kmalloc() support within FPU sections will be redone in other way.
This reverts commit 5a3bd28167.
Sponsored by: Serenity Cyber Security, LLC
Requested by: jhb
kmalloc() support within FPU sections will be redone in other way.
This reverts commit b4efc62776.
Sponsored by: Serenity Cyber Security, LLC
Requested by: jhb
I accidentally copied this to the wrong place, or by accident to two
places, during the merge of llvmorg-17-init-19304-gd0b54bb50e51.
Fixes: 06c3fb2749
MFC after: 3 days
Document all the public functions from the "loader" table.
Sponsored by: Netflix
Reviewed by: pauamma_gundo.com, tsoome, kevans
Differential Revision: https://reviews.freebsd.org/D43701
basename, sed and tty are all in /usr/bin and not available
until /usr is mounted.
basename and tty we can replace with a function, but sed is more
important. Fix o_verify to just use shell builtins, and
rc_trace should avoid trying to set RC_LEVEL until sed is available.
Introduce the allocuio() and freeuio() functions to allocate and
deallocate struct uio. This hides the actual allocator interface, so it
is easier to modify the sub-allocation layout of struct uio and the
corresponding iovec array.
Obtained from: CheriBSD
Reviewed by: kib, markj
MFC after: 2 weeks
Sponsored by: CHaOS, EPSRC grant EP/V000292/1
Differential Revision: https://reviews.freebsd.org/D43711
Stop timers when in tcp_close() instead of doing that in tcp_discardcb().
A connection in CLOSED state shall not need any timers. Assert that no
timer is rescheduled after that in tcp_timer_activate() and verfiy that
this is also the expected state in tcp_discardcb().
PR: 276761
Reviewed By: glebius, tuexen, #transport
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D43792
When sending a RST control segment in tcp_output() it
means we are in TCPS_CLOSED state, called from tcp_drop().
Once the RST is sent, don't call tcp_timer_activate() or
update anything in tcpcb, since that will go away shortly.
PR: 276761
Provided by: glebius
Reviewed By: glebius, tuexen, #transport
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D43808
The SACK scoreboard is conceptually an extention of the socket
buffer. Remove it when the socket buffer goes away with
soisdisconnected(). Verify that this is also the expected
state in tcp_discardcb().
PR: 276761
Reviewed by: glebius, tuexen, #transport
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D43805
This is very unlikely to fail (and if it does, CAM isn't going to work
regardless), but fail with an error rather than a gauranteed panic via
NULL pointer dereference.
PR: 276770
Reported by: Qiushi <w290680224@gmail.com>
Fix a long-standing layering violation in the original NEW_PCIB code
by not passing suballocated resources up to the parent bus for
activation and mapping. Instead, handle activation and mapping of
sub-allocated resources in this driver. When mapping resources,
request a mapping from a suitable sub-region of the resource allocated
from the parent bus for the associated bridge window.
Note that this does require passing RF_ACTIVE (with RF_UNMAPPED) when
allocating bridge window resources from the parent.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D43690
These functions are not used by pcib subclasses so do not need to
be exposed in pcib_private.h.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D43688
For resources suballocated from the system resource rmans, handle
those in the ACPI bus driver without passing them up to the parent.
This means using bus_generic_rman_* for several bus methods for
operations on suballocated resources. For bus_map/unmap_resource,
find the system resource allocated from the parent bus (nexus) that
contains the range being mapped and request a mapping of that parent
resource.
This avoids a layering violation where nexus drivers were previously
asked to manage the activation and mapping of resources created
belonging to the ACPI resource managers.
Note that this does require passing RF_ACTIVE (with RF_UNMAPPED) when
allocating system resources from the parent.
While here, don't assume that the parent bus (nexus) provides a
resource list that sysres resources are placed on. Instead, create a
dedicated resource_list in the ACPI bus driver's softc to hold sysres
resources.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D43687
No functional change, but it is cleaner to use the existing generic
wrappers rather than KOBJ methods directly.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D43686
This changes the OK / Cancel buttons into Auto / Manual / Cancel, with
Auto being the default. Manual behaves like OK used to, i.e. presents a
series of dialogs asking exactly how to configure the interface, and
Cancel is unchanged, exiting with exit code 1. Auto will attempt to
configure IPv4+DHCP and IPv6+SLAAC with no interaction, failing only if
neither can be configured, thereby supporting all of IPv4-only,
IPv6-only and dual-stack environments. If at least one DNS server is
provided, it will also skip asking for DNS settings, otherwise it will
act like Manual mode for the purposes of DNS settings and prompt. For a
standard dual-stack environment this cuts down the number of netconfig
dialogs from 6 (interface, IPv4, DHCP, IPv6, SLAAC, DNS) to just the
first one.
Reviewed by: brooks
Differential Revision: https://reviews.freebsd.org/D43731
Reviewed-by: John Wren Kennedy <john.kennedy@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Kevin Greene <kevin.greene@delphix.com>
Closes#15868
Debugging boot issues can be helped by
logging each rc.d script as it is run
and being able to selectively enable/disable set -x
debug.sh provides an elaborate framework for debugging shell scripts.
For secure systems, we want to be paranoid about what we read
during boot.
dot() simply reads (.) arg file if it exists
vdot() if mac_veriexec is active, ignore unverified files
otherwise behaves much the same as dot()
safe_dot() in safe_eval.sh allows reading an untrusted file;
limiting the input to simple variable assignments.
In load_rc_config allow caller to provide an option to indicate how to
handle its arg:
-v use vdot()
-s use sdot() which will try to use vdot() and fallback to safe_dot()
The default is to read using dot()
rc_run_scripts()
encapsulate the running of rc.d scripts
so that we can easily call it more than twice.
We vdot local.rc.subr to pick up extensions (like
run_rc_scripts_final) and overrides.
We also allow rc.subr.local or rc.conf to set rc_config_xtra
eg (rc_config_xtra=XXX for historic compatibility)
rc use set -o verify around the reading in of rc.subr
This has no effect if mac_veriexec is not active, but if it is; ensures
rc.subr has not been tampered with.
Reviewed by: imp
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D43671
Fixes a small inaccuracy in the description of snapshot
atomicity
zfs-snapshot(8) appears to contain a small error. The existing
version reads "Snapshots are taken atomically, so that all
snapshots correspond to the same moment in time." Per
zfs_main.c, which in do_snapshot() simply loops over argv, this
does not appear to be correct when multiple snapshots are
specified explicitly on the command line. I believe the intent
of the man page was to say that *recursive* snapshots are all
created atomically.
This proposed change fixes that error. Because the existing
statement may confuse some readers anyway, the commit also also
adds a small amount of general explanatory information that may
be helpful.
The change also adds an introductory sentence that summarizes
what 'zfs snapshot' does in the first place. In that sentence,
the text "different datasets" is intended to indicate that
(again per the code) the same dataset cannot be specified
multiple times on the command line.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Shawn Bayern <sbayern@law.fsu.edu>
Closes#15857
Because "filesystem" and "volume" are just too long!
Sponsored-by: https://despairlabs.com/sponsor/
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Rob Norris <robn@despairlabs.com>
Closes#15864
Slow disk response times can be indicative of a failing drive. ZFS
currently tracks slow I/Os (slower than zio_slow_io_ms) and generates
events (ereport.fs.zfs.delay). However, no action is taken by ZED,
like is done for checksum or I/O errors. This change adds slow disk
diagnosis to ZED which is opt-in using new VDEV properties:
VDEV_PROP_SLOW_IO_N
VDEV_PROP_SLOW_IO_T
If multiple VDEVs in a pool are undergoing slow I/Os, then it skips
the zpool_vdev_degrade().
Sponsored-By: OpenDrives Inc.
Sponsored-By: Klara Inc.
Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Reviewed-by: Allan Jude <allan@klarasystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Co-authored-by: Rob Wing <rob.wing@klarasystems.com>
Signed-off-by: Don Brady <don.brady@klarasystems.com>
Closes#15469
The NTB hardware of XEON Ice lake and Sapphire Rapids has register mapping changes
Add a new NTB_XEON_GEN4 device type and use it to conditionalize driver logic differs
Reviewed by: vangyzen, dab
Sponsored by: Dell Technologies
Differential Revision: https://reviews.freebsd.org/D43291
FUSE emits spurious incoherency warnings in writethrough mode. The
warnings are triggered by setattr calls generated by vnode truncation
turning the cached va_size vattr stale, causing comparisons with the
fresh version provided by the server to fail. Only validate the vnode's
va_size vattr if the FN_SIZECHANGE flag is set.
This is a part of the research work at RCSLab, University of Waterloo.
Reviewed by: asomers
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/1110
In initial hacking I'd bluntly disabled manpage installation in libsys,
then later disabled them for libc, but forgot to fix the former leading
to no syscall manapages.
PR: 276887
Reported by: Martin Birgmeier <d8zNeCFG@aon.at>
The implicit assumption of snd_nxt always being larger than
snd_recover is not true after RTO. In that case, cwnd
would get inflated to ssthresh, which may be much larger
than the current pipe (data in flight).
Reviewed By: tuexen, #transport
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D43653
[sanitizer][msan] fix AArch64 vararg support for KMSAN (#70660)
Cast StackSaveAreaPtr, GrRegSaveAreaPtr, VrRegSaveAreaPtr to pointers to
fix assertions in getShadowOriginPtrKernel().
Fixes: https://github.com/llvm/llvm-project/issues/69738
Patch by Mark Johnston.
Requested by: markj
MFC after: 3 days
per RFC5681, only adjust ssthresh on the initital
retransmission timeout. Since RTO often happens
during loss recovery, while cwnd no longer tracks
all data in flight, calculcate pipe properly.
Reviewed By: tuexen, #transport
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D43768
tcp_fixed_maxseg() is the streamlined calculation of typical
tcp options and more suitable for heavy use in the congestion
control modules on every received packet.
No external functional change.
Reviewed By: tuexen, #transport
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D43779
This socket option was added in 6a2989fd54 together with LOCAL_CREDS.
Both options originate from NetBSD. The LOCAL_CREDS seems to be used by
some software and is covered by our test suite.
The main problem with LOCAL_CONNWAIT is that it doesn't work as
documented. A basic test shows that connect(2) indeed blocks, but
accept(2) on the other side does not wake it up. Indeed, I don't see what
code in the accept(2) path would go into the peer socket of a unix/stream
listener's child and would make wakeup(&so->so_timeo). I tried the test
even on a FreeBSD 6.4-RELEASE and it produced the same results as on
CURRENT.
The other thing that puzzles me is why that option would be useful even if
it worked? Because on unix/stream you can send(2) immediately after
connect(2) and that would put data on the peer receive buffer even before
listener had done accept(2). In other words, one side can do connect(2)
then send(2), only after the remote side would make accept(2) and the
remote would see the data sent before the accept(2). Again this
undocumented feature of unix(4) is present on all versions from FreeBSD 6
to CURRENT.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D43708
If socket has data interleaved with control it would never allow to read
two pieces of data, neither two pieces of control with one recvmsg(2). In
other words, presence of control makes a SOCK_STREAM socket behave like
SOCK_SEQPACKET, where control marks the records. This is not a documented
or specified behavior, but this is how it worked always for BSD sockets.
If you look closer at it, this actually makes a lot of sense, as if it
were the opposite both the kernel code and an application code would
become way more complex.
The change made recvfd_payload() to return received length and requires
caller to do ATF_REQUIRE() itself. This required a small change to
existing test rights_creds_payload. It also refactors a bit f28532a0f3,
pushing two identical calls out of TEST_PROTO ifdef.
Reviwed by: markj
Differential Revision: https://reviews.freebsd.org/D43724
It is a legitimate case to use sendmsg(2) to send control only, with zero
bytes of data and then recvmsg(2) them with zero length iov, receiving
control only. This sendmsg(2)+recmsg(2) would leave a zero length mbuf on
the top of the socket buffer. If you now try to repeat this combo again,
your recvmsg(2) would not return control data, because it sits behind an
MT_DATA mbuf and you have provided zero length uio_resid. IMHO, best
strategy to deal with zero length buffers in a chain is to not put them
there in the first place. Thus, solve this right in uipc_send() instead
of touching soreceive_generic().
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D43733
traceroute used a series of #defines to specify what features are
available on the host platform. As traceroute is now in source, these
are unnecessary and complicate the code, so remove them.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1100
traceroute hasn't had a vendor import since 2002, while since then it's
had several significant FreeBSD-specific commits. Since it's unlikely
another vendor import will happen, and to make the merge of traceroute6
into traceroute easier, import traceroute into usr.sbin.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1100
- In pmap_bootstrap_san(), allocate the root PTPs for the shadow maps.
(For KASAN, this is done earlier since we need to do some special
bootstrapping for the kernel stack.)
- Adjust ifdefs to include KMSAN.
- Expand the shadow maps when pmap_growkernel() is called.
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D43405
- Move pmap_bootstrap_allocate_kasan_l2() close to the place where it is
actually used.
- Simplify pmap_bootstrap_allocate_kasan_l2() a bit: eliminate some
unneeded variables and zero and exclude each 2MB mapping as we go
rather than doing that all at once. Excluded regions will be
coalesced.
- As a consequence of the previous point, ensure that we do not zero a
preexisting 2MB mapping.
- Simplify pmap_bootstrap_san() and prepare it to work with KMSAN.
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D43404