Currently these sections are not used but defined only for amd64 and
i386. Added them for all other platforms to keep all platforms in sync.
There should be no functional change.
This change is extracted from a bigger patch [1] of hselasky, with
additional fix for the order of .fini_array section.
1. https://reviews.freebsd.org/D40467
Obtained from: hselasky
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45214
These input sections can have decimal numbers as the priority suffix.
Clang emits the '%u' form, while SORT is an alias for SORT_BY_NAME,
hence will result in wrong order of constructors / destructors in
output sections. Fix by using the correct sorting command
SORT_BY_INIT_PRIORITY instead [1].
The functions referenced by section .fini_array is in the normal order,
but been executed in the reverse order. The order is same with
.init_array section.
Currently these sections are not used, there should be no functional
change.
Note: As for the .ctors and .dtors sections, both Clang and GCC emit
the priority suffix in the form of '%05u', so there is no semantic
difference between SORT_BY_NAME and SORT_BY_INIT_PRIORITY for those
sections [2].
This fix is extracted from a bigger patch [3] of hselasky, with
additional fix for .fini_array section.
1. https://sourceware.org/binutils/docs/ld/Input-Section-Wildcards.html
2. https://reviews.llvm.org/D91187
3. https://reviews.freebsd.org/D40467
Reviewed by: imp (previous version)
Obtained from: hselasky
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45194
If pf_icmp_state_lookup() finds a state but rejects it for not matching the
expected direction we should unlock the state (and NULL out *state). This
simplifies life for callers, and also ensures there's no confusion about what a
non-NULL returned state means.
Previously it could have been left in there by the caller, resulting in callers
unlocking the same state twice.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Sloppy state tracking renders ICMP direction check useless
and harmful as we might see only half of the connection in
the asymmetric setups but ignore the state match. The bug
was reported and fix was verified by Insan Praja <insan ()
ims-solusi ! com>. Thanks! OK mcbride, henning
MFC after: 1 week
Obtained from: OpenBSD, mikeb <mikeb@openbsd.org>, 538596657140
Sponsored by: Rubicon Communications, LLC ("Netgate")
Following bluhm's advice this changes the way we setup state keys and
perform state lookups for ICMPv6 Neighbor Discovery packets:
- replace the NS-dst with ND target address;
- replace the NA-src with ND target address;
- replace the NA-dst with unspecified address if it is a multicast.
This allows pf to match Address Resolution, Neighbor Unreachability
Detection and Duplicate Address Detection packets to the corresponding
states without the need to create new ones or match unrelated ones.
As a side effect we're doing now one state table lookup for ND packets
instead of two.
Fixes a bug uncovered by one of the previous commits that virtually
breaks IPv6 connectivity after few minutes of use.
ok stsp henning, with and ok bluhm
PR: 280701
MFC after: 1 week
Obtained from: OpenBSD, mikeb <mikeb@openbsd.org>, 2633ae8c4c8a
Sponsored by: Rubicon Communications, LLC ("Netgate")
If *rulesp was initially unset, we'll allocate a new buffer and pass it
to sysctl_handle_string(), which copies the existing string out and then
copies in the new string. We need to make sure the buffer containing
the existing rules is initialized, otherwise we leak kernel memory to
userspace.
Fix some nearby style nits while here.
Reported by: KMSAN
Reviewed by: igoro, kp
Fixes: 8aaffd78c0 ("Add dummymbuf module for testing purposes")
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D46493
The conditions used to test whether a pullup is needed were inverted.
While here:
- Fix a bogus assignment to "iplen": it's already initialized to *offp.
- Use in_cksum_skip() instead of manually adjusting the data pointer.
Otherwise the mbuf is temporarily in an invalid state, since m_len
isn't updated to match.
Reported by: KMSAN
Reviewed by: kp
Sponsored by: Klara, Inc.
Fixes: 3711515467 ("carp: support VRRPv3")
Differential Revision: https://reviews.freebsd.org/D46492
This avoids creating windows where a device file is accessible but the
device-specific field is not set.
Now that vmmdev_mtx is a sleepable lock, avoid dropping it while
creating devices files. This makes it easier to handle races and
simplifies some code; for example, the VSC_LINKED flag is no longer
needed.
Suggested by: jhb
Reviewed by: imp, jhb
Differential Revision: https://reviews.freebsd.org/D46488
This will make it easier to atomically create the device file and set
its si_drv1 member.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D46487
Rather than performing privilege checks after a specific VM's device
file is opened, do it once at the time the device file is opened. This
means that one can continue to access a VM via its device fd after
attaching to a jail which does not have vmm enabled, but this seems like
a reasonable semantic to have anyway.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D46486
vmm.h is required for VM_MAX_SUFFIXLEN. vmm_snapshot.h is required for
struct vm_snapshot_meta.
This is a prerequisite for including vmm_dev.h in the headers parsed by
libsysdecode.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D46485
The maximum VM name length has changed since the arm64 vmm code was
forked. For now, just sync with the amd64 definitions, since they
permit longer VM names. As arm64/vmm is implemented only in main, I
won't bother dealing with backward compat.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D46484
Add IDs for Realtek, Atheros (QCA), and Mediatek.
While I am not sure we'll ever support the ath10k and possibly mt76
SDIO devices, rtw88 ones can be found with SoCs (e.g. r2s-plus) and
are actively being worked on.
Update Broadcom/Cypress entries.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46460
Some of the defined names are not the direct 1:1 mapping with vendor
and device names used by Linux device drivers.
Introduce a p(roduct)alias so we can map the one device entry I came
across without much extra hassle and generate a name device drivers
know about:
palias BROADCOM_CYPRESS_43439 CYPRESS_43439
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46455
Add a version of no_printk(), which seems to be there to have format
string checking while never calling the printk. It seems a very weird
thing and it needs a return code and for some reason my initial
while (0) { } version hadn't worked while porting over new code but
could have been further downstream format string problems.
if (0) seems to do the job though I would have expected that to more
likely simply get optimised out without any futher format checking.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46463
Add an implementation of eth_hdr() needed by a wireless driver.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46462
Used by an updated wireless driver.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46461
Add a get_random_u8() implementation following the u36 and u64 versions.
We'll likely want to macro-ify them in the future and add all the types
which makes sense just to be done.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46464
TPM is defined as an entropy and is called every 10 seconds. However it
was not registered and calls were discarded.
Signed-off-by: Jean-François Hren <jean-francois.hren@stormshield.eu>
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/1398
Use the pmap_l1_pindex() macro which accounts for the NUL2E offset.
While here, use pmap_l2_pindex() macro further down (no change).
Prompted by pull request and commit 2e33abc354, making the change for
the riscv pmap.
Add support for specifying how to report the missing Branch Target
Identification (BTI) linker feature on AArch64.
For:
Kernel: bti-report on when the linker supports it
Userspace: bti-report on when the linker supports it and
BTI_REPORT_ERROR is defined
Fixes: 43e8849bc2 ("conf: Enable BTI checking in the arm64 kernel")
Pull Request: https://github.com/freebsd/freebsd-src/pull/1393
Stop allocating new resources when the RNIC is stopped but continue to
allow previously allocated resources to be freed. Note that t4_tom's
uld_stop tears down all TOE connections, including those being used for
iWARP, and that triggers the cleanup of iWARP resources.
Fail post_send/post_recv early too to avoid the SQ doorbell.
MFC after: 1 week
Sponsored by: Chelsio Communications
This change can cause a deadlock in some cases, since it's possible for
VNET teardown to happen in the context of taskqueue_thread, and
ipsec_accel_sync() drains taskqueue_thread's work queue.
This reverts commit e196b12f4d.
The ipsec_offload code in some cases releases object references in an
asynchronous context where it needs to set the current VNET. Make sure
that all such work completes before the VNET is actually destroyed,
otherwise a use-after-free is possible.
Reported by: KASAN
Reviewed by: kib
Fixes: ef2a572bf6 ("ipsec_offload: kernel infrastructure")
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D46483
Those variables are not going to be changed at runtime. Make them const
to avoid potential overwriting. This will also help spotting accidental
global variables shadowing, since the variable's name such as `version`
is short and commonly used.
This change was inspired by reviewing khng's work D44760.
No functional change intended.
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D45227
Do not report an error, if it is stored as a soft error. This avoids,
for example, the dropping of TCP connections using an interface,
while enabling or disabling LRO on that interface.
Reviewed by: cc
MFC after: 1 week
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D46427
This should reduce the frequency of smr_synchronize() calls, that
otherwise occur on almost each rangelock unlock.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D46482
If the V_connect_ifaddr_wild sysctl says that we shouldn't infer a
destination address, return an error. Otherwise it's possible for use
of an unspecified foreign address to trigger a subsequent assertion
failure, for example in in_pcblookup_hash_locked().
Similarly, if no interface addresses are assigned, fail quickly upon an
attempt to connect to the unspecified address.
Reported by: Shawn Webb <shawn.webb@hardenedbsd.org>
MFC after: 2 weeks
Reviewed by: zlei, allanjude, emaste
Differential Revision: https://reviews.freebsd.org/D46454
backlog is an int and not a string. While here, fix an adjacent CTR
that was spread over two lines even though it fits in one.
MFC after: 1 week
Sponsored by: Chelsio Communications
As in commit c7a7e997d2, we should permit loading from a pointer to
uintptr_t.
Note that the other atomic_*_ptr() interfaces currently require casting
regardless, only those defined in atomic_common.h try to be generic.
Reported by: jrtc27
MFC after: 1 week
Now that suspend/resume is supported by the base driver, a fatal error
isn't the only reason that the RNIC can stop abruptly. Also, this state
is no longer permanent as it's possible to resume operations after a
stop. Rename the flag and associated routines to match the new state of
affairs.
MFC after: 1 week
Sponsored by: Chelsio Communications
For compat ioctls and structures, we use a mix of suffixes: _old,
_fbsd<version>, _<version>. Standardize on _<version> to make things
more consistent. No functional change intended.
Reported by: jhb
Reviewed by: corvink, jhb
Differential Revision: https://reviews.freebsd.org/D46449
Otherwise they are globally visible (in jails with allow.vmm set),
instead of being restricted to the jail to which the VM belongs.
Reviewed by: corvink, jhb
Differential Revision: https://reviews.freebsd.org/D46448
vmmdev_lookup() is used from sysctl context to find a VM by name.
There, a reference credential is already passed, so use that instead of
assuming that it's the same as curthread->td_ucred, even though that's
true today. No functional change intended.
Reviewed by: corvink, jhb
Differential Revision: https://reviews.freebsd.org/D46447
The sole caller of this function already holds a pointer to the VM's
softc, so rather than passing the VM name and looking it up again, just
pass the softc pointer directly. This function is only called from an
ioctl context, so the softc structure will remain live.
Reviewed by: corvink, jhb
Differential Revision: https://reviews.freebsd.org/D46446
This will make it easy to share code with an ioctl handler which creates
VMs. No functional change intended.
Reviewed by: corvink, jhb
Differential Revision: https://reviews.freebsd.org/D46445
This will make it easy to share code with an ioctl handler which creates
VMs. No functional change intended.
Reviewed by: corvink, jhb
Differential Revision: https://reviews.freebsd.org/D46444
