDP checksum handling for
  inbound packets that were decapsulated by transport mode SAs.
  setkey(8) modified to show run-time NAT-T configuration of SA.
o New network pseudo interface if_ipsec(4) added. For now it is
  build as part of ipsec.ko module (or with IPSEC kernel).
  It implements IPsec virtual tunnels to create route-based VPNs.
o The network stack now invokes IPsec functions using special
  methods. The only one header file <netipsec/ipsec_support.h>
  should be included to declare all the needed things to work
  with IPsec.
o All IPsec protocols handlers (ESP/AH/IPCOMP protosw) were removed.
  Now these protocols are handled directly via IPsec methods.
o TCP_SIGNATURE support was reworked to be more close to RFC.
o PF_KEY SADB was reworked:
  - now all security associations stored in the single SPI namespace,
    and all SAs MUST have unique SPI.
  - several hash tables added to speed up lookups in SADB.
  - SADB now uses rmlock to protect access, and concurrent threads
    can do SA lookups in the same time.
  - many PF_KEY message handlers were reworked to reflect changes
    in SADB.
  - SADB_UPDATE message was extended to support new PF_KEY headers:
    SADB_X_EXT_NEW_ADDRESS_SRC and SADB_X_EXT_NEW_ADDRESS_DST. They
    can be used by IKE daemon to change SA addresses.
o ipsecrequest and secpolicy structures were cardinally changed to
  avoid locking protection for ipsecrequest. Now we support
  only limited number (4) of bundled SAs, but they are supported
  for both INET and INET6.
o INPCB security policy cache was introduced. Each PCB now caches
  used security policies to avoid SP lookup for each packet.
o For inbound security policies added the mode, when the kernel does
  check for full history of applied IPsec transforms.
o References counting rules for security policies and security
  associations were changed. The proper SA locking added into xform
  code.
o xform code was also changed. Now it is possible to unregister xforms.
  tdb_xxx structures were changed and renamed to reflect changes in
  SADB/SPDB, and changed rules for locking and refcounting.

Reviewed by:	gnn, wblock
Obtained from:	Yandex LLC
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D9352
2017-02-06 08:49:57 +00:00
ngie
d63dd45974 style(9) cleanup
- Delete trailing whitespace
- Fix alignment/variable sorting
- Delete single-line enclosing braces

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-02-05 05:36:51 +00:00
imp
61164e9188 Use ssize_t instead of uint32_t to prevent warnings about a comparison
with different signs. Due to the promotion rules, this would only
happen on 32-bit platforms.
2017-02-05 01:20:39 +00:00
imp
a0eebeae53 Add the ability to dump log pages directly in binary to stdout.
Update man page to include this flag, and an example of dumping a
vendor-specific page while I'm here.
2017-02-05 00:55:07 +00:00
imp
f59992fabe Add some descriptions to the man page for the supported log pages as
well as the new wdc commands. Make wdc be an alias for hgst when
specifying the vendor to use to interpret the page.
2017-02-05 00:45:02 +00:00
adrian
4214607b6c [net80211] fix quiet_duration parameter to match what is provided in the manpage. 2017-02-04 20:57:12 +00:00
imp
1a316459b6 Fix off by one error that truncated the serial number for filenames. 2017-02-04 20:43:54 +00:00
imp
caf95c0491 Fix a typo in usage string for unimplemented command. 2017-02-04 20:43:45 +00:00
def
1bdea4b6ed Fix bugs found by Coverity in decryptcore(8) and savecore(8):
- Perform final decryption and write decrypted data in case of non-block aligned
input data;
- Use strlcpy(3) instead of strncpy(3) to verify if paths aren't too long;
- Check errno after calling unlink(2) instead of calling stat(2) in order to
verify if a decrypted core was created by a child process;
- Free dumpkey.

Reported by:	Coverity, cem, pfg
Suggested by:	cem
CID:		1366936, 1366942, 1366951, 1366952
Approved by:	pjd (mentor)
2017-02-04 14:10:16 +00:00
allanjude
95b08b8b4a Switch hastctl and hastd to libmd instead of openssl for sha256
Reviewed by:	bapt, brnrd, pjd
Approved by:	pjd (maintainer)
Sponsored by:	ScaleEngine Inc., FOSDEM DevSummit
Differential Revision:	https://reviews.freebsd.org/D9423
2017-02-04 06:12:48 +00:00
imp
52972faf3b Implement 5 wdc-specific nvme control options for their HGST drives:
wdc cap-diag		Capture diagnostic data from drive
	wdc drive-log		Capture drive history data from drive
	wdc get-crash-dump	Retrieve firmware crash dump from drive
2017-02-04 05:53:00 +00:00
imp
1507791e30 Move the usage and command name lookup into functions. 2017-02-04 05:52:53 +00:00
imp
b0f46bfb86 Put the arguments to aligned_alloc in the right order. 2017-02-04 05:52:50 +00:00
pfg
224a227637 resolvconf: restore RESTARTCMD=, CMD1=, CMD2= and sed pattern as before.
r312992 removed RESTARTCMD_WITH_ARG for @RESTARTCMD something@ but
reverted the sed to be '@RESTARTCMD \(.*\)@' and RESTARTCMD= to be
the value of RESTARTCMD_WITH_ARG.

Submitted by:	Guy Yur
x_MFC with:	r312992
2017-02-03 16:08:58 +00:00
imp
d10af717dd Use aligned buffer for the firmware data. Otherwise, when loading a
MAXPHYS bytes of data, the I/O would require MAXPHYS + PAGE_SIZE worth
of pages to do the I/O and we'd hit an assertion in
vm_fault_quick_hold_pages unless MAXPHYS was larger than 1M +
PAGE_SIZE.
2017-02-02 23:04:00 +00:00
pfg
df96004a77 MFV r312970:
openresolv: update to version 3.9.0.

It is now possible to drop the _WITH_ARG vars thanks to a change to the
pdns_recursor upstreamed by Guy Yur.

MFC after:	3 weeks
2017-01-30 16:32:53 +00:00
nyan
259480b6de Remove pc98 support completely.
I thank all developers and contributors for pc98.

Relnotes:	yes
2017-01-28 02:22:15 +00:00
mckusick
c7e840295a By default, when doing incremental restores the restore program
overwrites an existing file rather than removing it and creating a
new file.  If the old and new version of the file both have extended
attributes and the extended attributes of the two versions of the
file are different, the result is that the new file ends up with
the union of the extended attributes of the old and new files.

To get the behavior of replacing the extended attributes rather
than augmenting them requires explicitly removing the old attributes
and then adding the new ones.

To get this behavior, the old file must be unlinked (which clears
out the old extended attributes).  Then the new file of the same
name must be created and the new extended attributes added to it.

This behavior can be obtained by specifying the -u flag when running
restore.  Rather than defaulting the -u option to on and possibly
breaking existing scripts using restore, this change simply notes
in the restore.8 manual page that the -u flag is recommended when
using restore on filesystems that contain extended attributes.

PR:                     216127
Reported by:            dewayne at heuristicsystems.com.au
Differential Revision:  https://reviews.freebsd.org/D9208
2017-01-22 17:49:14 +00:00
avos
8e0917e51f net80211: allow to configure LDPC support
Tested with RTL8821AU, STA mode (Tx support only)

Reviewed by:	adrian
Differential Revision:	https://reviews.freebsd.org/D9268
2017-01-21 14:19:06 +00:00
avos
445f2d1be3 ifconfig(8): fix '-stbc' parameter name.
MFC after:	5 days
2017-01-20 22:41:16 +00:00
asomers
525005cf9e Misc Coverity fixes in camcontrol(8)
CID 1229913	Fix output of "camcontrol persist -i report_capabilities".
		The reported Persistent Reservation Types were wrong in all
		cases.
CID 1356029	Annotate the code so Coverity will know that this is a false
		positive.
CID 1366830	Fix a memory leak in "camcontrol timestamp -s"
CID 1366832	Fix a segfault that could be caused by bad drive firmware

Also, fix the man page entry for the "camcontrol epc state" command to match
what the code does.

Reviewed by:	ken, wblock
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D9239
2017-01-20 21:21:41 +00:00
asomers
b4406e17e9 Fix build of devd with GCC 4.2
Reported by:	olivier
Pointy-hat-to:	asomers
MFC after:	27 days
X-MFC-with:	312395
Sponsored by:	Spectra Logic Corp
2017-01-19 16:59:55 +00:00
asomers
41803adfd4 Fix several Coverity CIDs in devd
CID 1362055, 1362054: File descriptor leaks during shutdown
CID 1362013: Potential null-termination fail with long network device names
CID 1362097: Uncaught exception during memory pressure
CID 1362017, 1362016: Unchecked errors, possibly resulting in weird behavior
	if two devd instances start at the same time.
CID 1362015:	Unchecked error that will probably never fail

Reported by:	Coverity
CID:	1362055 1362054 1362013 1362097 1362017 1362016 1362015
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
2017-01-18 20:24:37 +00:00
cem
63708c4468 restore(8): Handle extended attribute names correctly
UFS2 extended attribute names are not NUL-terminated.  Handle
appropriately.

Correct the EXTATTR_BASE_LENGTH() macro, which handled ea_namelength ==
one (mod eight) extended attributes incorrectly.

PR:		216127
Reported by:	dewayne at heuristicsystems.com.au
Reviewed by:	kib@
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D9208
2017-01-18 18:16:57 +00:00
hselasky
efa6326974 Implement kernel support for hardware rate limited sockets.
- Add RATELIMIT kernel configuration keyword which must be set to
enable the new functionality.

- Add support for hardware driven, Receive Side Scaling, RSS aware, rate
limited sendqueues and expose the functionality through the already
established SO_MAX_PACING_RATE setsockopt(). The API support rates in
the range from 1 to 4Gbytes/s which are suitable for regular TCP and
UDP streams. The setsockopt(2) manual page has been updated.

- Add rate limit function callback API to "struct ifnet" which supports
the following operations: if_snd_tag_alloc(), if_snd_tag_modify(),
if_snd_tag_query() and if_snd_tag_free().

- Add support to ifconfig to view, set and clear the IFCAP_TXRTLMT
flag, which tells if a network driver supports rate limiting or not.

- This patch also adds support for rate limiting through VLAN and LAGG
intermediate network devices.

- How rate limiting works:

1) The userspace application calls setsockopt() after accepting or
making a new connection to set the rate which is then stored in the
socket structure in the kernel. Later on when packets are transmitted
a check is made in the transmit path for rate changes. A rate change
implies a non-blocking ifp->if_snd_tag_alloc() call will be made to the
destination network interface, which then sets up a custom sendqueue
with the given rate limitation parameter. A "struct m_snd_tag" pointer is
returned which serves as a "snd_tag" hint in the m_pkthdr for the
subsequently transmitted mbufs.

2) When the network driver sees the "m->m_pkthdr.snd_tag" different
from NULL, it will move the packets into a designated rate limited sendqueue
given by the snd_tag pointer. It is up to the individual drivers how the rate
limited traffic will be rate limited.

3) Route changes are detected by the NIC drivers in the ifp->if_transmit()
routine when the ifnet pointer in the incoming snd_tag mismatches the
one of the network interface. The network adapter frees the mbuf and
returns EAGAIN which causes the ip_output() to release and clear the send
tag. Upon next ip_output() a new "snd_tag" will be tried allocated.

4) When the PCB is detached the custom sendqueue will be released by a
non-blocking ifp->if_snd_tag_free() call to the currently bound network
interface.

Reviewed by:		wblock (manpages), adrian, gallatin, scottl (network)
Differential Revision:	https://reviews.freebsd.org/D3687
Sponsored by:		Mellanox Technologies
MFC after:		3 months
2017-01-18 13:31:17 +00:00
cem
b2000e56f9 "Buses" is the preferred plural of "bus"
Replace archaic "busses" with modern form "buses."

Intentionally excluded:
* Old/random drivers I didn't recognize
  * Old hardware in general
* Use of "busses" in code as identifiers

No functional change.

http://grammarist.com/spelling/buses-busses/

PR:		216099
Reported by:	bltsrc at mail.ru
Sponsored by:	Dell EMC Isilon
2017-01-15 17:54:01 +00:00
mav
4a119ba4d4 Make camcontrol cmd ... -i ... return only valid bytes.
Previously code ignored resid field and returned extra zeroes in case of
data underflow.  Now it returns only real bytes received from target.

MFC after:	2 weeks
2017-01-15 12:24:23 +00:00
mav
3b220ad926 Add checks for received mode page length.
If our buffer is too small, we may receive part of the page, and should
not try read/write past the end of the buffer.

Reported by:	Coverity
CID:		1368374, 1368375
MFC after:	1 week
2017-01-10 20:52:44 +00:00
allanjude
9742b0cd91 Add skein(3) front ends to the md5 manpage
Reported by:	emaste
2017-01-07 19:43:40 +00:00
mav
3d14c893de Make 'camcontrol modepage' support subpages.
MFC after:	2 weeks
2017-01-07 09:56:12 +00:00
mav
81f5731a26 Make do_buff_decode() not read past the end of the buffer.
Abort format processing as soon as we have no enough data.

MFC after:	2 weeks
2017-01-07 09:33:11 +00:00
adrian
c7adf86d6f [ifconfig] add initial VHT (802.11ac) configuration and channel support to ifconfig.
This is very preliminary and mostly enough for me (with other patches)
to work on VHT support.

It adds:

* VHT20, VHT40 and VHT80 regulatory/band awareness
* VHT20, VHT40 and VHT80 channel configuration / population
* Parses vht channel specifications (eg ifconfig wlan0 create wlandev athp0 wlanmode monitor channel 36:vht/80)
* Configuration of VHT, VHT40, VHT80, VHT80+80, VHT160 channel
  width (IEEE80211_FVHT_VHT* flags in net80211)

TODO:

* No VHT80+80 or VHT160 channels yet - I don't yet have hardware, and I'm
  not yet sure how to support/populate VHT80+80 channels.
* No, I won't update the manpage until this is "more done", lest someone
  tries using vht and gets upset with me.
* No, I won't commit the regulatory database I'm testing with, so you'll
  just end up with no VHT channels ever populated.  Which is good, as there
  isn't an 11ac driver in-tree yet to try it with.
2017-01-07 02:07:05 +00:00
dim
ec67c93f53 Fix clang 4.0.0 warnings about taking the address of a packed member of
struct ip in ping(8):

sbin/ping/ping.c:1684:53: error: taking address of packed member
'ip_src' of class or structure 'ip' may result in an unaligned pointer
value [-Werror,-Waddress-of-packed-member]
        (void)printf(" %s ", inet_ntoa(*(struct in_addr *)&ip->ip_src.s_addr));
                                                           ^~~~~~~~~~~~~~~~~
sbin/ping/ping.c:1685:53: error: taking address of packed member
'ip_dst' of class or structure 'ip' may result in an unaligned pointer
value [-Werror,-Waddress-of-packed-member]
        (void)printf(" %s ", inet_ntoa(*(struct in_addr *)&ip->ip_dst.s_addr));
                                                           ^~~~~~~~~~~~~~~~~

MFC after:	3 days
2017-01-06 18:41:28 +00:00
kib
7c67dd5f60 Use type-independent formats for printing nlink_t and ino_t.
Extracted from:	ino64 work by gleb, mckusick
Discussed with:	mckusick
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-01-06 16:59:33 +00:00
asomers
f1c6fc5f44 Remove dead code in dhclient(8)
The offending code has been dead ever since the import from OpenBSD in
r195805.  OpenBSD later deleted that entire function.

Reported by:	Coverity
CID:		500059
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
2017-01-04 18:13:05 +00:00
avos
3d936fef32 sysctl(8): fix typename for uint32_t.
MFC after:	5 days.
2016-12-31 12:39:15 +00:00
marius
35fedb74e5 Fix a bug in r272840; given that the optlen parameter of setsockopt(2)
is a 32-bit socklen_t, do_get3() passes the kernel to access the wrong
32-bit half on big-endian LP64 machines when simply casting the 64-bit
size_t optlen to a socklen_t pointer.
While at it and given that the intention of do_get3() apparently is to
hide/wrap the fact that socket options are used for communication with
ipfw(4), change the optlen parameter of do_set3() to be of type size_t
and as such more appropriate than uintptr_t, too.

MFC after:	3 days
2016-12-28 23:34:28 +00:00
loos
c411c7577d Fix the parsing of NPt binat rules.
In this specific case the src address can be set to any, which was not
accepted prior to this commit.

pfSense bug report:	https://redmine.pfsense.org/issues/6985
Reviewed by:	kp
Obtained from:	pfSense
MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC (Netgate)
2016-12-28 16:16:48 +00:00
brooks
c766e68574 Convert tunefs use to nmount(2)
Reviewed by:	jhb, emaste
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D8822
2016-12-22 00:35:12 +00:00
brooks
9539e15fc7 Add a free_iovec() function to reset iovec's.
The primary purpose is to call nmount() in a loop with new iovec's so
free_iovec takes arguments by reference and resets their values.

Reviewed by:	cem
MFC after:	1 week
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D8513
2016-12-14 21:26:43 +00:00
avos
fd1ed421b2 ifconfig: do not truncate SSID in verbose mode.
Fix 32-character SSID abbreviation for 'ifconfig -v wlan0 scan' command.

PR:		215301
Submitted by:	<ms-freebsd-bugzilla@stoffnet.at>
MFC after:	4 days
2016-12-14 21:12:43 +00:00
brueffer
50773e0271 Language and mdoc cleanup. 2016-12-13 18:15:11 +00:00
ngie
701bd24bf4 Cut to the chase and just call free instead of free(x) + x = NULL
NULLing out x wasn't required as the memory was immediately scribbled
over with strdup in the following call.

MFC after:	1 week
Submitted by:	imp
2016-12-10 23:58:14 +00:00
ngie
09c987d4c9 free/NULL out variables prior to calling strdup to avoid leaking memory
if arguments are specified more than once with "camcontrol timestamp".

CID:		1366829, 1366831
MFC after:	1 week
2016-12-10 23:26:34 +00:00
def
f63c437216 Add support for encrypted kernel crash dumps.
Changes include modifications in kernel crash dump routines, dumpon(8) and
savecore(8). A new tool called decryptcore(8) was added.

A new DIOCSKERNELDUMP I/O control was added to send a kernel crash dump
configuration in the diocskerneldump_arg structure to the kernel.
The old DIOCSKERNELDUMP I/O control was renamed to DIOCSKERNELDUMP_FREEBSD11 for
backward ABI compatibility.

dumpon(8) generates an one-time random symmetric key and encrypts it using
an RSA public key in capability mode. Currently only AES-256-CBC is supported
but EKCD was designed to implement support for other algorithms in the future.
The public key is chosen using the -k flag. The dumpon rc(8) script can do this
automatically during startup using the dumppubkey rc.conf(5) variable.  Once the
keys are calculated dumpon sends them to the kernel via DIOCSKERNELDUMP I/O
control.

When the kernel receives the DIOCSKERNELDUMP I/O control it generates a random
IV and sets up the key schedule for the specified algorithm. Each time the
kernel tries to write a crash dump to the dump device, the IV is replaced by
a SHA-256 hash of the previous value. This is intended to make a possible
differential cryptanalysis harder since it is possible to write multiple crash
dumps without reboot by repeating the following commands:
# sysctl debug.kdb.enter=1
db> call doadump(0)
db> continue
# savecore

A kernel dump key consists of an algorithm identifier, an IV and an encrypted
symmetric key. The kernel dump key size is included in a kernel dump header.
The size is an unsigned 32-bit integer and it is aligned to a block size.
The header structure has 512 bytes to match the block size so it was required to
make a panic string 4 bytes shorter to add a new field to the header structure.
If the kernel dump key size in the header is nonzero it is assumed that the
kernel dump key is placed after the first header on the dump device and the core
dump is encrypted.

Separate functions were implemented to write the kernel dump header and the
kernel dump key as they need to be unencrypted. The dump_write function encrypts
data if the kernel was compiled with the EKCD option. Encrypted kernel textdumps
are not supported due to the way they are constructed which makes it impossible
to use the CBC mode for encryption. It should be also noted that textdumps don't
contain sensitive data by design as a user decides what information should be
dumped.

savecore(8) writes the kernel dump key to a key.# file if its size in the header
is nonzero. # is the number of the current core dump.

decryptcore(8) decrypts the core dump using a private RSA key and the kernel
dump key. This is performed by a child process in capability mode.
If the decryption was not successful the parent process removes a partially
decrypted core dump.

Description on how to encrypt crash dumps was added to the decryptcore(8),
dumpon(8), rc.conf(5) and savecore(8) manual pages.

EKCD was tested on amd64 using bhyve and i386, mipsel and sparc64 using QEMU.
The feature still has to be tested on arm and arm64 as it wasn't possible to run
FreeBSD due to the problems with QEMU emulation and lack of hardware.

Designed by:	def, pjd
Reviewed by:	cem, oshogbo, pjd
Partial review:	delphij, emaste, jhb, kib
Approved by:	pjd (mentor)
Differential Revision:	https://reviews.freebsd.org/D4712
2016-12-10 16:20:39 +00:00
imp
b6004b8cf9 Implement Intel's log page 0xc1 (Read Command Latency Log) and page
0xc1 (Write Command Latency Log).

Sponsored By: Netflix, Inc
2016-12-09 23:37:14 +00:00
imp
7e275564b4 Fix Typo 2016-12-07 21:47:14 +00:00
vangyzen
e39f3fbb42 Add rcorder-visualize.sh, which generates graphviz from rc.d scripts
This is imported from NetBSD.  The author--Joerg Sonnenberger--agreed
to apply a two-clause BSD license, just so the license was clear.

This source tree location matches NetBSD, and is the first place someone
might look for such a tool.

Obtained from:	Joerg Sonnenberger via NetBSD
MFC after:	3 days
Sponsored by:	Dell EMC
2016-12-06 15:49:39 +00:00
adrian
496cc8500c [camcontrol] init ts=0 to quieten gcc.
It "looks" like ts is set to something on success, and not modified on
error.

Checked on IRC with: cem
2016-12-03 20:35:39 +00:00
imp
bbaf65343e Flag the vendor specific pages as such. This allows different decoding
for the same page number as different vendors encode vendor specific
pages differently.
2016-12-02 14:44:45 +00:00