The iostat(8) manual page should be more specific when using
options. Also extented the BUGS section.
PR: 153012
Reviewed by: bcr
Differential Revision: https://reviews.freebsd.org/D42633
(cherry picked from commit 502e8f44fc)
Currently we just strip the .txz of the dist name (and add a status_
prefix) to get the shell variable name for its status, but this doesn't
give a valid result for dists like base-dbg, kernel-dbg and lib32-dbg,
or even kernel.KERNCONF (or, combining the two, kernel.KERNCONF-dbg). As
a result, four things go wrong for such dists:
1. If there is a dot and/or a dash in the name, writing to the variable
fails and spits an error out on stderr to the log
3. If there is a dot in the name before any dash, the syntax is always
invalid, reading the variable fails, spits an error out on stderr to
the log, the result is the empty string and that is interpreted as
being 0%
2. If there is a dash in the name before any dot, and there is a dist
whose name is the substring up to that first dash, and it has already
had its status written to, reading the variable instead reads that
dist's variable and so the status of that dist is displayed instead
3. If there is a dash in the name before any dot, and either there is
not a dist whose name is the substring up to that first dash or there
is such a dist but it has not already had its status written to,
reading the varaible instead results in the substring after the first
dash, including any additional string expansion syntax that follows
(i.e. ${status_kernel-dbg:--11}, the expression used to read the
variable, is interpreted as reading status_kernel with a default
value of "dbg:--11")
For example, in a default install with base, kernel, kernel-dbg and
lib32, the following sequence of displays happens:
1. base is In Progress, kernel is Pending, kernel-dbg is 0% (what shows
for the garbage input "dbg:--11") and lib32 is Pending
2. base is Passed, kernel is In Progress, kernel-dbg is In Progress
(since kernel has now had its status written to) and lib32 is
Pending
3. base is Passed, kernel is Passed, kernel-dbg is Passed (again, since
that is the status of kernel, despite that kernel-dbg is being
verified at this point) and lib32 is Pending
4. base is Passed, kernel is Passed, kernel-dbg is Passed and lib32 is
In Progress
Fix this with a crude encoding scheme. More special characters can
easily be added if needed in future.
Note that, prior to bsddialog being used (and thus for branches this is
MFC'ed to where dialog is still used), the same problem existed but
displayed slightly differently due to a combination of different default
values and different behaviour for unintended inputs.
Fixes: b70047d413 ("Add generation of an installation manifest containing SHA256 checksums as ...")
MFC after: 1 week
(cherry picked from commit 47d669f10e)
The daemon utility already does its own buffering and retransmits its
child's output line by line. There's no need for stdio to add its own
buffering on top of this.
MFC after: 1 week
Sponsored by: Modirum MDPay
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D42111
(cherry picked from commit cec8e6ba64)
Simply resume waiting for events rather than exiting if we took a signal
here.
This at least fixes running programs under daemon(8) in the face of
suspend/resume, which I suspect hits us with a spurious EINTR rather
than a signal anyways.
Reported and tested by: manu
Fixes: 8935a39932 ("daemon: use kqueue for all events")
(cherry picked from commit 494e7dfdbe)
Refactor daemon to use kqueue/kevent instead of signals.
This changes allows to simplify the code in several ways:
- the execution flow is now linear, no async events.
- several variables became redundant and got removed.
- all event handling is now concentrated inside of the event loop, which
makes code reading and comprehension easier.
- new kqueuex(2) call is used for CLOEXEC, but maintained closing the
kq fd prior to execve() to ease later MFC
No UX/API changes are intended.
Reviewed by: kevans
Pull Request: https://github.com/freebsd/freebsd-src/pull/701
(cherry picked from commit 8935a39932)
when ntpd is enabled.
The leap-seconds.list is used exclusively by ntpd, therefore, do not bother
to perform the fetch when ntpd is not enabled.
PR: conf/275419
Reviewed by: cy, michaelo, imp
Differential Revision: https://reviews.freebsd.org/D42875
(cherry picked from commit 3b3195f676)
"keep" currently adds a leading underscore, which hasn't been useful or
accurate since a.out days. Preserve the symbol name as it's given
rather than mangle it to match ELF-style symbol names.
This was partially fixed back in
6cd35234a0 ("Assume ELF-style symbol names now.") for crunchgen, but
the keeplist wasn't changed to match it.
While we're here, break it out to bsd.crunchgen.mk for later use in
bsdbox.
Reviewed by: adrian, imp
(cherry picked from commit 8f2848eafa)
This should make crash reports a bit more useful without having to ask
for additional information.
Reviewed by: imp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D42465
(cherry picked from commit 3e356fb885)
ioctl(2)'s with integer argument shall pass command argument by value,
not by pointer. The ioctl(2) manual page is not very clear about that.
See sys/kern/sys_generic.c:sys_ioctl() near IOC_VOID.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D42366
Fixes: fd8b9c73a5
(cherry picked from commit f407a72a50)
EPRINTLN handles newlines appropriately when stdout/stderr have been
reused as the backend for a serial port.
For bhyverun.c itself, the rule this attempts to follow is to use
regular fprintf/perror/warn/err prior to init_pci() (which is when
serial ports are configured) and to switch to EPRINTLN afterwards.
Reviewed by: corvink, markj
Differential Revision: https://reviews.freebsd.org/D42182
(cherry picked from commit b0936440b8)
- Collapse IDENT_SEND/IDENT_WAIT states down to a single state.
- Remove unused 'len' argument to op_data callback. The value passed
in (total amount of remaining data to receive) didn't seem very useful
and no op_data implementations used it.
Reviewed by: corvink, markj
Differential Revision: https://reviews.freebsd.org/D41286
(cherry picked from commit f0852344e7)
These do not use __FBSDID but instead use bare char arrays.
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D41957
(cherry picked from commit eba230afba)
Creating an IP socket to invoke the SIOCGIFFLAGS ioctl on is the only
thing preventing bhyve from working inside a bhyve jail with IPv4 and
IPv6 disabled restricting the jailed bhyve process to only access the
host network via a tap/vmnet device node.
PR: 273557
Fixes: 56be282bc9 ("bhyve: net_backends, automatically IFF_UP tap devices")
Reviewed by: markj
MFC after: 1 week
(cherry picked from commit fd8b9c73a5)
The current xo_format string is incorrect. This restores the display
format prior to libxo-ification work while also explicitly marking
tv_sec and tv_usec as encoded output only.
MFC after: 1 week
Reviewed by: kp
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D42269
(cherry picked from commit 2bb78b46e0)
The -r flag to bectl needs to go away, and we need to just do the right
thing. In the meantime, we can apply an -r in freebsd-update as a
minimal fix to stop creating partial backups in these (non-default) deep
BE setups.
PR: 267535
(cherry picked from commit 989c5f6da9)
Files under /var/db/freebsd-update are required during the upgrade
process, and to support rollback. They may be deleted if no upgrade is
in progress and rollback will not be required.
PR: 273601
Reviewed by: bcr
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D42022
(cherry picked from commit 30beebe444)
(cherry picked from commit ffe4456d7d)
Add a sentence that explains that PATH is set to `/bin:/usr/bin`.
I had to dive into `jexec.c` to find this out.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D35251
(cherry picked from commit 7eb6a92e3f)
Depending on the card's firmware version, it may return different length
responses for MPI2_FUNCTION_IOC_FACTS. But the first part of the
response contains the length of the rest, so query it first to get the
length and then use that to size the buffer for the full response.
Also, correctly zero-initialize MPI2_IOC_FACTS_REQUEST. It only worked
by luck before.
PR: 264848
Reported by: Julien Cigar <julien@perdition.city>
Sponsored by: Axcient
Reviewed by: scottl, imp
Differential Revision: https://reviews.freebsd.org/D38739
(cherry picked from commit 7d154c4dc6)
Copy the ENVIRONMENT section from df(1) to swapinfo(8), except
that the --si option is removed for swapinfo.
PR: 235225
Reported by: 0mp
MFC after: 3 days
(cherry picked from commit 39ad6e289f)
It may be unclear how to generate an encrypted password hash for -H,
so point users to openssl-passwd(1) and crypt(3).
MFC after: 2 weeks
(cherry picked from commit adf9cd56fa)
There was a missing sentence in the description of the second mount
entry in the example. Fix that and some other bits in the EXAMPLES
section.
Also, make the STANDARDS section a bit more readable.
MFC after: 1 week
Sponsored by: Klara Inc.
(cherry picked from commit f9572577cf)
Upgrading from FreeBSD 13.2 to 14.0 failed with
install: ///usr/include/c++/v1/__string exists but is not a directory
because __string changed from a file to a directory with an LLVM
upgrade.
Now, remove the existing file when the type conflicts. Note that this
is only an interim fix to facilitate upgrades from 13.2 for 14.0 BETA
testing. This change does not handle the directory -> file case and
further work is needed.
PR: 273661
Reviewed by: dim, gordon
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41893
(cherry picked from commit f6d37c9ca1)
parseDWM() can advance the time to the next week. If the next week is
in the next month, then tm_mon is incremented. However, the increment
was failing to handle the wraparound from December to January, so when
parsing a rule during the last week of the December, the month would
advance to month 12. This triggered an out-of-bounds read of the
mtab[] array in days_pmonth() after parseDWM() returned. To fix,
this change resets the month to January and increment the year when
the month increment wraps.
The default rule for /var/log/weekly.log triggers this during the
last week of December each year.
Reported by: CHERI
Obtained from: CheriBSD
Reviewed by: jhb
Sponsored by: The University of Cambridge, Google Inc.
Differential Revision: <https://reviews.freebsd.org/D33687>
(cherry picked from commit b7b447fd4c)
In 6cd1bc5316 for PR 263489 I changed freebsd-update to restart sshd
after upgrade, to avoid an upgrade-related incompatibility that made it
impossible to login.
This is intended to avoid losing access to remote hosts, and ought not
apply to upgrading jails (from outside).
PR: 263489, 272282
Reported by: otis
Reviewed by: otis, kevans
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Fixes: 6cd1bc5316 ("freebsd-update: restart sshd after upgrade")
Differential Revision: https://reviews.freebsd.org/D41890
(cherry picked from commit 8ee97b1928)
(cherry picked from commit cce342e213)
The previous code would warn that the mask was being defaulted to
an obsolete class mask even if -mask was present after -network.
Import a fix from Peter Much with a little tweaking, deferring the
warning until after all parameters are processed.
PR: 263011
Obtained from: pmc at citilink.dinoex.sub.org
Reviewed by: rmacklem
Differential Revision: https://reviews.freebsd.org/D41774
(cherry picked from commit 48514c5724)
Prefer libpfctl functions over direct access to the ioctl whenever
possible. This will allow subsequent removal of DIOCGETSTATUS (in 15) as
there already is an nvlist-based alternative.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D41650
(cherry picked from commit 6fbb9fbf7d)
Section 7.10.3 of the NVME 1.4b specification states that the IEEE OUI
in the identify controller structure is stored in little-endian format
(unlike the embedded OUI in EUI64 identifiers).
Reviewed by: corvink, chuck, imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D41487
(cherry picked from commit 18974bd616)
Some SAS JBODs support zoning. This feature allows individual SAS
targets to be accessible by only some initiator ports. One application
would be connecting two servers to the same JBOD, but they wouldn't be
able to see each other's disks.
A zoned JBOD should also prohibit initiators from accessing SES elements
corresponding to inaccessible SAS targets. It reports that by setting
the element's status code to 0x8 (No Access Allowed).
The bug is that when doing "sesutil (fault|locate) all ...", sesutil
will attempt a ENCIOC_SETELMSTAT ioctl for every single element, even
the inaccessible ones. The enclosure will reject the command, the
kernel will return EINVAL, and sesutil will exit.
The solution is to check the element's status, and skip trying to set it
if the status is 0x8. But if the user actually supplied a ses ID, then
assume that he knows what he's doing and try to set it anyway.
PR: 270093
Sponsored by: Axcient
Reviewed by: mav, trasz
Differential Revision: https://reviews.freebsd.org/D39017
(cherry picked from commit 57dc6f5e20)
The bootindex option creates an entry in the "bootorder" fwcfg file.
This file can be picked up by the guest firmware to determine the
bootorder. Nevertheless, it's not guaranteed that the guest firmware
uses the bootorder. At the moment, our OVMF ignores the bootorder. This
will change in the future.
If guest firmware supports the "bootorder" fwcfg file and no device uses
the bootindex option, the boot order is determined by the firmware
itself. If one or more devices specify a bootindex, the first bootable
device with the lowest bootindex will be booted. It's not garanteed that
devices without a bootindex will be recognized as bootable from the
firmware in that case.
Reviewed by: jhb
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39285
(cherry picked from commit 480bef9481)
Qemu's fwcfg allows to define a bootorder. Therefore, the hypervisor has
to create a fwcfg item named bootorder, which has a newline seperated
list of boot entries. Qemu's OVMF will pick up the bootorder and applies
it.
Add the moment, bhyve's OVMF doesn't support a custom bootorder by
qemu's fwcfg. However, in the future bhyve will gain support for qemu's
OVMF. Additonally, we can port relevant parts from qemu's to bhyve's
OVMF implementation.
Reviewed by: jhb, markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39284
(cherry picked from commit 6632a0a4e3)
Don't allow access to the physical ASLS register. It contains a host
address which is meaningless for the guest. Additionally, it allows the
guest to safely rewrite this register.
This is the last commit required for GVT-d. Nevertheless, it might not
work due to missing firmware support.
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D26209
(cherry picked from commit 71fb2dcb00)
This makes the OpRegion accessible by the guest. However, the guest
doesn't know the address of the OpRegion. This will be fixed by an
upcoming commit.
The range of the OpRegion is added to the e820 table. This allows the
guest firmware to easily pick up this range and to reserve it properly.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40041
(cherry picked from commit 1115cdcf7a)
The OpRegion provides some configuration bits and ACPI methods used by
some Intel drivers. The guest needs access to it. In the first step,
we're reading it's address and size.
Reviewed by: jhb
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40040
(cherry picked from commit 6952b9d25e)
This register contains a host physical address. This address is
meaningless for the guest. We have to emulate it and set it to a valid
guest physical address.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40060
(cherry picked from commit d9fa7c113d)
The graphics stolen memory is only GPU accessible. So, we don't have to
copy any data to it as the guest will be unable to access it anyway. We
just have to allocate and reserve some memory. That's done by adding an
E820 entry for the graphics stolen memory. The guest firmware will pick
up the E820 and reserve this range.
Note that we try to reuse the host address as Intel states that newer
Tiger Lake platforms need this [1].
[1]
e28d6fbfdf/devicemodel/hw/pci/passthrough.c (L626-L629)
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40059
(cherry picked from commit 1bd361eea2)
This is the first step to emulate the graphics stolen memory register.
Note that the graphics stolen memory is somehow confusing. On the one
hand the Intel Open Source HD Graphics Programmers' Reference Manual
states that it's only GPU accessible. As the CPU can't access the area,
the guest shouldn't need it. On the other hand, the Intel GOP driver
refuses to work properly, if it's not set to a proper address.
Intel itself maps it into the guest by EPT [1]. At the moment, we're not
aware of any situation where this EPT mapping is required, so we don't
do it yet.
Intel also states that the Windows driver for Tiger Lake reads the
address of the graphics stolen memory [2]. As the GVT-d code doesn't
support Tiger Lake in its first implementation, we can't check how it
behaves. We should keep an eye on it.
[1]
e28d6fbfdf/devicemodel/hw/pci/passthrough.c (L655-L657)
[2]
e28d6fbfdf/devicemodel/hw/pci/passthrough.c (L626-L629)
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40039
(cherry picked from commit 4a9bf50f40)
Don't emulate anything yet. Just check if the user would like to pass an
Intel GPU to the guest.
Reviewed by: jhb, markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40038
(cherry picked from commit 90c3a1b662)
Those definitions are required for the GVT-d emulation to parse the
OpRegion.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40037
(cherry picked from commit b67f0d360b)
Intel GPUs have two special memory regions. They are called Graphics
Stolen Memory and OpRegion. bhyve has to emulate both of them. In order
to keep track of those special regions, add generic mmio ranges to the
passthru emulation.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40036
(cherry picked from commit 93cf93179c)
The GVT-d emulation requires access to this selector to read from the
device.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40035
(cherry picked from commit 60793cee27)
A TPM has an event log. Therefore, qemu adds a FwCfg item and adds it to
an ACPI table. We like to use the same OVMF driver as qemu, so we should
do the same. This commit adds the ability to basl to do it.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40451
(cherry picked from commit 4e46ab0ebe)
Some guest allow to configure themself by fw_cfg. E.g. Fedora CoreOs can
be provisioned by adding a JSON file as fw_cfg item.
Reviewed by: jhb
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D38338
(cherry picked from commit ca14781c81)
bhyve: error out if fwcfg user file isn't read completely
At the moment, fwcfg reads the file once at startup and passes these
data to the guest. Therefore, we should always read the whole file.
Otherwise we should error out.
Additionally, GCC12 complains that the comparison whether
fwcfg_file->size is lower than 0 is always false due to the limited
range of data type.
Reviewed by: markj
Fixes: ca14781c81 ("bhyve: add cmdline option for user defined fw_cfg items")
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40076
(cherry picked from commit 26d9f973d8)
vmm and libvmmapi already have handlers for that. When adding debug
cpus, they were only used for the debug stub. Over time, they were
reused by other parts like snapshots or idle APs.
Reviewed by: corvink, jhb
MFC after: 1 week
Sponsored by: vStack
Differential Revision: https://reviews.freebsd.org/D40804
(cherry picked from commit 65f8467e33)
Using key 'structs' is ambiguous. This section contains data
related to the kernel. It should use a more informative naming.
Reviewed by: corvink, rew
MFC after: 1 week
Sponsored by: vStack
Differential Revision: https://reviews.freebsd.org/D40104
(cherry picked from commit 50aef9f62c)
There is no error when dump doesn't have it, but to be more
consistent this PCI devices should be saved as well.
Reviewed by: corvink, rew
MFC after: 1 week
Sponsored by: vStack
Differential Revision: https://reviews.freebsd.org/D40108
(cherry picked from commit 6f7d2cf8bb)
Each device needs a unique identifier to store and restore snapshots
properly. Adding the pci bsf information to the device name creates a
unique identifier as a bsf can't be occupied twice.
Reviewed by: corvink
MFC after: 1 week
Sponsored by: vStack
Differential Revision: https://reviews.freebsd.org/D40107
(cherry picked from commit 14c80457b0)
The kernel part of the hypervisor is not going to support per-VM maxcpu
limits. The topology is only used to control the values returned by
CPUID leaves for which max vCPUs is not relevant.
Reviewed by: corvink, markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D37176
(cherry picked from commit bb17701050)
This patch fixes virtual machine single stepping on VMX hosts.
Currently, when using bhyve's gdb stub, each attempt at single-stepping
a vCPU lands in a timer interrupt. The current single-stepping mechanism
uses the Monitor Trap Flag feature to cause VMEXIT after a single
instruction is executed. Unfortunately, the SDM states that MTF causes
VMEXITs for the next instruction that gets executed, which is often not
what the person using the debugger expects. [1]
This patch adds a new VM capability that masks interrupts on a vCPU by
blocking interrupt injection and modifies the gdb stub to use the newly
added capability while single-stepping a vCPU.
[1] Intel SDM 26.5.2 Vol. 3C
Reviewed by: corvink, jbh
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D39949
(cherry picked from commit fefac54359)
The GVT-d emulation tries to allocate some specific memory. It could
happen that this address doesn't exist. In that case, GVT-d will fall
back to allocate any address. Nevertheless, this only works if the e820
fails with an error instead of exiting on an assertion.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D40034
(cherry picked from commit 99aeb28b2f)
The removal of the sparc64 support in February 2020 obsoleted the
VTOC8 partitioning scheme as no other FreeBSD platform makes use
of it. Moreover, the code is bitrotting as nothing defines e. g.
LOADER_VTOC8_SUPPORT any more and, thus, should go now, too. With
this change, the following commits are reverted as far as VTOC8
is concerned and parts haven't already previously been deleted
along with prior sparc64 removals:
094fcb157da7d366e958ba8d50d08b
The alignment example d9711c28ef
added to the VTOC8 section of gpart.8 is folded into the MBR one.
This should finally conclude the deorbit of sparc64-specific bits.
We had joy, we had fun
we ran Unix on a Sun.
But that source and the song
of FreeBSD have all gone.
Credits to Michael Bueker for the original "Unix on a Sun" and Rod
McKuen for the "Seasons in the Sun" lyrics.
(cherry picked from commit 4ef1c6f75d)
This will be used by Makefile.inc1 to fix -DNO_ROOT distributeworld,
which needs to split out DESTDIR from DISTBASE so the METALOG file
includes the base/ prefix.
Reviewed by: kevans
Obtained from: CheriBSD
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D35808
(cherry picked from commit 232cf6be4b)
If a guest tries to reset the fwctl device while a pending request was
in flight, the fwctl state machine can be left in an incomplete state.
Specifically, rinfo is not cleared.
Normally the state machine for fwctl alternates between REQ (receiving
request) and RESP (sending response) and ignores port writes while in
RESP or port reads while in REQ. Once a guest completes the writes to
the port to send a request, the state machine transitions to RESP and
ignores future writes.
However, if a guest writes a full request and then resets the fwctl
device, the state would transition to REQ without draining the pending
response or discarding the received request. Instead, additional
port writes after the reset were treated as new payload bytes, but
were appended to the previously-received request and could overflow
the fget_str buffer.
To fix, fully reset the fwctl state machine if the guest requests a
reset.
admbugs: 998
Approved by: so
Reviewed by: markj
Reported by: Omri Ben Bassat <t-benbassato@microsoft.com>
Security: FreeBSD-SA-23:07.bhyve
Security: CVE-2023-3494
(cherry picked from commit bed3ae1d78)
The device model effectively assumes that MSI-X is enabled (it never
asserts the legacy interrupt), so any guest which relies on being able
to use the legacy PCI interrupt will fail.
The WIP arm64 port does not implement legacy PCI interrupts, but NVMe
emulation is potentially useful there. Simply remove the call.
Reviewed by: corvink, chuck, jhb
Tested by: chuck
MFC after: 1 month
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D40731
(cherry picked from commit 13013d266e)
There never was a BSD-3-Clause-FreeBSD SPDX identifier. Replace it
with BSD-3-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
(cherry picked from commit eb8f887758)
After removing the -FreeBSD and -NetBSD, we're left with a nuber of
BSD-2-Clause AND BSD-2-Clause, so tidy that up.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
(cherry picked from commit eebd9d5366)
The SPDX folks have obsoleted the BSD-2-Clause-NetBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
(cherry picked from commit b61a573019)
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
(cherry picked from commit 4d846d260e)
This utility has existed for a long time and should not be advertised as
"currently under development".
While here, fix the one other warning from igor about using a newline
for a new sentence.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
(cherry picked from commit a5b3e56330)
Take kern.localbase into account with fallback to /usr/local and
also allow for LOCALBASE/etc/periodic.conf (similarly to what
many other utilities do).
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D40435
(cherry picked from commit e5d7100c09)
pci_cfgrw() may be called via a write to the extended config space,
which is memory-mapped. In this case, the name "eax" is misleading.
Give it a more generic name. No functional change intended.
Reviewed by: corvink, jhb
MFC after: 1 week
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D40732
(cherry picked from commit f4841d8af0)
They are not needed and are specific to x86. No functional change
intended.
MFC after: 1 week
Sponsored by: Innovate UK
(cherry picked from commit 6d1dfc8741)
This is the correct way to prevent resolvconf from updating resolv.conf.
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D39262
(cherry picked from commit 9b20ab1e1e)
If a jail is not correctly configured to run nfsd(8)
in the jail, nfsuserd(8) cannot run.
This patch improves the failure message for this case.
(cherry picked from commit a94018e200)
If a jail is not correctly configured to run nfsd(8)
in the jail, gssd(8) cannot run.
This patch improves the failure message for this case.
(cherry picked from commit 697727110b)
It also applies to the -t argument.
Reviewed by: jkoshy
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39907
(cherry picked from commit bf66159342)
This is dead code; we no longer support Pentium hardware in libpmc or
hwpmc.
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 8bd4459560)
Fixes two small bugs including one regression.
Merge commit 'ab1f1aa8333369a83ff284848fc3fc2e52d5f29f'
(cherry picked from commit e6bfd18d21)
ntp: Fix build
Two files used to obtain time from reference clocks did not include
ntp_types.h resulting in an undefined NONEMPTY_TRANSLATION_UNIT.
Fixes: e6bfd18d21
(cherry picked from commit 82aa1470c9)
The previous change to CGSIZE had the unintended side-effect of allowing
newfs and makefs to create file systems that would fail validation when
examined by older commands and kernels, by allowing newfs/makefs to pack
slightly more blocks into a CG than those older binaries think is valid.
Fix this by having newfs/makefs artificially restrict the number of blocks
in a CG to the slightly smaller value that those older binaries will accept.
The validation code will continue to accept the slightly larger value
that the current newfs/makefs (before this change) could create.
Fixes: 0a6e34e950
Reviewed by: mckusick
MFC after: 3 days
Sponsored by: Netflix
(cherry picked from commit d464a7698d)
Chase a466cc5537, updating the version string in the local config.h.
Reported by: Trond Endrestol <Trond.Endrestol@ximalas.info>
Fixes: a466cc5537
(cherry picked from commit 4d78061377)
For the cases where the nfsd(8) daemon is already running or
has failed to start within a prison due to an incorrect prison
configuration, the failure message logged is:
Can't read stable storage file: operation not permitted
This patch replaces the above with more meaningful messages.
It depends on commit 10dff9da97 to differentiate between the
above two cases, however even without this commit, the messages
should be an improvement.
(cherry picked from commit fe5c211ba8)
Mountd can now be run in an appropriately
configured vnet jail.
This man page update adds some information
for this case.
This is a content change.
(cherry picked from commit 9432e798fc)
Nfsd can now be run in an appropriately
configured vnet jail.
This man page update adds some information
for this case.
This is a content change.
(cherry picked from commit a1254dcaa8)
This patch updates the information for "allow.nfsd"
and adds configuration information.
This is a content change.
(cherry picked from commit c0f94fee0b)
Commit bba7a2e896 added "allow.nfsd" to optionally allow
mountd/nfsd to be run inside a vnet prison when the kernel
is built with "options VNET_NFSD".
This patch updates the man page for this change.
This is a content change.
(cherry picked from commit d4b4f3b9c3)
Use SHA256_Fd and SHA256_Data instead of home made equivalent.
wrap those functions into hash.c to avoid header collition between
openssl and libmd
Suggested by: kevans
(cherry picked from commit e5dd5bfa55)
OpenSSL 3.0 has deprecated the sha256 api, let's use libmd which has the
same API instead.
In order to avoid the collision in definitions (sha256.h cannot be
included in the same file as a file where openssl headers has been
included) let's move the sha256 related code in its own file
PR: 270023
Reported by: ngie
(cherry picked from commit b2654064c2)
The pw_checkname function forgot to include a ';'
when checking usernames, causing shell commands
to be executed when a username with a ';' is deleted.
PR: 271427
MFC After: 3 days
(cherry picked from commit e0155c6989)
Instead of reyling on locale-sensitive output which can be mangled when e-mailed
use consistently ISO 8601 format which contains the same information as '-T'.
PR: 271240
MFC After: 3 days
(cherry picked from commit d2b4753f06)
When performing an "upgrade" (moving between FreeBSD releases, as
opposed to "update" which merely applies security/errata updates
to the installed release) FreeBSD Update:
1. Generates a list of "files needing to be merged", namely those
files which don't match the version installed in the "old" release
and have paths matching the MergeChanges configuration directive
(by default, /boot/device.hints and everything under /etc/).
and later on,
2. Compares the currently-installed files to the versions in the
"new" release, removing index entries for files which "don't need
to be updated because they're not changing".
Unfortunately if a file falls into both of these categories -- that
is to say, if a file in /etc/ is the same as the version in the new
release and not the same as the version in the old release -- the
resulting "merge" step saw that the file was no longer listed as
being part of the new release, resulting in the file being deleted.
For the first 18 years of FreeBSD Update's existence, this never
happened, since $FreeBSD$ tags resulted in "new release" files
always being different from any files systems would already have
installed.
This commit fixes this behaviour by only placing a file into the
"files needing to be merged" list if it does not match the version
in the old release *or* the version in the new release.
Reported by: des
Reviewed by: delphij (earlier version), des, emaste
MFC after: 7 days
X-EN-Candidate: yes
Differential Revision: https://reviews.freebsd.org/D39973
(cherry picked from commit c55b7e5226)
0.pool.* returns only IPv4 addresses.
2.pool.* returns both, IPv6 and IPv4 addresses.
conservatively extend our IPv4 only pool configuration by adding a
second pool, which also returns IPv6 addresses.
PR: 270536
Reported by: Lapo Luchini <lapo@lapo.it>
Pull Request: https://github.com/freebsd/freebsd-src/pull/731
Differential Revision: https://reviews.freebsd.org/D39954
(cherry picked from commit fff1551c03)
E820 table will be used to report valid RAM ranges and reserve special
memory areas like graphics memory for GPU passthrough.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39550
(cherry picked from commit 16f23f7543)
For debugging purposes it is helpful to dump the E820 table.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39549
(cherry picked from commit a8a8e9af57)
This function makes it easy to allocate new E820 entries. It will be
used to allocate graphics memory for Intel integrated graphic devices.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39547
(cherry picked from commit 5597f56487)
The VGA and the ROM memory ranges can't be used as system memory. For
that reason, remove them from the E820 table.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39546
(cherry picked from commit 059af92a30)
There are some use cases where bhyve has to prepare some special memory
regions. E.g. GPU passthrough for Intel integrated graphic devices needs
to reserve some memory for the graphic device. So, bhyve has to inform
the guest about those memory regions. This information can be passed by
the qemu fwcfg interface. As qemu creates an E820 table, we can reuse
the existing fwcfg item "etc/e820".
This commit is the first one of a series. It only adds a basic
implementation for the creation of the E820 table. Some subsequent
commits will add more items to the E820 table and register it as fwcfg
item.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39545
(cherry picked from commit 9180daa1e3)
Add all acpi tables to qemus acpi table loader. This passes the acpi
tables by fwcfg to the guest.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D38439
(cherry picked from commit 7959d80d99)
The hypervisor is aware of all system properties. For the guest bios
it's hard and complex to detect all system properties. For that reason,
it would be better if the hypervisor creates acpi tables instead of the
guest. Therefore, the hypervisor has to send the acpi tables to the
guest. At the moment, bhyve just copies the acpi tables into the guest
memory. This approach has some restrictions. You have to keep sure that
the guest doesn't overwrite them accidentally. Additionally, the size of
acpi tables is limited.
Providing a plain copy of all acpi tables by fwcfg isn't possible. Acpi
tables have to point to each other. So, if the guest copies the acpi
tables into memory by it's own, it has to patch the tables. Due to
different layouts for different acpi tables, there's no generic way to
do that. For that reason, qemu created a table loader interface. It
contains commands for the guest for loading specific blobs into guest
memory and patching those blobs.
This commit adds a qemu_loader class which handles the creation of qemu
loader commands. At the moment, the WRITE_POINTER command isn't
implement. It won't be required by bhyve's acpi table generation yet.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D38438
(cherry picked from commit f565b4d630)
It is illegal (UB?) to pass a shorter array to a function argument
that takes a fixed-length array. Do a runtime check for names that
are too long via strlen() instead.
Reviewed by: markj
Reported by: GCC -Wstringop-overread
Differential Revision: https://reviews.freebsd.org/D39211
(cherry picked from commit 61482760a0)
This function intentionally saves a pointer to an on-stack variable in
a global as a dubious way of reading the stack pointer.
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D37535
(cherry picked from commit f4432625ed)
Make 'line' static to move it to .bss instead as that pattern is used
elsewhere in pw(8) (e.g. the static buffer in pw_pwcrypt).
Reported by: GCC -Wdangling-pointer
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D37534
(cherry picked from commit 1055bedbed)
firewire.h includes zero length arrays in unions that trigger this
warning.
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D37538
(cherry picked from commit aa9ce62be5)
Most register of the PCI header are either constant values or require
emulation anyway. The command and status register are the only exception which
require hardware access. So, we're adding an emulation handler for all
other register.
As this emulation handler will be reused by some future features like
GPU passthrough, we directly export it.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D33010
(cherry picked from commit b6e67875a3)
GPU passthrough requires a special handling of some PCI config register.
Therefore, we need a flexible approach for implementing it. Adding an
array of handler meets this condition.
Start by using the default handler for all accesses to the PCI config
space. In upcoming commits, we can start to split the default handler
into several handler for each register that requires emulation.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39291
(cherry picked from commit 931bb7bf1c)
This will be useful for writing device specific ACPI tables or DSDT
methods.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39322
(cherry picked from commit 158adced65)
This feature will be used by future commits to implement a device
specific method (_DSM) for TPM devices.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39321
(cherry picked from commit e976464a50)
At the moment, this function can't fail. This behaviour will change in
the future. In preparation to that, convert the return type to int in
order to be able to check for errors.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39422
(cherry picked from commit ab34ea4711)
Some ACPI devices require a device specific acpi table. E.g. a TPM2
device requires a TPM2 table. Use the acpi_device_emul struct to define
such a device specific table.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39320
(cherry picked from commit 0926566f6f)
It'll be easier to add new properties to the ACPI device emulation if we
have a struct which holds all device specific properties. In some future
commits the acpi_device_emul struct will be expanded to include some
device specific functions to build ACPI tables.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39319
(cherry picked from commit acd0088c44)
The Intel GOP driver checks the LPC IDs to detect the platform it's
running on. The GOP driver only works on the platforms it's written for.
Maybe other Intel driver have the same behaviour. For that reason, we
should use the LPC IDs of the FreeBSD host for GPU passthrough to work
properly.
We don't know if setting different LPC IDs have any side effect.
Therefore, don't use the host LPC IDs by default on Intel system. Give
the user the opportunity to modify the LPC IDs.
Reviewed by: jhb
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D28280
(cherry picked from commit f4ceaff56d)
bhyve: fix spelling mistake of pcireg option
The option is spelled "pcireg" not "pcir".
MFC after: 1 week
Fixes: f4ceaff56d
Sponsored by: Beckhoff Automation GmbH & Co. KG
(cherry picked from commit c98d13fbf9)
bhyve: scan PCI device functions to find host LPC
At least on some AMD devices the host LPC bridge could be located as
seperate function of another PCI device.
Fixes: f4ceaff56d
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39310
(cherry picked from commit d3e03d235e)
bhyve: do not exit if LPC finds no host selector
The host selector is only required when the user likes to use the same
LPC device IDs as the physical LPC device. This is an uncommon use case.
For that reason, it makes no sense to exit when we don't find the host
selector.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39311
(cherry picked from commit 0d29d750b9)
DOT and DOTDOT entries have special handling, and previously only Rock
Ridge PX (POSIX attributes) entries were attached. Add TF (timestamp)
entries as well.
PR: 203531
Reported by: Thomas Schmitt <scdbackup@gmx.net>
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39662
(cherry picked from commit dd9059b3e9)
This matches NetBSD and rationalizes makefs with the kernel API.
This reverts commit 370e009188.
Reviewed by: mckusick
Sponsored by: The FreeBSD Foundation
Obtained from: NetBSD 0a62dad69f62, 0c4125e1a19f, cb6a5a3575fd
Differential Revision: https://reviews.freebsd.org/D39070
(cherry picked from commit e5551216d8)
For diff reduction against NetBSD's makefs. Based on NetBSD git mirror
commit 00991aee8248.
With this change our makefs cd9660 support should be in sync up to
NetBSD commit bdae6c9dc792 ("makefs(8): Nix trailing whitespace.").
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 10854bf517)