There's too many broken hardware out there that wrongly has the
ACPI_FADT_NO_VGA bit set. Ignore it unless running as a virtualized
guest, as then the expectation would be that the hypervisor does
provide correct ACPI tables.
Reviewed by: emaste, 0mp, eugen
Sponsored by: Citrix Systems R&D
PR: 230172
(cherry picked from commit 0518832011)
This codec is found in recent versions of the Framework laptop. Tempo
Semiconductor acquired these products from IDT's Audio Business Unit.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
(cherry picked from commit e997f33700)
For an invalid filesystem name used like this:
mount -t asdfs /dev/ada1p5 /usr/obj
emit an error message like this:
mount: /dev/ada1p5: Invalid fstype: Invalid argument
instead of:
mount: /dev/ada1p5: Operation not supported by device
Differential Revision: https://reviews.freebsd.org/D31540
(cherry picked from commit 6e8272f317)
The new dev.netmap.max_bridges sysctl tunable can be set in
loader.conf(5) to change the default maximum number of VALE
switches that can be created. Current defaults is 8.
MFC after: 2 weeks
(cherry picked from commit dd6ab49a9a)
66acf7685b failed to build on riscv (and mips). This is because the
atomic_testandset_int() (and friends) functions do not exist there.
Happily those platforms do have the long variant, so switch to that.
PR: 262571
MFC after: 3 days
(cherry picked from commit 0bf7acd6b7)
The total size of the user-provided nmreq was first computed and then
trusted during the copyin. This might lead to kernel memory corruption
and escape from jails/containers.
Reported by: Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative
Security: CVE-2022-23084
MFC after: 3 days
(cherry picked from commit 3937299165)
An unsanitized field in an option could be abused, causing an integer
overflow followed by kernel memory corruption. This might be used
to escape jails/containers.
Reported by: Reno Robert and Lucas Leong (@_wmliang_) of Trend Micro
Zero Day Initiative
Security: CVE-2022-23085
(cherry picked from commit 694ea59c70)
FreeBSD 13+ running as virtual guest may load virtio_random(8) driver
by means of devd(8) unless the driver is blacklisted or disabled
via device.hints(5). Currently, the driver may prevent
the system from rebooting or shutting down correctly.
This change deactivates virtio_random at very late stage
during system shutdown sequence to avoid deadlock
that results in kernel hang.
PR: 253175
Tested by: tom
Relnotes: yes
(cherry picked from commit adbf7727b3)
Currently armv8crypto copies the scheme used in aesni(9), where payload
data and output buffers are allocated on the fly if the crypto buffer is
not virtually contiguous. This scheme is simple but incurs a lot of
overhead: for an encryption request with a separate output buffer we
have to
- allocate a temporary buffer to hold the payload
- copy input data into the buffer
- copy the encrypted payload to the output buffer
- zero the temporary buffer before freeing it
We have a handy crypto buffer cursor abstraction now, so reimplement the
armv8crypto routines using that instead of temporary buffers. This
introduces some extra complexity, but gallatin@ reports a 10% throughput
improvement with a KTLS workload without additional CPU usage. The
driver still allocates an AAD buffer for AES-GCM if necessary.
Reviewed by: jhb
Tested by: gallatin
Sponsored by: Ampere Computing LLC
Submitted by: Klara Inc.
(cherry picked from commit 26b08c5d21)
This was useful in converting armv8crypto to use buffer cursors. There
are some cases where one wants to make two passes over data, and this
provides a way to "reset" a cursor.
Reviewed by: jhb
(cherry picked from commit 09bfa5cf16)
This is in preparation for using buffer cursors. No functional change
intended.
Reviewed by: jhb
Sponsored by: Ampere Computing LLC
Submitted by: Klara Inc.
(cherry picked from commit 0b3235ef74)
This avoids clients using garbage values on the stack and makes
debugging easier.
Sponsored by: NVIDIA Networking
(cherry picked from commit 88a29d89eb)
As an unwanted side effect of the performance improvements in
24f0bfbad5, epair interfaces stop forwarding traffic on higher
load levels when running on multi-core systems.
This happens due to a race condition in the logic that decides when to
place work in the task queue(s) responsible for processing the content
of ring buffers.
In order to fix this, a field named state is added to the epair_queue
structure. This field is used by the affected functions to signal each
other that something happened in the underlying ring buffers that might
require work to be scheduled in task queue(s), replacing the existing
logic, which relied on checking if ring buffers are empty or not.
epair_menq() does:
- set BIT_MBUF_QUEUED
- queue mbuf
- if testandset BIT_QUEUE_TASK:
enqueue task
epair_tx_start_deferred() does:
- swap ring buffers
- process mbufs
- clear BIT_QUEUE_TASK
- if testandclear BIT_MBUF_QUEUED
enqueue task
PR: 262571
Approved by: re (gjb, early MFC)
Reported by: Johan Hendriks <joh.hendriks@gmail.com>
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D34569
(cherry picked from commit 66acf7685b)
In a subsequent commit clock_init() will attempt to determine the TSC
frequency, and this requires that CPU identification is finalized.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit c3d830cf7c)
fasttrap instruments certain instructions by overwriting them and
copying the original instruction to some per-thread scratch space which
is executed after the probe fires. This trampoline jumps back to the
tracepoint after executing the original instruction.
The created mapping has both write and execute permissions, and so this
mechanism doesn't work when allow_wx is disabled. Work around the
restriction by using proc_rwmem() to write to the trampoline.
Reviewed by: vangyzen
Tested by: Amit <akamit91@hotmail.com>
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 3a56cfedbc)
exit1() sets P_WEXIT before waiting for holding threads to finish,
rather than after, so this assertion is racy.
Fixes: 12fb39ec3e ("proc: Relax proc_rwmem()'s assertion on the process hold count")
Reported by: Jenkins
(cherry picked from commit 879b0604a8)
This reference ensures that the process and its associated vmspace will
not be destroyed while proc_rwmem() is executing. If, however, the
calling thread belongs to the target process, then it is unnecessary to
hold the process. In particular, fasttrap - a module which enables
userspace dtrace - may frequently call proc_rwmem(), and we'd prefer to
avoid the overhead of locking and bumping the hold count when possible.
Thus, make the assertion conditional on "p != curproc". Also assert
that the process is not already exiting. No functional change intended.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 12fb39ec3e)
We assume the pointer returned from get_pcpu will be consistent even
if the thread is moved to a new CPU. Fix this by partially reverting
63c858a04d to make get_pcpu a function again.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit ed30663426)
This increases the size of the user map from 256GB to 128TB. The kernel
map is left unchanged for now.
For now SV48 mode is left disabled by default, but can be enabled with a
tunable. Note that extant hardware does not implement SV48, but QEMU
does.
- In pmap_bootstrap(), allocate a L0 page and attempt to enable SV48
mode. If the write to SATP doesn't take, the kernel continues to run
in SV39 mode.
- Define VM_MAX_USER_ADDRESS to refer to the SV48 limit. In SV39 mode,
the region [VM_MAX_USER_ADDRESS_SV39, VM_MAX_USER_ADDRESS_SV48] is not
mappable.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 31218f3209)
When four-level page tables are used, there is no need to distribute
updates to the top-level page to all pmaps.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
(cherry picked from commit ceed61483c)
A sysinit determines whether the pmap has enabled SV48 mode and modifies
the corresponding fields which describe the user memory map.
Reviewed by: kib, jhb
Sponsored by: The FreeBSD Foundation
(cherry picked from commit ecaf115434)
Instead of having the one-off load_satp(), just use csr_write(). No
functional change intended.
Reviewed by: alc, jhb
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 2e956c30ca)
In SV48 mode, the top-level page will be an L0 page rather than an L1
page. Rename the field accordingly. No functional change intended.
Reviewed by: alc, jhb
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 82f4e0d0f0)
Despite the buffer taken from cache or free list, it still can be
locked, due to 'lockless lookup' in getblkx() potentially operating on
the freed buffers. The lock is transient, but prevents the use of
LK_NOWAIT there for the goal of neutralizing WITNESS.
Just use LK_NOWITNESS.
Reported and tested by: pho
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 1fb00c8f10)
OpenZFS release 2.1.3
Notable upstream pull request merges:
#12569 FreeBSD: Really zero the zero page
#12828 FreeBSD: Add vop_standard_writecount_nomsyn
#12828 zfs: Fix a deadlock between page busy and the teardown lock
#12828 FreeBSD: Catch up with more VFS changes
#12851 FreeBSD: Provide correct file generation number
#12857 Verify dRAID empty sectors
#12874 FreeBSD: Update argument types for VOP_READDIR
#12896 Reduce number of arc_prune threads
#12934 FreeBSD: Fix zvol_*_open() locking
#12961 FreeBSD: Fix leaked strings in libspl mnttab
#12964 Fix handling of errors from dmu_write_uio_dbuf() on FreeBSD
#12981 Introduce a flag to skip comparing the local mac when
raw sending
#12985 Avoid memory allocations in the ARC eviction thread
#13014 Report dnodes with faulty bonuslen
#13016 FreeBSD: Fix zvol_cdev_open locking
#13027 Fix clearing set-uid and set-gid bits on a file when
replying a write
#13031 Add enumerated vdev names to 'zpool iostat -v' and
'zpool list -v'
#13074 Enable encrypted raw sending to pools with greater ashift
#13076 Receive checks should allow unencrypted child datasets
#13098 Avoid dirtying the final TXGs when exporting a pool
#13172 Fix ENOSPC when unlinking multiple files from full pool
Obtained from: OpenZFS
OpenZFS commit: ef83e07db5
OpenZFS tag: zfs-2.1.3
Relnotes: yes
UEFI provides a protocol for accessing randomness. This is a good way
to gather early entropy, especially when there's no driver for the RNG
on the platform (as is the case on the Marvell Armada8k (MACCHIATObin)
for now).
If the entropy_efi_seed option is enabled in loader.conf (default: YES)
obtain 2048 bytes of entropy from UEFI and pass is to the kernel as a
"module" of name "efi_rng_seed" and type "boot_entropy_platform"; if
present, ingest it into the kernel RNG.
Submitted by: Greg V
Reviewed by: markm, kevans
Approved by: csprng (markm)
Differential Revision: https://reviews.freebsd.org/D20780
