This is the first step in recognizing that the K8 microarchitecture
represents a small and aged subset of AMD CPUs supported by this class.
Future changes will update the code and documentation details to better
reflect this.
Keep the old filename as an alias.
Reviewed by: jkoshy
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41279
This includes event definitions from sys/pmc_events.h, definitions from
sys/pmc.h, and the man pages.
Reviewed by: jkoshy
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41275
If a request ends up growing beyong the initially allocated space the
netlink functions (such as snl_add_msg_attr_u32()) will allocate a
new buffer. This invalidates the header pointer we can have received
from snl_create_msg_request(). Always use the hdr returned by
snl_finalize_msg().
Reviewed by: melifaro
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D42223
Include support for translating 32-bit auxv vectors on non-64-bit
platforms that aren't riscv (which has no 32-bit ABI support and
probably never will).
Reviewed by: markj
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D42201
Use source struct size not the destination struct size so we copy all
the auxv entries, not just the first half of them.
Fix a style issue on an adjacent line.
Reviewed by: markj
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D42200
Making this variable static makes is_elf32_sysctl() and callers thread
unsafe.
Use a less absurd length for sv_name. The longest name in the system is
"FreeBSD ELF64 V2" which tips the scales at 16+1 bytes. We'll almost
certainly have other problems if we exceed 32 characters.
Reviewed by: markj
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D42199
Avoid a weird dance through the union and treat all 32-bit values as
unsigned integers. This avoids sign extension of flags and userspace
pointers.
Reviewed by: markj
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D42198
Conceptually very similar to timingsafe_bcmp(), but with comparison
logic inspired by Elijah Stone's fancy memcmp. A baseline (SSE)
implementation was omitted this time as I was not able to get it to
perform adequately. Best I got was 8% over the scalar version for
long inputs, but slower for short inputs.
Sponsored by: The FreeBSD Foundation
Approved by: security (cperciva)
Inspired by: https://github.com/moon-chilled/fancy-memcmp
Differential Revision: https://reviews.freebsd.org/D41696
Very straightforward and similar to memcmp(3). The code has
been written to use only instructions specified as having
data operand independent timing by Intel.
Sponsored by: The FreeBSD Foundation
Approved by: security (cperciva)
Differential Revision: https://reviews.freebsd.org/D41673
POSIX has accepted a proposal[1] to add glibc-compatible ptsname_r. It
indicates an error by returning the error number, rather than returning
-1 and setting errno. Update RETURN VALUES in ptsname_r's man page now
to encourage folks to test that the return value != 0 rather than == -1.
[1] https://www.austingroupbugs.net/bug_view_page.php?bug_id=508
Reported by: Collin Funk
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D42204
Implement equivalents to DIOCSTART and DIOCSTOP in netlink. Provide a
libpfctl implementation and add a basic test case, mostly to verify that
we still return the same errors as before the conversion
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D42145
libbsddialog >= 0.3 has a built-in form implementation so delete
formw dependency.
Approved by: bapt (share/mk maintainer)
Differential Revision: https://reviews.freebsd.org/D42167
Unbloat a bit FreeBSD-utilities.
The only package that will depends on this new one is FreeBSD-ssh
which not anyone have in some setup.
And this will allow to have small pkgbase setup with ssh without
having to bring the bloated FreeBSD-utilities package
Name the package blocklist to reflect upstream futur changes.
Sponsored by: Beckhoff Automation GmbH & Co. KG
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D42148
The man page had `kern.ktrace.geniosize` but the sysctl node contains an
underscore.
PR: 274274
Reported by: Ivan Rozhuk
Sponsored by: The FreeBSD Foundation
Allow userspace to retrieve a list of distinct creator ids for the
current states.
This is used by pfSense, and used to require dumping all states to
userspace. It's rather inefficient to export a (potentially extremely
large) state table to obtain a handful (typically 2) of 32-bit integers.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D42092
Allow consumers to start processing states as the kernel supplies them,
rather than having to build a full list and only then start processing.
Especially for very large state tables this can significantly reduce
memory use.
Without this change when retrieving 1M states time -l reports:
real 3.55
user 1.95
sys 1.05
318832 maximum resident set size
194 average shared memory size
15 average unshared data size
127 average unshared stack size
79041 page reclaims
0 page faults
0 swaps
0 block input operations
0 block output operations
15096 messages sent
250001 messages received
0 signals received
22 voluntary context switches
34 involuntary context switches
With it it reported:
real 3.32
user 1.88
sys 0.86
3220 maximum resident set size
195 average shared memory size
11 average unshared data size
128 average unshared stack size
260 page reclaims
0 page faults
0 swaps
0 block input operations
0 block output operations
15096 messages sent
250001 messages received
0 signals received
21 voluntary context switches
31 involuntary context switches
Reviewed by: mjg
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D42091
Use netlink to export pf's state table.
The primary motivation is to improve how we deal with very large state
stables. With the previous implementation we had to build the entire
list (both in the kernel and in userspace) before we could start
processing. With netlink we start to get data in userspace while the
kernel is still generating more. This reduces peak memory consumption
(which can get to the GB range once we hit millions of states).
Netlink also makes future extension easier, in that we can easily add
fields to the state export without breaking userspace. In that regard
it's similar to an nvlist-based approach, except that it also deals
with transport to userspace and that it performs significantly better
than nvlists. Testing has failed to measure a performance difference
between the previous struct-copy based ioctl and the netlink approach.
Differential Revision: https://reviews.freebsd.org/D38888
Commit 35305a8dc1 (r211393) added a check on whether 'uid' was equal
to getuid() before calling setlogincontext(). Doing so still allows
a setuid program to apply resource limits and priorities specified in
a user-controlled configuration file ('~/.login_conf') where
a non-setuid program could not. Plug the hole by checking instead that
the process' effective UID is the target one (which is likely what was
meant in the initial commit).
PR: 271750
Reviewed by: kib, des
MFC after: 2 weeks
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40351
Before certctl(8), there was no system trust store, and libfetch
relied on the CA certificate bundle from the ca_root_nss port to
verify peers.
We now have a system trust store and a reliable mechanism for
manipulating it (to explicitly add, remove, or revoke certificates),
but if ca_root_nss is installed, libfetch will still prefer that to
the system trust store.
With this change, unless explicitly overridden, libfetch will rely on
OpenSSL to pick up the default system trust store.
PR: 256902
MFC after: 3 days
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D42059
Style demands a space after the switch keyword.
Noticed reviewing code in CheriBSD that propagated the style bug.
Reported by: markj
Sponsored by: DARPA
Reviewed by: kib, markj
Differential Revision: https://reviews.freebsd.org/D42041
Modified functions: login_getcaptime(), login_getcapnum(),
login_getcapsize().
They all call cgetstr(), which returns -2 on such conditions and already
sets errno to ENOMEM, arguably the appropriate value for these functions
as well.
No in-tree consumer currently checks for errno on error reported by
these functions, so this change has no other code impact.
Reviewed by: kib
MFC after: 2 weeks
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40342
The login.conf's "priority" capability allows to set priorities in the
idle or realtime classes in addition to the classical nice values (-20
to 20), through a natural extension where values greater than 20 put the
processes in the idle class (with priority adjusted within RTP_PRIO_MIN
and RTP_PRIO_MAX, 21 being converted to 0, 22 to 1, etc.) and values
lower than -20 put the process in the realtime class (with priority
adjusted within RTP_PRIO_MIN and RTP_PRIO_MAX, -21 being converted to
RTP_PRIO_MAX (31), -22 to 30, etc.).
Before this fix, in the latter case (realtime class), -21 was converted
to 30, and RTP_PRIO_MAX (31) could never be specified.
While here, change the priority computation for the idle-class case to
be symmetrical and use RTP_PRIO_MIN (in practice, this changes nothing
at all, since RTP_PRIO_MIN is 0; but this is the correct theoretical
formula, which would work as well with other values of RTP_PRIO_MIN).
PR: 271727
Reviewed by: imp, kib
MFC after: 2 weeks
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40339
The four functions more or less perform the same operation.
Reuse the same unit test with slight changes so we can cover
them all. Constant-time operation is not verified for the
timingsafe_* functions.
Sponsored by: The FreeBSD Foundation
Approved by: ngie
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D41528
Extend the tests to permit loading an external memcmp function
and testing it over using the libc version. This was added by the
example of other tests in the test suite doing the same thing and
helped tremendously in development.
This change was originally part of D41442 but was taken out to
permit separate review as extrapolated from @ngie's request in
D41349.
Sponsored by: FreeBSD Foundation
Approved by: ngie
Differential Revision: https://reviews.freebsd.org/D41528
Also suggest against creating a generic label on a device which already
contains a filesystem.
PR: 264166
Reviewed by: imp, delphij, Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D35326
Compiler memory barriers do not prevent the CPU from executing the code
out of order. Switch to C11 atomics. This also lets us get rid of the
mutex; instead, loop until the compare_exchange succeeds.
While here, change the return value of at_quick_exit() on failure to
the more traditional -1, matching atexit().
Sponsored by: Klara, Inc.
Reviewed by: Olivier Certner, kevans, kib
Differential Revision: https://reviews.freebsd.org/D41936
- cast GETNEXT to unsigned where it is being promoted to int to prevent
sign-extension (really it would have been better for PEEK*() and
GETNEXT() to return unsigned char; this would have removed a ton of
(uch) casts, but it is too intrusive for now).
- fix an isalpha that should have been iswalpha
PR: 264275, 274032
Reviewed by: kevans, eugen (previous version)
Obtained from: NetBSD
Differential Revision: https://reviews.freebsd.org/D41947
Some highlights from NEWS entries:
** Improved OpenSSL 3.0 compatibility.
** Support for hidraw(4) on FreeBSD; gh#597.
** Improved support for FIDO 2.1 authenticators.
PR: 273596
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
This extends the strcspn() unit tests to catch mistakes in the
implementation that only appear when a mismatch occurs in a certain
position of the string against a certain position of the set.
See also: 52d4a4d4e0
Sponsored by: The FreeBSD Foundation
Approved by: imp
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D41821
When memcmp(a, b, len) (or equally, bcmp) is called with a phony length
such that a + len < a, the code would malfunction and not compare the
two buffers correctly. While such arguments are illegal (buffers do not
wrap around the end of the address space), it is neverthless conceivable
that people try things like memcmp(a, b, SIZE_MAX) to compare a and b
until the first mismatch, in the knowledge that such a mismatch exists,
expecting memcmp() to stop comparing somewhere around the mismatch.
While memcmp() is usually written to confirm to this assumption, no
version of ISO/IEC 9899 guarantees this behaviour (in contrast to
memchr() for which it is).
Neverthless it appears sensible to at least not grossly misbehave on
phony lengths. This change hardens memcmp() against this case by
comparing at least until the end of the address space if a + len
overflows a 64 bit integer.
Sponsored by: The FreeBSD Foundation
Approved by: mjg (blanket, via IRC)
See also: b2618b651b
MFC after: 1 week
Abstract out the details of the FreeBSD build into a $TINFO_OBJDIR that
external builds can override if they orchestrate the build a bit
differently and have a different objdir layout as a result. This makes
the ncurses build a little bit more flexible without requiring weird
backflips.
Reviewed by: bapt, sjg
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D41834
Headers from src/include were in the runtime-dev package but
subdirectories of src/include ended up in utilities-dev by default.
Neither package is a good choice - the headers in src/include are not
useful without the libraries contained in clibs-dev.
This moves the standard C headers to clibs-dev (C++ headers are already
in this package). While working on this, I found that various clang
libraries and headers were also bundled into utilities-dev by default
so these are also moved to clang-dev.
I also added a FreeBSD-build-essential meta package to make it simple to
install all the toolchain parts.
PR: 254173
Reviewed byb: manu
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D41815
