Warner Losh [Thu, 3 Jun 2021 23:44:27 +0000 (17:44 -0600)]
smartpqi: Remove stray declaration
pqisrc_is_firmware_feature_enabled shouldn't be declared inline in a
header, and then static inline in the .c function. Remove this stray
declartion from the header. gcc6 complains, but clang does not.
Kenneth Camann [Sun, 3 Jan 2021 02:11:42 +0000 (21:11 -0500)]
uefisign: fix SizeOfHeaders sanity check.
This check was too aggressive: it is fine if SizeOfHeaders is exactly
equal to the size of the DOS stub + PE header + section table. Despite
being wrong this code typically worked for most EFI binaries because
SizeOfHeaders is rounded up to a multiple of FileAlignment, which is
often large (e.g., 512 bytes for the FreeBSD loader) so most binaries
made it through.
Disable x2APIC for SandyBridge laptops with Samsung BIOS
From the PR:
Almost always, my Samsung RF511 laptop could not boot with
x2APIC enabled in the kernel. It froze during SMP initialization,
shortly after "ACPI APIC Table: <SECCSD LH43STAR>" was printed
to the console. When the kernel is instructed not to use x2APIC,
the system boots correctly.
Fix mpr(4) and mps(4) state transitions and a use-after-free panic.
When the mpr(4) and mps(4) drivers probe a SATA device, they issue an
ATA Identify command (via mp{s,r}sas_get_sata_identify()) before the
target is fully setup in the driver. The drivers wait for completion of
the identify command, and have a 5 second timeout. If the timeout
fires, the command is marked with the SATA_ID_TIMEOUT flag so it can be
freed later.
That is where the use-after-free problem comes in. Once the ATA
Identify times out, the driver sends a target reset, and then frees any
identify commands that have timed out. But, once the target reset
completes, commands that were queued to the drive are returned to the
driver by the controller.
At that point, the driver (in mp{s,r}_intr_locked()) looks up the
command descriptor for that particular SMID, marks it CM_STATE_BUSY and
sends it on for completion handling.
The problem at this stage is that the command has already been freed,
and put on the free queue, so its state is CM_STATE_FREE. If INVARIANTS
are turned on, we get a panic as soon as this command is allocated,
because its state is no longer CM_STATE_FREE, but rather CM_STATE_BUSY.
So, the solution is to not free ATA Identify commands that get stuck
until they actually return from the controller. Hopefully this works
correctly on older firmware versions. If not, it could result in
commands hanging around indefinitely. But, the alternative is a
use-after-free panic or assertion (in the INVARIANTS case).
This also tightens up the state transitions between CM_STATE_FREE,
CM_STATE_BUSY and CM_STATE_INQUEUE, so that the state transitions happen
once, and we have assertions to make sure that commands are in the
correct state before transitioning to the next state. Also, for each
state assertion, we print out the current state of the command if it is
incorrect.
mp{s,r}.c: Add a new sysctl variable, dump_reqs_alltypes,
that controls the behavior of the dump_reqs sysctl.
If dump_reqs_alltypes is non-zero, it will dump
all commands, not just the commands that are in the
CM_STATE_INQUEUE state. (You can see the commands
that are in the queue by using mp{s,r}util debug
dumpreqs.)
Make sure that the INQUEUE -> BUSY state transition
happens in one place, the mp{s,r}_complete_command
routine.
mp{s,r}_sas.c: Make sure we print the current command type in
command state assertions.
mp{s,r}_sas_lsi.c:
Add a new completion handler,
mp{s,r}sas_ata_id_complete. This completion
handler will free data allocated for an ATA
Identify command and free the command structure.
In mp{s,r}_ata_id_timeout, do not set the command
state to CM_STATE_BUSY. The command is still in
queue in the controller. Since we were blocking
waiting for this command to complete, there was
no completion handler previously. Set the
completion handler, so that whenever the command
does come back, it will get freed properly.
Do not free ATA Identify commands that have timed
out in mp{s,r}sas_add_device(). Wait for them
to actually come back from the controller.
mp{s,r}var.h: Add a dump_reqs_alltypes variable for the new
dump_reqs_alltypes sysctl.
Make sure we print the current state for state
transition asserts.
This was tested in the Spectra Logic test bed (as described in the
review), as well Netflix's Open Connect fleet (where panics dropped from
a dozen or two a month to zero).
Reviewed by: imp@ (who is handling the commit with ken's OK)
Sponsored by: Spectra Logic
Differential Revision: https://reviews.freebsd.org/D25476
Warner Losh [Thu, 3 Jun 2021 18:03:45 +0000 (12:03 -0600)]
axgbe: Don't dereference NULL pointers
if (sb == NULL) { ... sb->s_error } is going to be a bad time. Return
ENOMEM when we cannot allocate an sbuf for the sysctl rather than
dereferencing the NULL pointer just returned.
Kristof Provost [Thu, 3 Jun 2021 13:22:19 +0000 (15:22 +0200)]
pf tests: Make killstate:match more robust
The killstate:match test starts nc as a background process. There was no
guarantee that the nc process would have connected by the time we check
for states, so this test occasionally failed without good reason.
Teach the test to wait for at least some states to turn up before
executing the critical checks.
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
Kristof Provost [Fri, 21 May 2021 09:14:34 +0000 (11:14 +0200)]
netpfil tests: Basic dummynet pipe test
Test dummynet pipes (i.e. bandwidth limitation) with ipfw. This is put
in the common tests because we hope to add dummynet support to pf in the
near future.
Kristof Provost [Fri, 21 May 2021 12:26:49 +0000 (14:26 +0200)]
dummynet: Fix schedlist and aqmlist locking
These are global (i.e. shared across vnets) structures, so we need
global lock to protect them. However, we look up entries in these lists
(find_aqm_type(), find_sched_type()) and return them. We must ensure
that the returned structures cannot go away while we are using them.
Resolve this by using NET_EPOCH(). The structures can be safely accessed
under it, and we postpone their cleanup until we're sure they're no
longer used.
Priit Trees [Wed, 31 Mar 2021 20:15:31 +0000 (20:15 +0000)]
mmc-fdt: fix mmc_fdt_gpio_get_{present,readonly}
Currently, mmc_fdt_gpio_get_{present,readonly} return all time true.
true ^ 100b = true
false ^ 100b = true
since that's done after promotion to integers. Use !! to convert
the bit to a bool before xor.
Reviewed by: imp@ (converted to (bool) to !! for portability)
Pull Request: https://github.com/freebsd/freebsd-src/pull/461
Robert Wing [Thu, 3 Jun 2021 01:41:31 +0000 (17:41 -0800)]
fsck_ufs: fix segfault with gjournal
The segfault was being hit in ckfini() (sbin/fsck_ffs/fsutil.c) while
attempting to traverse the buffer cache. The tail queue used for the
buffer cache was not initialized before dropping into gjournal_check().
Initialize the buffer cache before calling gjournal_check().
Austin Shafer [Thu, 3 Jun 2021 01:46:23 +0000 (19:46 -0600)]
mmc: ignore CRC errors from CMD13 (status) when changing rates
Update mmc_switch_status to ignore a few CRC errrors when asking for the
card status after setting the new rate with CMD6. Since the card may
take a little while to make the switch, it's possible we'll get a
communications error if we sent the command at the wrong time. Several
low end laptops needs this workaround as they have a window that seems
longer than other systems. This is known to fix at least the Acer Aspire
A114-32-P7E5.
Cy Schubert [Wed, 2 Jun 2021 19:46:02 +0000 (12:46 -0700)]
wpa: Fix a SIGBUS error in wpa_sm_set_rekey_offload
Incorrectly linked built-in wpa functions resulted in overwriting
sm->ctx->set_rekey_offload with garbage. It was initialized correctly
however it changed after wpa_supplicant became a daemon.
No SIGBUS violations reported by dhw@ were experienced during testing
of the original commit by msyelf or philip@.
Rick Macklem [Wed, 2 Jun 2021 22:28:07 +0000 (15:28 -0700)]
nfsd: Fix the failure return for non-fh NFSv4 operations
Without this patch, nfsd_checkrootexp() returns failure
and then the NFSv4 operation would reply NFSERR_WRONGSEC.
RFC5661 Sec. 2.6 only allows a few NFSv4 operations, none
of which call nfsv4_checktootexp(), to return NFSERR_WRONGSEC.
This patch modifies nfsd_checkrootexp() to return the
error instead of a boolean and sets the returned error to an RPC
layer AUTH_ERR, as discussed on nfsv4@ietf.org.
The patch also fixes nfsd_errmap() so that the pseudo
error NFSERR_AUTHERR is handled correctly such that an RPC layer
AUTH_ERR is replied to the NFSv4 client.
The two new "enum auth_stat" values have not yet been assigned
by IANA, but are the expected next two values.
The effect on extant NFSv4 clients of this change appears
limited to reporting a different failure error when a
mount that does not use adequate security is attempted.
Leandro Lupori [Wed, 2 Jun 2021 19:10:57 +0000 (16:10 -0300)]
powerpc: fix boot on pseries without hugepages
Commit 49c894ddced5 introduced an issue that prevented pseries boot,
when hugepages were not available to the guest. Now large page
info must be available before moea64_install is called, so this change
moves the code that scans large page sizes before the call.
Reviewed by: jhibbits (IRC)
Sponsored by: Instituto de Pesquisas Eldorado (eldorado.org.br)
Warner Losh [Wed, 2 Jun 2021 16:35:01 +0000 (10:35 -0600)]
kmod.mk: Allow extra objects to be specified in modules
OBJS are automatically added to CLEANFILES. For pre-built objects, this
is not desirable since it will delete the object from the source
tree. Introduce EXTRA_OBJS which list these object files, but aren't
added to clean files.
Ceri Davies [Wed, 2 Jun 2021 16:28:28 +0000 (17:28 +0100)]
periodic: add support for .xz and .zcat compressed logs
Also improve temporary file usage in 200.accounting, add an xref to
zstd(1) to newsyslog.conf.5, and clarify in periodic.conf that
"daily accounting" means process accounting and "monthly accounting"
is login accounting.
Rich Ercolani [Wed, 2 Jun 2021 13:00:29 +0000 (13:00 +0000)]
vfs: fix MNT_SYNCHRONOUS check in vn_write
ca1ce50b2b5ef11d ("vfs: add more safety against concurrent forced
unmount to vn_write") has a side effect of only checking MNT_SYNCHRONOUS
if O_FSYNC is set.
Andrew Turner [Wed, 2 Jun 2021 10:07:55 +0000 (10:07 +0000)]
Fix the KCSAN_ENABLED check when building modules
The KCSAN_ENABLED variable is non-empty when the kernel is being built
with KCSAN. This allows us to disable modules that are known to be
broken.
There was a bug where we would check if it was defined. As this is
always the case the KCSAN_ENABLED variable would be set when building
modules so we would never build such a module. Fix this by checking
if the value is empty before passing it on to the module stage.
This doesn't affect how modules are built as the CFLAGS passed to
modules has the correct check.
Marcin Wojtas [Tue, 4 May 2021 23:47:37 +0000 (01:47 +0200)]
sdhci_xenon: add UHS support
This patch adds the necessary methods resolution to the sdhci_xenon
driver which are required to configure UHS modes for SD/MMC devices.
Apart from the two generic routines, the custom sdhci_xenon_set_uhs_timing
function is responsible for setting the SDHCI_HOST_CONTROL2 register
with appropriate mode select values - in case of HS200 and HS400
they are non-standard.
Marcin Wojtas [Thu, 27 May 2021 18:39:12 +0000 (20:39 +0200)]
sdhci_xenon: improve the VCCQ voltage switch sequence
Improve the VCCQ voltage switch, so that to properly
handle the SDHCI_HOST_CONTROL2 register signaling
flags and along with manipulating the regulator.
Marcin Wojtas [Thu, 27 May 2021 17:48:17 +0000 (19:48 +0200)]
sdhci_xenon: allow to properly disable the UHS signaling
Until now the "no-1-8-v" DT flag wrongly disabled the SDHCI_CAN_VDD_180
- slot 1.8V power supply capability, whereas it refers to the signaling
voltage. Fix the sdhci_xenon_read_4 and allow to disable the UHS modes
depending on the DT property or PHY slow mode. While at it - make sure
the unsupported 1.2V signaling is always disabled and not reported
in the bootverbose log.
Marcin Wojtas [Sat, 1 May 2021 07:55:06 +0000 (09:55 +0200)]
sdhci_xenon: enable MMC FDT parsing
The mmc_fdt_parse allows to parse more MMC-related
FDT properties. Start using it. "wp-inverted" property,
VQMMC and newly added VMMC power supply parsing
is now done in a generic code.
Marcin Wojtas [Tue, 4 May 2021 22:57:50 +0000 (00:57 +0200)]
sdhci: allow setting MMC capabilities before sdhci_init_slot
With this change the host controller drivers can set the MMC capabilities
(e.g. using mmc_fdt_parse() helper) before calling sdhci_init_slot().
This way the configuration dump (eg. in bootverbose) can include the
possible additional information.
Marcin Wojtas [Thu, 20 May 2021 21:37:02 +0000 (23:37 +0200)]
uart_dev_ns8250: Switch ACPI UART subtype for Marvell SoCs
DBG2 ACPI table description [1] specifies three subtypes
related to 16550 UART:
0x0 - 16550 compatible
0x1 - 16550 subset
0x12 - 16550 compatible with parameters defined in Generic Address Structure (GAS)
It turned out however, that the Windows OS treats 0x0 subtype as
legacy x86 UART with 8-bit access. ARM SoCs can use types 0x1 (16550 with
fixed mmio32 access) or 0x12 (16550 with fully respected GAS contents).
Switch Marvell SoCs ACPI UART subtype to 0x1 - thanks to that the same firmware
can run properly with UART output in FreeBSD, Windows 10, Linux and ESXI
hypervisor. Tests showed the older firmware versions that use 0x0
UART subtype in SPCR table continue to display output properly.
kern: ether_gen_addr: randomize on default hostuuid, too
Currently, this will still hash the default (all zero) hostuuid and
potentially arrive at a MAC address that has a high chance of collision
if another interface of the same name appears in the same broadcast
domain on another host without a hostuuid, e.g., some virtual machine
setups.
Instead of using the default hostuuid, just treat it as a failure and
generate a random LA unicast MAC address.
Mark Johnston [Tue, 1 Jun 2021 23:38:22 +0000 (19:38 -0400)]
amd64: Clear the local TSS when creating a new thread
Otherwise it is copied from the creating thread. Then, if either thread
exits, the other is left with a dangling pointer, typically resulting in
a page fault upon the next context switch.
Reported by: syzkaller
Reviewed by: kib
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30607
Mark Johnston [Tue, 1 Jun 2021 23:38:09 +0000 (19:38 -0400)]
amd64: Relax the assertion added in commit 4a59cbc12
We only need to ensure that interrupts are disabled when handling a
fault from iret. Otherwise it's possible to trigger the assertion
legitimately, e.g., by copying in from an invalid address.
Fixes: 4a59cbc12
Reported by: pho
Reviewed by: kib
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30594
Pedro F. Giffuni [Mon, 31 May 2021 01:48:38 +0000 (20:48 -0500)]
fread: improve performance for unbuffered reads
We can use the buffer passed to fread(3) directly in the FILE *.
The buffer needs to be reset before each call to __srefill().
This preserves the expected behavior in all cases.
The change was found originally in OpenBSD and later adopted by NetBSD.
Kristof Provost [Tue, 1 Jun 2021 14:05:47 +0000 (16:05 +0200)]
pf: Fix more ioctl memory leaks
We must also remember to free nvlists added to a parent nvlist with
nvlist_append_nvlist_array().
More importantly, when nvlist_pack() allocates memory for us it does so
in the M_NVLIST zone, so we must free it with free(.., M_NVLIST). Using
free(.., M_TEMP) as we did silently failed to free the memory.
David Bright [Mon, 24 May 2021 17:12:15 +0000 (12:12 -0500)]
libsa: Fix infinite loop in bzipfs & gzipfs
A bug in the loader's bzipfs & gzipfs filesystems caused compressed
kernel and modules not to work on EFI systems with a veriexec-enabled
loader. Since the size of files in these filesystems are not known
_a priori_ `stat` would initialize the size to -1 and the loader would
then hang in an infinite loop while trying to seek (read) to the end
of file since the loop termination condition compares the current
offset to that negative target position.
David Bright [Mon, 24 May 2021 19:02:43 +0000 (14:02 -0500)]
pciconf: Fix up pciconf -lc output
The pciconf command fails to emit newlines when particular ecap field
values are seen. Fix them up. This has been seen on several systems at
$JOB. The documentation for PCI capabilities says that capability
type 0 should not be used once the spec for PCI capabilities was
published, but that seems more wishful-thinking than reality. pciconf
also chooses not to print fields related to field values that are
zero, but it seems several of these fields are zero on actual
hardware.
The flag values seem to be the same between Linux and FreeBSD.
Comparing to a Linux VM on the same hardware, we're missing
HWCAP_EVTSTRM, HWCAP_CPUID, HWCAP_DCPOP, HWCAP_USCAT, HWCAP_PACA,
and HWCAP_PACG.
Rick Macklem [Tue, 1 Jun 2021 02:41:17 +0000 (19:41 -0700)]
nfsd: Delete extraneous NFSv4 root checks
There are several NFSv4.1/4.2 server operation functions which
have unneeded checks for the NFSv4 root being set up.
The checks are not needed because the operations always follow
a Sequence operation, which performs the check.
This patch deletes these checks, simplifying the code so
that a future patch that fixes the checks to conform with
RFC5661 Sec. 2.6 will be less extension.
Cy Schubert [Thu, 20 May 2021 21:28:17 +0000 (14:28 -0700)]
wpa: Restructure wpa build
The current WPA build assumes a flat namespace. However the latest sources
from w1.fi now have a duplicate config.c, in two separate subdirectories.
The flat namespace will overwrite config.o with the output from the most
recently modified config.c, of which there are two of them.
This commit resolves this problem by building each component in
wpa's src subdirectory tree into its own .a archive, just as the w1.fi
upstream build as used by the port does. The advantages of this approach
are:
1. Duplicate source file names, i.e. config.c in the wpa_supplicant
direcory and another config.c in src/utils in the next wpa
will result in both compiles writing to the same .o file.
2. This restructure simplifies maintanence. A develper needs only to add
new files as identified by git status in the vendor branch to the
appropriate Makefile within the usr.sbin/wpa tree. This also reduces
time required to prepare a new import and should reduce error.
3. The new wpa build structure more closely represents the build as
performed by the upstream tarball.
This is in preparation for the next wpa update from w1.fi.
Reviewed by: philip
Tested by: philip
MFC after: 2 months
Differential Revision: https://reviews.freebsd.org/D30372
Mark Johnston [Mon, 31 May 2021 22:53:34 +0000 (18:53 -0400)]
tcp, udp: Permit binding with AF_UNSPEC if the address is INADDR_ANY
Prior to commit f161d294b we only checked the sockaddr length, but now
we verify the address family as well. This breaks at least ttcp. Relax
the check to avoid breaking compatibility too much: permit AF_UNSPEC if
the address is INADDR_ANY.
Fixes: f161d294b
Reported by: Bakul Shah <bakul@iitbombay.org>
Reviewed by: tuexen
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30539
Mark Johnston [Mon, 31 May 2021 22:51:14 +0000 (18:51 -0400)]
x86: Fix lapic_ipi_alloc() on i386
The loop which checks to see if "dynamic" IDT entries are allocated
needs to compare with the trampoline address of the reserved ISR.
Otherwise it will never succeed.
Reported by: Harry Schmalzbauer <freebsd@omnilan.de>
Tested by: Harry Schmalzbauer <freebsd@omnilan.de>
Reviewed by: kib
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30576
Mark Johnston [Mon, 31 May 2021 22:49:33 +0000 (18:49 -0400)]
amd64: Avoid enabling interrupts when handling kernel mode prot faults
When PTI is enabled, we may have been on the trampoline stack when iret
faults. So, we have to switch back to the regular stack before
re-entering trap().
trap() has the somewhat strange behaviour of re-enabling interrupts when
handling certain kernel-mode execeptions. In particular, it was doing
this for exceptions raised during execution of iret. When switching
away from the trampoline stack, however, the thread must not be migrated
to a different CPU. Fix the problem by simply leaving interrupts
disabled during the window.
Paste's man page contains an example for a reimplementation of
nl(1). This example uses the command line
sed = myfile | paste -s -d '\t\n' - -
in order to concatenate consecutive lines with an intervening tab.
However, the way the example uses the switches -s and -d and two `dash`
input files is redundant. There are in fact two equivalent but simpler
ways to achieve the desired result:
sed = myfile | paste -s -d '\t\n' -
uses the same style as the previous example, while
sed = myfile | paste - -
is arguably even simpler and illustrates the final sentence of the
DESCRIPTION.
Mitchell Horne [Mon, 31 May 2021 14:24:44 +0000 (11:24 -0300)]
libpmc: make libpmc_pmu_utils.c more amenable to porting
The current version has every function stubbed out for !x86. Only two
functions (pmu_alias_get() and pmc_pmu_pmcallocate() are really platform
dependent, so reduce the width of the ifdefs and remove some of the
stubs.
Reviewed by: ray
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30532
Mitchell Horne [Mon, 31 May 2021 14:21:57 +0000 (11:21 -0300)]
libpmc: eliminate pmc_pmu_stat_mode()
There is a single consumer, the pmc utility, that clearly has knowledge
of which counters it is expecting. Remove this function and have it
use common counter aliases instead.
Reviewed by: gnn
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30528
J.R. Oldroyd [Mon, 31 May 2021 19:33:07 +0000 (22:33 +0300)]
iichid(4): disable interrupt on suspend
Commit message of the identical change in Linux driver says:
"When an I2C HID device is powered off during system sleep, as a result
of removing its power resources (by the ACPI core) the interrupt line
might go low as well. This results inadvertent interrupts."
This change fixes suspend/resume on Asus S510UQ laptops.
While here add a couple of typo fixes as well as a slight change to the
iichid_attach() code to have the power_on flag set properly.
- Allow firmware downloading for hw_variant #8;
- Enter manufacturer mode for setting of event mask;
- Handle multi-event response on HCI commands for 7260;
This allows to remove kludge with skipping of 0xfc2f opcode.
- Disable patch and exit manufacturer mode on downloading failure;
- Use default firmware if correct firmware file is not found;
projects / people / royger / freebsd.git / log