Merge FreeBSD 2024-08-02 #2247
Merged
Merge FreeBSD 2024-08-02 #2247
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Remove the NO_SWAPPING option. There is still some code in vm_swapout.c, but it relates to RACCT handling. Remove the option and make compilation of vm_swapout.c conditional on RACCT. Tested by: pho Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D46130
This is meant to cover the corresponding changes to various proc/thread flags and sleepqueue/scheduler KPIs.
The `--ignore-all-space` option was incorrectly documented as `--ignore-all-blanks` in some (but not all) places. MFC after: 3 days PR: 280434 Sponsored by: Klara, Inc. Reviewed by: 0mp, markj Differential Revision: https://reviews.freebsd.org/D46160
The `--ignore-all-space` option was incorrectly documented as `--ignore-all-spaces`. MFC after: 3 days Sponsored by: Klara, Inc. Reviewed by: 0mp, markj Differential Revision: https://reviews.freebsd.org/D46161
The legacy Stone algorithm uses `int` to represent line numbers, array indices, and array lengths. If given inputs approaching `INT_MAX` lines, it would overflow and attempt to allocate ridiculously large amounts of memory. To avoid this without penalizing non-pathological inputs, switch a few variables to `size_t` and add checks while and immediately after reading both inputs. MFC after: 3 days PR: 280371 Sponsored by: Klara, Inc. Reviewed by: allanjude Differential Revision: https://reviews.freebsd.org/D46169
Fixes: 964b8f8 MFC after: 3 days Sponsored by: Klara, Inc. Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D46174
Reported by: yuripv Fixes: 801c452 ("man9: Really complete the removal of MD5.9")
As discussed on the freebsd-arch mailing list[1]. For historical reasons FreeBSD's buildworld and buildkernel targets started by cleaning the object tree, for traditional (non-metamode) builds. Cleaning is not necessary when dependencies are properly tracked, and we have a somewhat kludgey script[2] to handle some known cases where deps were mishandled by traditional builds. Be consistent with the vast majority of open source build systems by default, and do not clean at the beginning of buildworld or buildkernel. Users may set WITH_CLEAN in src.conf(5) to restore the previous behaviour, or run `make cleanworld` and/or `make cleankernel` before starting a build. [1] https://lists.freebsd.org/archives/freebsd-arch/2024-July/000727.html [2] tools/build/depend-cleanup.sh Reviewed by: jhb, imp Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D46172
libpfctl doesn't set errno, instead it returns error codes. Take that into
account when handling errors so that we report the actual error.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Include
the ICMP type in one port of the state key, using the type to determine which
side should be the id, and which should be the type.
Also:
- Handle ICMP6 messages which are typically sent to multicast addresses but
recieve unicast replies, by doing fallthrough lookups against the correct
multicast address.
- Clear up some mistaken assumptions in the PF code:
- Not all ICMP packets have an icmp_id, so simulate one based on other
data if we can, otherwise set it to 0.
- Don't modify the icmp id field in NAT unless it's echo
- Use the full range of possible id's when NATing icmp6 echoy
ok henning marco
testing matthieu todd
MFC after: 1 day
Obtained From: OpenBSD, mcbride <mcbride@openbsd.org> 70bf7555ef4c
Sponsored by: Rubicon Communications, LLC ("Netgate")
ok henning markus
MFC after: 1 day
Obtained From: OpenBSD, mcbride <mcbride@openbsd.org> 8c0632cd274b
Sponsored by: Rubicon Communications, LLC ("Netgate")
In pf_icmp_mapping() the ICMP and ICMPv6 types shared the same
number space. In fact they are independent and must be handled
separately. Fix traceroute via pf by splitting pf_icmp_mapping()
into IPv4 and IPv6 sections.
ok henning@ mcbride@; tested mcbride@; sure deraadt@
MFC after: 1 day
Obtained From: OpenBSD, bluhm <bluhm@openbsd.org> ef4bccd7509e
Sponsored by: Rubicon Communications, LLC ("Netgate")
Change PF behavior to allow MLD Listener Report packets to be sent
without needing a previously created state by MLD Listener Query. It
wasn't working because: (1) you might not have a previous MLD Listener
Query and (2) the addresses of the Query and Report don't match.
ok mikeb@, sashan@
MFC after: 1 day
Obtained From: OpenBSD, rzalamena <rzalamena@openbsd.org>, 5c526dbdb0f2
Sponsored by: Rubicon Communications, LLC ("Netgate")
When creating a state for ICMP (v4 or v6) packets we only used the ID, which
means that we could confuse different ICMP types. For example, if we allowed
neighbour discovery but not ICMPv6 echo requests an ND packet could create a
state that the echo request would match.
Test that this is now fixed.
Reported by: Enrico Bassetti <e.bassetti@tudelft.nl>
MFC after: 1 day
Sponsored by: Rubicon Communications, LLC ("Netgate")
vm_pageout_cluster prepares an array for passing to vm_pageout_flush by starting in the middle of a double-sized array and working out from the middle. Using the same technique in vm_object_page_collect_flush saves one loop that traverses a piece of linked list, and 80 bytes of amd64 binary code. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D46173
> These tests increase the build time (albeit by a small amount), so > they should be removed once enough time has passed and it is extremely > unlikely anyone would try a NO_CLEAN build against an object tree from > before the related change. The comment suggests a year is a reasonable period but we'll be somewhat more conservative for now, in part so that we retain different examples of special cases. Reviewed by: brooks, imp Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D46178
An overread condition in memccpy(dst, src, c, len) would occur if
src does not cross a 16 byte boundary and there is no instance of
c between *src and the next 16 byte boundary. This could cause a
read fault if src is just before the end of a page and the next page
is unmapped or unreadable.
The bug is a consequence of basing memccpy() on the strlcpy() code:
whereas strlcpy() assumes that src is a nul-terminated string and
hence a terminator is always present, c may not be present at all in
the source string. It was not caught earlier due to insufficient
unit test design.
As a part of the fix, the function is refactored such that the runt
case (buffer length from last alignment boundary between 1 and 32 B)
is handled separately. This reduces the number of conditional
branches on all code paths and simplifies the handling of early
matches in the non-runt case. Performance is improved slightly.
os: FreeBSD
arch: amd64
cpu: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz
│ memccpy.unfixed.out │ memccpy.fixed.out │
│ sec/op │ sec/op vs base │
Short 66.76µ ± 0% 62.45µ ± 1% -6.44% (p=0.000 n=20)
Mid 7.938µ ± 0% 7.967µ ± 0% +0.36% (p=0.001 n=20)
Long 3.577µ ± 0% 3.577µ ± 0% ~ (p=0.429 n=20)
geomean 12.38µ 12.12µ -2.08%
│ memccpy.unfixed.out │ memccpy.fixed.out │
│ B/s │ B/s vs base │
Short 1.744Gi ± 0% 1.864Gi ± 1% +6.89% (p=0.000 n=20)
Mid 14.67Gi ± 0% 14.61Gi ± 0% -0.36% (p=0.001 n=20)
Long 32.55Gi ± 0% 32.55Gi ± 0% ~ (p=0.429 n=20)
geomean 9.407Gi 9.606Gi +2.12%
Reported by: getz
Reviewed by: getz
Approved by: mjg (blanket, via IRC)
See also: D46051
MFC: stable/14
Event: GSoC 2024
Differential Revision: https://reviews.freebsd.org/D46052
Also add meta2deps.{py,sh} to FILES so they get installed/staged
Reviewed by: stevek
+ real-time and rtc added to search keywords - local dropped from search keywords + ntpd added to see also + use machine independent language Reported by: emaste (MI language) MFC after: 3 days Reviewed by: imp Pull Request: freebsd/freebsd-src#1326
The man page states that the -d flag can be used to show the dropped packets. But, the number of dropped input packets are always shown, independent of the -d flag. This commit clarifies that the -d flag will add the number of dropped output packets to the output. MFC after: 3 days Reviewed by: imp, Alexander Ziaee Pull Request: freebsd/freebsd-src#1332
If test is called as [ and one forgets to close the bracket, the error message is currently [: missing ] To make it obvious that this is not something printed in brackets, quote the closing bracket in the message, which is what everybody else is doing: [: missing ']' Reviewed by: imp Pull Request: freebsd/freebsd-src#1346
Reviewed by: imp Pull Request: freebsd/freebsd-src#1349
Reviewed by: imp, emaste Pull Request: freebsd/freebsd-src#1351
Reviewed by: imp, emaste Pull Request: freebsd/freebsd-src#1351
Clarify in which formats the memberlist for groupadd/groupmod can be accepted for '-M', '-m', or '-d' flag. Related commit: 40ab104. Reviewed by: imp Pull Request: freebsd/freebsd-src#1352
GCC 14 (but not earlier versions) warns about a missing prototype for getrandom(). Include <sys/random.h> explicitly to bring in the prototype rather than depending on a nested include. While here, stop defining sysctl_random() since it is no longer used. Reviewed by: brooks Fixes: 838b6ca openssl: use getrandom(2) instead of probing for getentropy(2) Differential Revision: https://reviews.freebsd.org/D45995
Currently the assert checks for XOR of final and len. This assert fails when running the unit tests in siphash_test.c. We need to allow the case where both values are zero. Signed-off-by: Mark O'Donovan <shiftee@posteo.net> Reviewed by: imp, cperciva Pull Request: freebsd/freebsd-src#1324
Reported by: Mark Millard <marklmi@yahoo.com>
Reported by: Mark Millard <marklmi@yahoo.com> Fixes: 4339f1e share/examples/IPv6/USAGE: remove
An earlier set of mixer(8) tests were removed leading to this entry, but now the entry is removing the new tests. Fixes: 94a86f3 mixer(8): Add tests
This fixes a clang 19 warning:
usr.sbin/keyserv/crypt_server.c:237:53: error: comparison of different enumeration types ('des_mode' (aka 'enum des_mode') and 'enum desmode') [-Werror,-Wenum-compare]
237 | if (_my_crypt != &_arcfour_crypt && argp->des_mode == CBC) {
| ~~~~~~~~~~~~~~ ^ ~~~
The type of `argp->des_mode` (aka `desargs::des_mode`) is `enum
des_mode` from `/usr/include/rpcsvc/crypt.h`, not `enum desmode` from
`/usr/include/rpc/des.h` (which is used in `struct desparams`).
Luckily the integer values of `enum desmode`'s `CBC` and `ECB` are
identical to those of `enum des_mode`'s `CBC_DES` and `ECB_DES`, so
replace both values.
MFC after: 3 days
In commit 8e53cd7 the intent was to add sys/dts/include to the compiler include path, but this was spelled incorrectly, leading to an error with clang 19: cc: error: no such include directory: '$/dts/include' [-Werror,-Wmissing-include-dirs] Use the spelling -I$S/dts/include instead. MFC after: 3 days
This fixes a clang 19 warning:
sys/dev/iavf/iavf_lib.c:514:39: error: comparison of different enumeration types ('enum virtchnl_vsi_type' and 'enum iavf_vsi_type') [-Werror,-Wenum-compare]
514 | if (sc->vf_res->vsi_res[i].vsi_type == IAVF_VSI_SRIOV)
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~
The `vsi_type` field of `struct virtchnl_vsi_resource` is of type `enum
virtchnl_vsi_type`, not `enum iavf_vsi_type`. In this case, we can
seamlessly replace the value with `VIRTCHNL_VSI_SRIOV`, which is
numerically equal to `IAVF_VSI_SRIOV`.
MFC after: 3 days
This fixes a clang 19 warning:
sys/dev/isci/scil/scif_sas_smp_remote_device.c:197:26: error: comparison of different enumeration types ('SCI_IO_STATUS' (aka 'enum _SCI_IO_STATUS') and 'enum _SCI_STATUS') [-Werror,-Wenum-compare]
197 | if (completion_status == SCI_FAILURE_RETRY_REQUIRED)
| ~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
The `completion_status` variable is of type `SCI_IO_STATUS`, not
`SCI_STATUS`. In this case, we can seamlessly replace the value with
`SCI_IO_FAILURE_RETRY_REQUIRED`, which is numerically equal to
`SCI_FAILURE_RETRY_REQUIRED`.
MFC after: 3 days
This fixes a number of clang 19 warnings:
sys/dev/qat/qat_api/common/compression/dc_session.c:154:15: error: comparison of different enumeration types ('enum _CpaBoolean' and 'icp_qat_hw_compression_delayed_match_t') [-Werror,-Wenum-compare]
154 | if (CPA_TRUE == pService->comp_device_data.enableDmm) {
| ~~~~~~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sys/dev/qat/qat_api/common/compression/dc_session.c:285:17: error: comparison of different enumeration types ('enum _CpaBoolean' and 'icp_qat_hw_compression_delayed_match_t') [-Werror,-Wenum-compare]
285 | (CPA_TRUE == pService->comp_device_data.enableDmm) ?
| ~~~~~~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The `enableDmm` field of variable `comp_device_data` is of type
`icp_qat_hw_compression_delayed_match_t`, not `CpaBoolean`. In this
case, we can seamlessly replace the value with
`ICP_QAT_HW_COMPRESSION_DELAYED_MATCH_ENABLED`, which is numerically
equal to `CPA_TRUE`.
MFC after: 3 days
Per https://sourceware.org/gdb/current/onlinedocs/gdb.html/Overview.html#Binary-Data certain bytes must be escaped. The XML register definitions we have so far do not run afoul of that rule, but the stub should handle them anyway. Reviewed by: jhb MFC after: 2 weeks Sponsored by: Innovate UK Differential Revision: https://reviews.freebsd.org/D46194
As on amd64, APs will repeatedly exit until they are brought online, so this hack helps avoid burning CPU time during guest bootup. Reviewed by: jhb MFC after: 2 weeks Sponsored by: Innovate UK Differential Revision: https://reviews.freebsd.org/D46195
- In vmexit_smccc(), copy an assertion from amd64. - In fbsdrun_addcpu(), make sure that our vm_suspend_cpu() call is succesful. Reviewed by: jhb MFC after: 2 weeks Sponsored by: Innovate UK Differential Revision: https://reviews.freebsd.org/D46197
Move a copy of amd64's debug code into debug.ldscript. Make all the kernels use this. This has the effect of modernizing the STABS for powerpc as the others were almost already in sync. For the ones that weren't this adds the DWARF 3 debug symbols from i386/amd64. Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D44071
Add new symbols defined in dwarf 4 and dwarf 5. Submitted by: Matt Macy (in D17982, done differently) Sponsored by: Netflix Reviewed by: kib, markj, emaste Differential Revision: https://reviews.freebsd.org/D44072
A new instance of using ld with -T to bring in the kernel ld script
crept into the tree after I originally did the refactoring. It too needs
-L ${SYSDIR}/conf added.
Fixes: 37d6d68
Sponsored by: Netflix
Change 2d39824 switched net.add_addr_allfibs default to 0. The warning message is for potential users of the feature. Well since all supported releases have 0 as default, those potential users may have already gotten the notification, emitting this WARNING every time increasing the fib number is less useful but rather confusing to other users. So let's suppress it right now. PR: 280097 Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D45971
…olding In the zfree() case, the explicit_bzero() calls zero all the allocation, including the redzone which malloc() has marked as invalid. So calling kasan_mark() before those is in fact necessary. This fixes a crash at boot when 'ldconfig' is run and tries to get random bytes through getrandom() (relevant part of the stack is read_random_uio() -> zfree() -> explicit_bzero()) for kernels with KASAN compiled in. Approved by: markj (mentor) Fixes: 4fab5f0 ("kern_malloc: fold free and zfree together into one __always_inline func") MFC after: 10 days MFC with: 4fab5f0 Sponsored by: The FreeBSD Foundation
The definitions in _stdint.h has some complications around visibility that _limits.h does not have. Switch to __SIZE_T_MAX to avoid those. This fixes the devel/gperf, devel/glib20 and math/mpfr builds with _FORTIFY_SOURCE enabled to unlock a large fraction of the ports tree to build. Reported by: Shawn Webb (HardenedBSD) Sponsored by: Klara, Inc. Sponsored by: Stormshield
The largest loader that works for PXE boot is about 500k. PXE needs low memory for packets and other driver state, so the largest safe size for the loader is about 500k. Reduce the size from 560k to 500k so we don't accidentally break PXE in the future. Add a comment for people with special needs. If you control the hardware, it can be safe to have boot loaders as large as 580k or 600k in some cases. Since the BIOS loader is becoming more and more of a legacy item, the build variable LOADERSIZE isn't documented. This change doesn't change that: there's been little demand for this documentation and in general, users shouldn't change it lightly. PR: 257018 Sponsored by: Netflix
Add missing flags to veriexec(8) as well as some examples to help explain usage. Also add veriexec.4 Sponsored by: Juniper Networks, Inc. Reviewed by: imp Differential Revision: https://reviews.freebsd.org/D46207
The array passed to vm_pageout_flush, and constructed in a middle-out fashion, can never use array element zero. Shrink the array by one, and reduce indices by one, to save that bit of stack space. In the vm_object version, make the accounting look more like the pageout version. Reported by: alc Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D46208
Xen PVH entry point requires to modify the environment provided by the boot loader, so that the ACPI RSDP is re-written to use the Xen generated RSDP instead of the native one. The current logic in the PVH entry point reserves a single page (4K) in order to copy the contents of the environment passed from the boot loader, so that the bootloader provided "acpi.rsdp" is dropped and a Xen specific one is added afterwards. This however doesn't scale well, as it's possible for the environment to be bigger than 4K. Bumping the buffer, or attempting to peek at the size of the metadata all seem to just add more complexity to a sensitive path. Instead introduce a new ACPI hook that allows setting the RSDP address directly, and use it from the PVH entry point to set the position of the Xen generated RSDP. This allows to reduce the logic in the PVH metadata processing, as there's no need to parse and filter the bootloader provided environment. Note that modifying the environment blob in-place is likely to not work. The RSDP address is provided as a string, it's possible the new RSDP location is higher than the current one, and the string with the new location would overrun the space used by the previous one. Sponsored by: Cloud Software Group PR: 277200 MFC: 3 days Reviewed by: markj kib Differential revision: https://reviews.freebsd.org/D46089
sndstat(4) falsely reports "hardware" as the starting point of recording, and ending point of playback VCHANs. Recording VCHANs get their input from the primary recording channel, and playback VCHANs send their input to the primary playback channel. Sponsored by: The FreeBSD Foundation MFC after: 2 days Reviewed by: dev_submerge.ch, markj Differential Revision: https://reviews.freebsd.org/D46177
These syscall muxes are under COMPAT7 or earlier and AFACT they were only ever used in libc. The which arguments seems to have never had a published API and it was a mistake that they were exported or declared. Reviewed by: kib, jhb Differential Revision: https://reviews.freebsd.org/D46209
netmap's generic mode tries to improve performance by minimizing mbuf allocations. In service of this goal, it maintains an extra reference to the mbuf and polls the counter to see if the driver has released its reference by calling m_freem(). As a result, the extref destructor is not called when expected by the netfront driver, and mbufs tags are not freed. Modify the tx path to release its mbuf tags promptly when reclaiming tx descriptors. They are drawn from a fixed-size pool, so otherwise are quickly exhausted when a netfront interface is in netmap generic mode. Co-authored by: royger MFC after: 2 weeks Fixes: dabb3db ("xen/netfront: deal with mbuf data crossing a page boundary") Sponsored by: Cloud Software Group Sponsored by: Klara, Inc. Sponsored by: Zenarmor
Attempting to reduce vm_pageout_page_count at startup when the machine has less than 8MB of physical memory is pointless, since we haven't run on machines with so little memory in ages. Reviewed by: kib, markj Differential Revision: https://reviews.freebsd.org/D46206
Except for elements whose value is zero, the elements of pagesizes[] are always sorted in increasing order, so once a loop starting from the end of the array has found a non-zero element, it has found the largest valued element and can stop iterating. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D46215
Reword slightly to cleanup awkward constructs. Sponsored by: Netflix
Some implementations of Xen don't expose the XENMEM_memory_map hypercall. Shallow the error from XENMEM_memory_map in xen_arch_init_physmem() and just return 0. This will fallback to using the non-arch specific mechanism for allocating scratch space. Reported by: cperciva Reviewed by: Elliott Mitchell Fixes: 69c4748 ('x86/xen: use UNUSABLE e820 regions for external mappings') Sponsored by: Cloud Software Group Differential revision: https://reviews.freebsd.org/D46205
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR for CI