Bug Fixes:
* Initialize statistics before the interface is available
* Fix driver unload crash
Minor Changes:
* Mechanically convert ena(4) to DrvAPI
* Remove usage of IFF_KNOWSEPOCH
MFC after: 2 weeks
Sponsored by: Amazon, Inc.
When ena_detach is called, we first call ether_ifdetach(),
which destroys internal addresses of ifp. One such address
is ifp->if_addr->ifa_addr. Then during ena_destroy_device(),
if_link_state_change() is called, eventually trying to access
ifp->if_addr->ifa_addr->sa_family. This causes an access
to garbage memory and crashes the kernel.
Ticket [1] was opened to the FreeBSD community to add null
check in the code of if_link_state_change().
A fix was submitted in commit [2], however it was noted
that it is our driver's responsibilty to not call
if_link_state_change() after calling ether_ifdetach().
This commit makes sure if_link_state_change() is not called
after ether_ifdetach().
[1]: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270813
[2]: https://reviews.freebsd.org/D39614
Fixes: 32f63fa7f9 ("Split ENA reset routine into restore and destroy stages")
MFC after: 2 weeks
Sponsored by: Amazon, Inc.
In [1], the FBSD community exposed a bug in the fbsd/ena driver.
Bug description:
----------------
Current function call order is as follows:
1. ena_attach()
1.1. ena_setup_ifnet()
1.1.1. Registration of ena_get_counter()
1.1.2. ether_ifattach(ifp, adapter->mac_addr);
1.2. Statistics allocation and initialization.
At point 1.1.2, when ether_ifattach() returns, the interface is available,
and stats can be read before they are allocated, leading to kernel panic.
Also fixed a potential memory leak by freeing the stats since they were
not freed in case the following calls failed.
Fix:
----
This commit moves the statistics allocation and initialization to happen
before ena_setup_ifnet()
[1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268934
Fixes: 9b8d05b8ac ("Add support for Amazon Elastic Network Adapter (ENA) NIC")
Fixes: 30217e2dff ("Rework counting of hardware statistics in ENA driver")
MFC after: 2 weeks
Sponsored by: Amazon, Inc.
When we are sending terminating signal to the group, killpg() needs to
guarantee that all group members are to be terminated (it does not need
to ensure that they are terminated on return from killpg()). The
pg_killsx change eliminates the largest window there, but still, if a
multithreaded process is signalled, the following could happen:
- thread 1 is selected for the signal delivery and gets descheduled
- thread 2 waits for pg_killsx lock, obtains it and forks
- thread 1 continue executing and terminates the process
This scenario allows the child to escape still.
To fix it, count the number of signals sent to the process with
killpg(2), in p_killpg_cnt variable, which is incremented in killpg()
and decremented after signal handler frame is created or in exit1()
after single-threading. This way we avoid forking if the termination is
due.
Noted and reviewed by: markj (previous version)
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D40493
If the process group member performs fork(), the child could escape
signalling from killpg(). Prevent it by introducing an sx process group
lock pg_killsx which is taken interruptibly shared around fork. If there
is a pending signal, do the trip through userspace with ERESTART to
handle signal ASTs. The lock is taken exclusively during killpg().
The lock is also locked exclusive when the process changes group
membership, to avoid escaping a signal by this means, by ensuring that
the process group is stable during fork.
Note that the new lock is before proctree lock, so in some situations we
could only do trylocking to obtain it.
This relatively simple approach cannot work for REAP_KILL, because
process potentially belongs to more than one reaper tree by having
sub-reapers.
Reported by: dchagin
Tested by: dchagin, pho
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D40493
Use long instead of int for numerous calculations, fixing a number of
date calculation overflow issues.
Obtained from: DragonflyBSD
Git log: 4238ce6f0c6df33ce677ae298b245c62cd60fb43 (only partial)
Most architectures we support (except for riscv64) have instructions
to compute these functions very quickly. Replace old code with the
ffs and clz builtin functions, allowing clang to generate good code
for all architectures.
As a consequence, toss out arm and i386 ffs() implementations.
Sponsored by: FreeBSD Foundation
Approved by: mhorne
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D40730
Also supply CFLAGS+=-fno-builtin to ensure our unit tests
actually test libc functions and not clang's builtins.
Sponsored by: FreeBSD Foundation
Approved by: kevans
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D40729
Build a setup where a given packet will be passed through the codel code
twice. This used to trigger issues with double-free on mtags.
Sponsored by: Rubicon Communications, LLC ("Netgate")
If we're called on an mbuf that's passed through codel before it may
already contain the MTAG_CODEL tag. The code accounts for this and does
not allocate a new mtag. However, it inserts the mtag unconditionally.
That is, it inserts the existing mtag a second time.
When the mbuf later gets freed we iterate over the list of mtags to fee
them one by one, and we'll end up freeing an mtag that's already been
freed.
Only insert the mtag if we've allocated a new one. If we found one
there's no need to insert it again.
See also: https://redmine.pfsense.org/issues/14497
Sponsored by: Rubicon Communications, LLC ("Netgate")
When libc switched to generation of logs as per RFC 5424,
that change broke application ability to insert specific process id
using ident[N] format, the feature existed for decades.
Some processes rely on it (including logger and syslogd).
Later the regression was fixed but the feature remained undocumented.
This change documents it.
MFC after: 1 week
Improve consistency of the field names with tcpsinfo_t:
* Use mss instead of max_seg_size.
* Use lport and rport instead of tcp_localport and tcp_foreignport.
Use t_flags instead of flags to improve consistency with t_flags2.
Add laddr and raddr, since the addresses were missing when compared
to the output of siftr.
Reviewed by: cc
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D40834
We have somewhat twisted logic to determine actions for dumpdev
considering three sources of information:
* kenv "dumpdev" tunnable supposed to point to specific device;
* /etc/defaults/rc.conf "dumpdev" variable;
* /etc/rc.conf that may be unset or set to "NO", "AUTO" or device name.
For CURRENT without any setting in kenv or /etc/rc.conf
the default is "AUTO". For STABLE branches the default is "NO".
Current implementation breaks for STABLE branches if kenv points
to specific device but /etc/rc.conf does not set "dumpdev" at all.
Let us fix it commenting out "dumpdev" in /etc/defaults/rc.conf
for STABLE branches and making the code to consult kenv
if "dumpdev" is not set elsewhere.
MFC-after: 1 month
Per https://reviews.llvm.org/D68115, only the first field is
zero-initialized, meanwhile other fields are undef.
The pattern can be observed on clang as well, that when
-ftrivial-auto-var-init=pattern is specified 0xaa is filled for
non-active fields, otherwise they are zero-initialized.
Technically both are acceptable when using clang. However it
would be good to simply bzero the modspecific_t in such case to
be strict to the standard.
MFC with: 2cab2d43b8
MFC after: 1 day
Sponsored by: Juniper Networks, Inc.
Reviewed by: delphij
Differential Revision: https://reviews.freebsd.org/D40830
The sign of the remainder matches the sign of the numerator in C.
Reported by: jrtc27
Reviewed by: jrtc27
Differential Revision: https://reviews.freebsd.org/D40832
ld.bfd requires an R_386_PLT32 relocation for calls to ifuncs
rather than R_386_PC32. (lld permits R_386_PC32.)
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D40811
GCC 12 uses these in several places when building the i386 kernel.
They are very similar to [u]divdiv3 except that they return both
the quotient and the remainder.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D40817
This matches the default used in userland, and the kernel already
depends on various GNU extensions to standard C that are supported by
both clang and GCC.
This should be a no-op for clang, but for GCC it enables some GNU
extensions that aren't otherwise enabled. It also enables GCC for
i386 to avoid the need for a floatundidf intrinsic in libkern.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D40646
Zero-initialize the whole modspecific_t so that there would
not be kernel stack content leak in the unused part.
Sponsored by: Juniper Networks, Inc.
MFC after: 1 days
Differential Revision: https://reviews.freebsd.org/D40815
- Increase verbosity to direct i/o code path (iores != 0)
- Fix pin inversion configuration
- Allow forcing the use of indirect access channel via hint.gpio.0.flags=2
- Document the PREFER_INDIRECT_CHANNEL tunable in nctgpio(4)
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/719
When a storage device reports that it does not support cache flush, the
GEOM disk layer by default returns ENOTSUPP in response to a BIO_FLUSH
command.
On AWS, local volumes do not advertise themselves as having write-cache
enabled. When they are selected for L3 on all HDD nodes, the L3
subsystem may inadvertently kick these L3 devices if a BIO_FLUSH command
fails with an ENOTSUPP return code. The fix is to make GEOM disk return
success (0) when this condition occurs and add a sysctl to make this
error handling config-driven
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/710
Add some extra files for building the driver as part of the kernel.
Change some #defines to match those used when building as a module.
PR: 268354
Signed-off-by: Mark O'Donovan <shiftee@posteo.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/779
I do not know why this is here but it blocks compilation.
Removing it makes the builtin option the same as the module build
Signed-off-by: Mark O'Donovan <shiftee@posteo.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/779
internal_ram_wr() only takes 3 args when ECORE_CONFIG_DIRECT_HWFN
is defined
Signed-off-by: Mark O'Donovan <shiftee@posteo.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/779
SRIOV is being enabled in ecore.h but by then
the qlnx_os.h header has been processed and not
included the relevant headers
Signed-off-by: Mark O'Donovan <shiftee@posteo.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/779
Notable upstream pull request merges:
#14654 Pack our DDT ZAPs a bit denser
#14979 Again fix race between zil_commit() and zil_suspend()
#14985 Some ZIO micro-optimizations
#15000 Fix remount when setting multiple properties
#15004 ddt_addref: remove unnecessary phys fill when refcount is 0
#15007 Do not report bytes skipped by scan as issued
#15023 Enable tuning of ZVOL open timeout value
Obtained from: OpenZFS
OpenZFS commit: 009d3288de
OpenZFS tag: zfs-2.2.0-rc1
Normally, modern unwinders uses Dwarf information to unwind stack,
however in case when the code is not annotated by Dwarf instructions,
unwinders fallbacks to a frame-pointer based algorithm.
That is allows libunwind to unwind stack from global constructors and
destructors. Also it makes gdb happy as it printed nonexistent frame
before.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D40795
The right unwinding stop indicator should be CFI-undefined PC.
https://dwarfstd.org/doc/Dwarf3.pdf - page 118:
If a Return Address register is defined in the virtual unwind table,
and its rule is undefined (for example, by DW_CFA_undefined), then
there is no return address and no call address, and the virtual
unwind of stack activations is complete.
That is allows gdb and libunwind successfully stop when unwinding stack
from global constructors and destructors.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D40794