Commit Graph

241662 Commits

Author SHA1 Message Date
Konstantin Belousov
4d3b28bcdc amd64 pmap: rework delayed invalidation, removing global mutex.
For machines having cmpxcgh16b instruction, i.e. everything but very
early Athlons, provide lockless implementation of delayed
invalidation.

The implementation maintains lock-less single-linked list with the
trick from the T.L. Harris article about volatile mark of the elements
being removed. Double-CAS is used to atomically update both link and
generation.  New thread starting DI appends itself to the end of the
queue, setting the generation to the generation of the last element
+1.  On DI finish, thread donates its generation to the previous
element.  The generation of the fake head of the list is the last
passed DI generation.  Basically, the implementation is a queued
spinlock but without spinlock.

Many thanks both to Peter Holm and Mark Johnson for keeping with me
while I produced intermediate versions of the patch.

Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 month
MFC note:	td_md.md_invl_gen should go to the end of struct thread
Differential revision:	https://reviews.freebsd.org/D19630
2019-05-16 13:28:48 +00:00
Konstantin Belousov
a9fd669b4a subr_turnstile: Extract some common code to a helper.
Code walks the list of contested turnstiles to calculate the priority
to unlend.

Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-05-16 13:17:57 +00:00
Konstantin Belousov
3cac4083ef rtld_malloc.c: cleanup morepages().
Use roundup2() and rounddown2() instead of inlining them.
Get rid of the fd local variable, use literal -1 for the mmap argument.
Use MAP_FAILED as mmap(2) failure indicator.
After that, apply some style.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-05-16 13:13:33 +00:00
Konstantin Belousov
37f0b7f1d7 Remove more dead definitions from rtld_malloc.c after r347019.
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-05-16 13:07:26 +00:00
Mark Johnston
f00876fb60 Revert r347582 for now.
The inp lock still needs to be dropped when calling into the driver ioctl
handler, as some drivers expect to be able to sleep.

Reported by:	kib
2019-05-16 13:04:26 +00:00
Konstantin Belousov
0ddfdc60f8 imgact_elf.c: Add comment explaining the malloc/VOP_UNLOCK() dance
from r347148.

Requested by:	alc
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2019-05-16 13:03:54 +00:00
Konstantin Belousov
98fc918f41 arm64: bzero buffer for ucontext in freebsd32_swapcontext().
This change is the same as r340994 for amd64.

PR:	237922
Submitted by:	Young <yangx92@hotmail.com>
MFC after:	3 days
2019-05-16 13:00:35 +00:00
Edward Tomasz Napierala
f41ad4eaa7 The "apropos ''" command no longer works; change development(7)
to suggest "apropos ." instead.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2019-05-16 09:49:19 +00:00
Ryan Libby
64e0efab39 db show thread: avoid overflow in tick conversion
The previous calculations for displaying the time since last switch
easily overflowed, after less than 36 min for hz=1000.  Now overflow
takes 2000 times longer (as long as ticks takes to wrap).

Reviewed by:	cem, markj
Sponsored by:	Dell EMC Isilon
Differential revision:	https://reviews.freebsd.org/D20273
2019-05-16 05:29:54 +00:00
Ryan Libby
244081120e iommu static analysis cleanup
A static analyzer complained about a couple instances of checking a
variable against NULL after already having dereferenced it.
 - dmar_gas_alloc_region: remove the tautological NULL checks
 - dmar_release_resources / dmar_fini_fault_log: don't deref unit->regs
   unless initialized.

And while here, fix an inverted initialization check in dmar_fini_qi.

Reviewed by:	kib
Sponsored by:	Dell EMC Isilon
Differential revision:	https://reviews.freebsd.org/D20263
2019-05-16 04:24:08 +00:00
Cy Schubert
e1c50020af The driver list prints "(null)" for the NDIS driver when -h (help) or
an unknown switch is passed outputting the command usage. This is
because the NDIS driver is uninitialized when usage help is printed.
To resolve this we initialize the driver prior to the possibility of
printing the usage help message.

Obtained from:	The wpa_supplicant port
MFC after:	1 week
2019-05-16 02:41:25 +00:00
Kristof Provost
b685454a11 ipsec tests: Skip if ipsec.ko is not loaded
As of r347410 IPSec is no longer built into GENERIC. The ipsec.ko module must
be loaded before we can execute the IPSec tests.

Check this, and skip the tests if IPSec is not available.
2019-05-16 02:18:57 +00:00
Kyle Evans
88a950762a libbe(3): Descend into children of datasets w/ mountpoint=none
These datasets will generally be canmount=noauto,mountpoint=none (e.g.
zroot/var) but have children that may need to be mounted. Instead of
skipping that segment for no good reason, descend.

Submitted by:	Wes Maag
Reported by:	Wes Maag
MFC after:	3 days
2019-05-16 02:11:33 +00:00
Conrad Meyer
e7e3d5223f x86: Correctly identify bhyve hypervisor
Spotted after a similar report by Olivier Cochard-Labbé.

Sponsored by:	Dell EMC Isilon
2019-05-16 01:32:54 +00:00
Brad Davis
871b6b10ce Move master.passwd and group to lib/libc/gen/
libc was picked as the destination location for these because of the syscalls
that use these files as the lowest level place they are referenced.

Approved by:	will (mentor), rgrimes, manu
Differential Revision:	https://reviews.freebsd.org/D16728
2019-05-16 01:09:13 +00:00
Ryan Libby
d375016d8d x86: spell vpxor %zmm0 as vpxord
Fix gcc/gas amd64 & i386 build after r347566.

Reviewed by:	kib
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D20264
2019-05-15 18:13:43 +00:00
Johannes Lundberg
c4e0746e7d LinuxKPI: Add helper macros IS_ALIGNED and DIV_ROUND_DOWN_ULL.
This patch is part of D19565

Reviewed by:	hps
Approved by:	imp (mentor), hps
MFC after:	1 week
2019-05-15 17:57:06 +00:00
Konstantin Belousov
b55d4ebe5f Properly announce MD_CLEAR.
Submitted by:	Petr Lampa <lampa@fit.vutbr.cz>
MFC after:	3 days
2019-05-15 17:55:41 +00:00
Johannes Lundberg
0bb30b3a19 LinuxKPI: Move {lower|upper}_32_bits macros from port to base.
This patch is part of D19565

Reviewed by:	hps
Approved by:	imp (mentor), hps
MFC after:	1 week
2019-05-15 17:48:11 +00:00
Johannes Lundberg
8264104401 LinuxKPI: Include asm/atomic-long.h from atomic.h.
This patch is part of D19565

Reviewed by:	hps
Approved by:	imp (mentor), hps
MFC after:	1 week
2019-05-15 17:44:25 +00:00
Johannes Lundberg
d109700cf0 LinuxKPI: Add get_random_u32 function.
This patch is part of D19565

Reviewed by:	hps
Approved by:	imp (mentor), hps
MFC after:	1 week
2019-05-15 17:32:00 +00:00
Johannes Lundberg
3137d2d4ec LinuxKPI: Update user_access_begin for Linux v5.0.
Check the new LINUXKPI_VERSION macro for backwards compatibility.
This patch is part of D19565

Reviewed by:	hps
Approved by:	imp (mentor), hps
MFC after:	1 week
2019-05-15 17:04:12 +00:00
Johannes Lundberg
a4a9f2267e LinuxKPI: Expand ktime functionality.
Also, make ktime_get_raw call getnanouptime instead of getnanotime
to match (the correct) ktime_get_raw_ns.
This patch is part of D19565

Reviewed by:	hps
Approved by:	imp (mentor), hps
MFC after:	1 week
2019-05-15 16:59:04 +00:00
Adrian Chadd
8771e6389b [ar71xx_gpio] Add AR9341/AR9342 to the list of chips for programming function/output enable.
This is reqired to use the gpiofunc behaviour for configuring GPIO
pins at boot time.

Submitted by:	<yamori813@yahoo.co.jp>
Differential Revision:	https://reviews.freebsd.org/D20170
2019-05-15 16:51:08 +00:00
Benedict Reuschling
15c9c06e6a Add small EXAMPLE section to bsearch.3.
Submitted by:		fernape (via Phabricator)
Reviewed by:		bcr, jilles, dab
Approved by:		bcr (man pages), jilles (src)
MFC after:		3 days
Differential Revision:	https://reviews.freebsd.org/D19902
2019-05-15 15:54:27 +00:00
Antoine Brodin
6aa63d8dbe Add more obsolete files. 2019-05-15 15:11:49 +00:00
Xin LI
65ec2ae389 Replace the leap-seconds file in r347488 from USNO with a
leap-seconds file from NIST at ftp://ftp.nist.gov/pub/time.

Future updates should use the NIST version of file, available
at ftp://ftp.nist.gov/pub/time/leap-seconds.list .

Requested by:   ian@
Obtained from:  ftp://ftp.nist.gov/pub/time/leap-seconds.3676924800
MFC after:      3 days
2019-05-15 03:39:27 +00:00
Johannes Lundberg
65ff7a3192 LinuxKPI: Add prepare to pm_ops and bump FreeBSD version.
This patch is part of D19565

Reviewed by:	hps
Approved by:	imp (mentor), hps
MFC after:	1 week
2019-05-14 23:50:46 +00:00
Johannes Lundberg
1462308d8b LinuxKPI: Add vm_fault_t type.
This patch is part of D19565

Reviewed by:	hps
Approved by:	imp (mentor), hps
MFC after:	1 week
2019-05-14 23:32:02 +00:00
Johannes Lundberg
395be823fd LinuxKPI: Add context member to ww_mutex and bump FreeBSD version.
This patch is part of https://reviews.freebsd.org/D19565.

Reviewed by:	hps
Approved by:	imp (mentor), hps
2019-05-14 23:21:20 +00:00
Johannes Lundberg
02927c768a LinuxKPI: Let del_timer return a value to match Linux.
This patch is part of https://reviews.freebsd.org/D19565.

Reviewed by:	hps
Approved by:	imp (mentor), hps
MFC after:	1 week
2019-05-14 23:12:14 +00:00
Rick Macklem
711d44ee56 Replace global list for grouplist with list(s) for each exportlist element.
In mountd.c, the grouplist structures are linked into a single global
linked list headed by "grphead". The only use of this linked list is
to free all list elements when the exportlist elements are also all being
free'd at the time the exports are being reloaded.
This patch replaces this one global linked list head with a list head in
each exportlist structure, where the grouplist elements for that exported
file system are linked.
The only change is that now the grouplist elements are free'd with the
associated exportlist element as they are free'd instead of all grouplist
elements being free'd after the exportlist elements are free'd. This
change should have no effect in practice.
This is being done, since a future patch that will add a "-I" option for
incrementally updating the exports in the kernel needs to know which
grouplist elements are associated with each exported file system and
having them linked into a list headed by the exportlist element does that.

MFC after:	1 month
2019-05-14 22:00:47 +00:00
Mark Johnston
5a1e222bfd Close some races in multicast socket option handling.
r333175 converted the global multicast lock to a sleepable sx lock,
so the lock order with respect to the (non-sleepable) inp lock changed.
To handle this, r333175 and r333505 added code to drop the inp lock,
but this opened races that could leave multicast group description
structures in an inconsistent state.  This change fixes the problem by
simply acquiring the global lock sooner.  Along the way, this fixes
some LORs and bogus error handling introduced in r333175, and commits
some related cleanup.

Reported by:	syzbot+ba7c4943547e0604faca@syzkaller.appspotmail.com
Reported by:	syzbot+1b803796ab94d11a46f9@syzkaller.appspotmail.com
Reviewed by:	ae
MFC after:	3 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20070
2019-05-14 21:30:55 +00:00
Edward Tomasz Napierala
060d0b57b8 Fix handling of r10 in Linux ptrace(2). This fixes decoding
of the 'flags' argument to mmap(2) with Linux strace(1).

Reviewed by:	dchagin
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20223
2019-05-14 20:59:44 +00:00
Kyle Evans
db226f0d8e tuntap: Defer clearing if_softc until after if_detach
r346670 added an sx to close a race between the ifioctl handler and
interface destruction. Unfortunately, it clears if_softc immediately after
the interface is closed, but before if_detach has been invoked.

Any time before detachment, an interface that's part of a bridge may still
receive traffic that's pushed through tunstart/tunstart_l2 and promptly
lead to a panic because if_softc is now NULL.

Fix it by deferring the clearing of if_softc until after the interface has
detached and thus been removed from the bridge. if_softc still gets cleared
in case another thread has already entered the ioctl handler before it's
replaced with ifdead_ioctl.

Reported by:	markj
MFC after:	3 days
2019-05-14 20:32:29 +00:00
Mark Johnston
367ba2d2a3 Specify -z notext when building with -z ifunc-noplt.
The upstream implementation of -z ifunc-noplt disallows its combination
with -z text.  The option does not have much significance for kernel
builds, though.

Reviewed by:	kib (previous version)
Discussed with:	emaste
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20260
2019-05-14 18:26:39 +00:00
Mark Johnston
b5155bc919 Remove redundant -Wl uses from the kernel's LDFLAGS.
No functional change intended.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2019-05-14 18:10:32 +00:00
Konstantin Belousov
7355a02bdd Mitigations for Microarchitectural Data Sampling.
Microarchitectural buffers on some Intel processors utilizing
speculative execution may allow a local process to obtain a memory
disclosure.  An attacker may be able to read secret data from the
kernel or from a process when executing untrusted code (for example,
in a web browser).

Reference: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html
Security:	CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Security:	FreeBSD-SA-19:07.mds
Reviewed by:	jhb
Tested by:	emaste, lwhsu
Approved by:	so (gtetlow)
2019-05-14 17:02:20 +00:00
Guangyuan Yang
3a89c98bec Fix some spelling errors in ng_eiface(4).
MFC after:	3 days
PR:		237764
Submitted by:	Tom Marcoen <tom.marcoen@gmail.com>
2019-05-14 15:41:34 +00:00
Mark Johnston
0ac6ef663b Fix formatting.
MFC after:	3 days
2019-05-14 15:19:48 +00:00
Andrey V. Elsukov
2317067c31 Remove bpf interface lock, it is no longer exist. 2019-05-14 10:21:28 +00:00
Conrad Meyer
e199792d23 Revert r346292 (permit_nonrandom_stackcookies)
We have a better, more comprehensive knob for this now:
kern.random.initial_seeding.bypass_before_seeding=1.

Requested by:	delphij
Sponsored by:	Dell EMC Isilon
2019-05-13 23:37:44 +00:00
Toomas Soome
b17868a211 loader: fix memory handling errors in module.c
file_loadraw():
check for file_alloc() and strdup() results.
we leak 'name'.

mod_load() does leak 'filename'.

mod_loadkld() does not need to check fp, file_discard() does check.
2019-05-13 22:17:11 +00:00
Andrey V. Elsukov
82d7bf6b1b Avoid possible recursion on BPF_LOCK() in bpfwrite().
Release BPF_LOCK() before invoking if_output() and if_input().
Also enter epoch section before releasing lock, this should prevent
access to ifnet that may be freed on interface detach.

Reported by:	markj
2019-05-13 20:17:55 +00:00
Conrad Meyer
e8e1f0b420 Fortuna: Fix false negatives in is_random_seeded()
(1) We may have had sufficient entropy to consider Fortuna seeded, but the
random_fortuna_seeded() function would produce a false negative if
fs_counter was still zero.  This condition could arise after
random_harvestq_prime() processed the /boot/entropy file and before any
read-type operation invoked "pre_read()."  Fortuna's fs_counter variable is
only incremented (if certain conditions are met) by reseeding, which is
invoked by random_fortuna_pre_read().

is_random_seeded(9) was introduced in r346282, but the function was unused
prior to r346358, which introduced this regression.  The regression broke
initial seeding of arc4random(9) and broke periodic reseeding[A], until something
other than arc4random(9) invoked read_random(9) or read_random_uio(9) directly.
(Such as userspace getrandom(2) or read(2) of /dev/random.  By default,
/etc/rc.d/random does this during multiuser start-up.)

(2) The conditions under which Fortuna will reseed (including initial seeding)
are: (a) sufficient "entropy" (by sheer byte count; default 64) is collected
in the zeroth pool (of 32 pools), and (b) it has been at least 100ms since
the last reseed (to prevent trivial DoS; part of FS&K design).  Prior to
this revision, initial seeding might have been prevented if the reseed
function was invoked during the first 100ms of boot.

This revision addresses both of these issues.  If random_fortuna_seeded()
observes a zero fs_counter, it invokes random_fortuna_pre_read() and checks
again.  This addresses the problem where entropy actually was sufficient,
but nothing had attempted a read -> pre_read yet.

The second change is to disable the 100ms reseed guard when Fortuna has
never been seeded yet (fs_lasttime == 0).  The guard is intended to prevent
gratuitous subsequent reseeds, not initial seeding!

Machines running CURRENT between r346358 and this revision are encouraged to
refresh when possible.  Keys generated by userspace with /dev/random or
getrandom(9) during this timeframe are safe, but any long-term session keys
generated by kernel arc4random consumers are potentially suspect.

[A]: Broken in the sense that is_random_seeded(9) false negatives would cause
arc4random(9) to (re-)seed with weak entropy (SHA256(cyclecount ||
FreeBSD_version)).

PR:		237869
Reported by:	delphij, dim
Reviewed by:	delphij
Approved by:	secteam(delphij)
X-MFC-With:	r346282, r346358 (if ever)
Security:	yes
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D20239
2019-05-13 19:35:35 +00:00
Mark Johnston
aa0a893384 Add an UPDATING entry and bump __FreeBSD_version for r347532.
Reported by:	rgrimes, Oliver Pinter <oliver.pinter@hardenedbsd.org>
2019-05-13 18:48:08 +00:00
Mark Johnston
8cd6a80d7d Restore the pre-r347532 behaviour of ignoring wiring failures in mmap().
The error handling added in r347532 is not right when mapping vnodes
and will be fixed separately.

Reported by:	syzbot+1d2cc393bd6c88a548be@syzkaller.appspotmail.com
MFC with:	r347532
2019-05-13 18:40:01 +00:00
Dmitry Chagin
6e4cf32e95 Add warning to the Linuxulator makefiles that building it outside of a
kernel does not make sence.

PR:		222861
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D20179
2019-05-13 18:28:40 +00:00
Dmitry Chagin
c5156c7785 Linuxulator depends on a fundamental kernel settings such as SMP. Many
of them listed in opt_global.h which is not generated while building
modules outside of a kernel and such modules never match real cofigured
kernel.

So, we should prevent our users from building obviously defective modules.

Therefore, remove the root cause of the building of modules outside of a
kernel - the possibility of building modules with DEBUG or KTR flags.
And remove all of DEBUG printfs as it is incomplete and in threaded
programms not informative, also a half of system call does not have DEBUG
printf. For debuging Linux programms we have dtrace, ktr and ktrace ability.

PR:		222861
Reviewed by:	trasz
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D20178
2019-05-13 18:24:29 +00:00
Dmitry Chagin
caaad8736e Linuxulator getpeername() returns EINVAL in case then namelen less then 0.
MFC after:	2 weeks
2019-05-13 18:14:20 +00:00