The total size of the user-provided nmreq was first computed and then
trusted during the copyin. This might lead to kernel memory corruption
and escape from jails/containers.
Reported by: Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative
Security: CVE-2022-23084
MFC after: 3 days
(cherry picked from commit 3937299165)
An unsanitized field in an option could be abused, causing an integer
overflow followed by kernel memory corruption. This might be used
to escape jails/containers.
Reported by: Reno Robert and Lucas Leong (@_wmliang_) of Trend Micro
Zero Day Initiative
Security: CVE-2022-23085
(cherry picked from commit 694ea59c70)
FreeBSD 13+ running as virtual guest may load virtio_random(8) driver
by means of devd(8) unless the driver is blacklisted or disabled
via device.hints(5). Currently, the driver may prevent
the system from rebooting or shutting down correctly.
This change deactivates virtio_random at very late stage
during system shutdown sequence to avoid deadlock
that results in kernel hang.
PR: 253175
Tested by: tom
Relnotes: yes
(cherry picked from commit adbf7727b3)
UEFI provides a protocol for accessing randomness. This is a good way
to gather early entropy, especially when there's no driver for the RNG
on the platform (as is the case on the Marvell Armada8k (MACCHIATObin)
for now).
If the entropy_efi_seed option is enabled in loader.conf (default: YES)
obtain 2048 bytes of entropy from UEFI and pass is to the kernel as a
"module" of name "efi_rng_seed" and type "boot_entropy_platform"; if
present, ingest it into the kernel RNG.
Submitted by: Greg V
Reviewed by: markm, kevans
Approved by: csprng (markm)
Differential Revision: https://reviews.freebsd.org/D20780
computing the same isochronous start frame number over and over again.
PR: 257082
Sponsored by: NVIDIA Networking
(cherry picked from commit 8fc2a3c417)
(cherry picked from commit f52783fcf5)
(cherry picked from commit cf48d1f771)
as given by the XHCI hardware parameters to avoid scheduling isochronous
transfers too early.
Sponsored by: NVIDIA Networking
(cherry picked from commit d038463bd2)
Newly added features & bug fixes
o Fixed an issue smartpqi debug log messages are flooding kernel logs.
o Fixed an issue where devices are shown as RAID 0 in display info.
o Feature: Changed 32 bit dma address to 64 bit address
o Added new controlller ids.
Submitted by: Microsemi
Reviewed by: Scott Benesh (Microsemi), imp
Differential Revision: https://reviews.freebsd.org/D34469
MFC After: 3 days
Sponsored by: Netflix
(cherry picked from commit 4f77349d57)
physical/absolute address in FreeBSD, but it looks like the calling
code might be somewhat portable to other OS's that do require this.
Therefore, set the variables to __unused instead of removing the code
entirely.
(cherry picked from commit e28289ca83)
pqisrc_is_firmware_feature_enabled shouldn't be declared inline in a
header, and then static inline in the .c function. Remove this stray
declartion from the header. gcc6 complains, but clang does not.
Sponsored by: Netflix
(cherry picked from commit eae2ef5a01)
This should fix an issue where the "udev->re_enumerate_wait" field never gets
processed and reset. In this case usbconfig will wait forever and never return.
Sponsored by: NVIDIA Networking
(cherry picked from commit c7cd6f809d)
Add serial-number sysctl if that fdt property exists and is a printable
string. While here, ensure that the hw.fdt sysctl values fit in the
buffers provided so that they will be NUL-terminated. Tested on
Raspberry Pi 3B+ and 4.
Reviewed by: manu imp
Differential Revision: https://reviews.freebsd.org/D34356
(cherry picked from commit b8b0c65e8a)
This make it easier for script to get the hardware on which they are running.
Sponsored by: Diablotin Systems
Differential Revision: https://reviews.freebsd.org/D31205
Reviewed by: imp
Should be ok on powerpc: jhibbits (over irc)
(cherry picked from commit 50e0dc0c4b)
This change enables the user to control 2.5G and 5G autonegotiation
speeds via advertise_speed sysctl for X550T devices. Due to reported
interoperability issues with switches, 2.5G and 5G speeds will not be
advertised by default.
Signed-off-by: Piotr Pietruszewski <piotr.pietruszewski@intel.com>
Co-authored-by: Krzysztof Galazka <krzysztof.galazka@intel.com>
Tested by: gowtham.kumar.ks@intel.com
MFC after: 3 days
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D26245
(cherry picked from commit d381c80751)
This patch adds checks of a VF link state provided by PF via mailbox
API. Such change enables the PF to disable a VF administratively.
Since command needed by the PF to control the VF is introduced in
mailbox api version 1.2, this patch also bumps supported mailbox api
version to 1.2.
Co-authored-by: Krzysztof Galazka <krzysztof.galazka@intel.com>
Reviewed By: kbowling@
Tested by: lukasz.szczepaniak@intel.com
MFC after: 3 days
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D32004
(cherry picked from commit a3e719bbc2)
- Adds FW logging support
- Once enabled, this lets the firmware print event and error messages
to the log, increasing the visibility into what the hardware is
doing; this is useful for debugging
- General bug fixes
- Adds inital DCB support to the driver
- Notably, this adds support for DCBX to the driver; now with the
fw_lldp sysctl set to 1, the driver and adapter will adopt a DCBX
configuration sent from a link partner
- Adds statistcs sysctls for priority flow control frames
- Adds new configuration sysctls for DCB-related features: (VLAN) user
priority to TC mapping; ETS bandwidth allocation; priority flow
control
- Remove unused SR-IOV files (until support gets added)
Signed-off-by: Eric Joyner <erj@FreeBSD.org>
Tested by: jeffrey.e.pieper@intel.com
MFC after: 3 days
MFC with: 213e91399b, e438f0a975
Relnotes: yes
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D34024
(cherry picked from commit 56429daea2)
(cherry picked from commit 61d83041ab)
This should unbreak the kernel build when "options RSS" is
defined in the kernel configuration, and make the feature work.
Signed-off-by: Eric Joyner <erj@FreeBSD.org>
Reported by: adrian@
Sponsored by: Intel Corporation
(cherry picked from commit 5577aa338a)
Since iavf(4) no longer shares code with ixl(4) as of commit
f2fbd56a8d07665bc0a5e8b7e40026b50a591e2a and now has its own directory,
remove these now-unused iavf(4)-only files.
Signed-off-by: Eric Joyner <erj@FreeBSD.org>
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D28638
(cherry picked from commit 409b36ad91)
The iavf(4) driver now uses a different source base from ixl(4), since
it will be the standard VF driver for new Intel Ethernet products going
forward, including ice(4). It continues to use the iflib framework
for network drivers.
Since it now uses a different source code base, this commit adds a new
sys/dev/iavf entry, but it re-uses the existing module name so no
configuration changes are necessary.
Signed-off-by: Eric Joyner <erj@FreeBSD.org>
Reviewed by: kbowling@
Tested by: lukasz.szczepaniak@intel.com
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D28636
(cherry picked from commit ca853dee3b)
Includes various feature improvements and bug fixes.
Notable changes include:
- Firmware logging support
- Link management flow changes
- New sysctl to report aggregated error counts
- Health Status Event reporting from firmware (Use the new read-only
tunables hw.ice.enable_health_events / dev.ice.#.enable_health_events
to turn this off)
Signed-off-by: Eric Joyner <erj@FreeBSD.org>
Sponsored by: Intel Corporation
(cherry picked from commit 9cf1841c4a)
VGA hardware provides many different graphics and data access modes,
each with different capabilities and limitations.
VGA vt(4) graphics mode operates on blocks of pixels at a time. When a
given pixel block contains only two colours the vt_vga driver uses write
mode 3. When the block contains more than two colours it uses write
mode 0. This is done because two-colour write mode 3 is much more
efficient.
In practice write mode 3 is used most of the time, as there is often a
single foreground colour and single background colour across the entire
console. One common exception requiring the use of mode 0 is when the
mouse cursor is drawn over a background other than black, as we need
black and white for the cursor in addition to the background colour.
VGA's default 16-colour palette provides the same set of colours as the
system console, but in a different order. Previously we configured a
non-default VGA palette that had the same colours at the same indexes.
However, this caused anything drawn before the kernel started (drawn by
the loader, for instance) to change colours once the kernel configured
the new, non-default palette.
In 5e251aec86 we switched to leaving the default VGA palette in place,
translating console colour indexes to VGA colour indexes as necessary.
This translation was missed for the write mode 0 case for pixel blocks
with more than two colours.
PR: 261751
Reviewed by: adrian
MFC after: 1 week
Fixes: 5e251aec86 ("vt(4): Use default VGA palette")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34412
(cherry picked from commit f266082f11)
I suspect the variable names and comments were accidentally French.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 731a929ac9)
Remove redundant ofw property parsing in driver code, is already
taken care of in mmc_fdt_helpers.
Move ofw parsing to attach method.
Reviewed by: manu
Sponsored by: Semihalf
Differential Revision: https://reviews.freebsd.org/D31409
(cherry picked from commit 6ad816a999)
This patch adds compatible string for xenon controller found on
AP807 north brige. It is fully compatible with existing driver.
Reviewed by: manu
Sponsored by: Semihalf
Differential Revision: https://reviews.freebsd.org/D31407
(cherry picked from commit 1b9ce0885e)
This patch adds the necessary methods resolution to the sdhci_xenon
driver which are required to configure UHS modes for SD/MMC devices.
Apart from the two generic routines, the custom sdhci_xenon_set_uhs_timing
function is responsible for setting the SDHCI_HOST_CONTROL2 register
with appropriate mode select values - in case of HS200 and HS400
they are non-standard.
Reviewed by: manu
Obtained from: Semihalf
Sponsored by: Marvell
Differential Revision: https://reviews.freebsd.org/D30565
MFC after: 2 weeks
(cherry picked from commit 4fa977f854)
Improve the VCCQ voltage switch, so that to properly
handle the SDHCI_HOST_CONTROL2 register signaling
flags and along with manipulating the regulator.
Reviewed by: manu
Obtained from: Semihalf
Sponsored by: Marvell
Differential Revision: https://reviews.freebsd.org/D30564
MFC after: 2 weeks
(cherry picked from commit c80e2ca57e)
Until now the "no-1-8-v" DT flag wrongly disabled the SDHCI_CAN_VDD_180
- slot 1.8V power supply capability, whereas it refers to the signaling
voltage. Fix the sdhci_xenon_read_4 and allow to disable the UHS modes
depending on the DT property or PHY slow mode. While at it - make sure
the unsupported 1.2V signaling is always disabled and not reported
in the bootverbose log.
Reviewed by: manu
Obtained from: Semihalf
Sponsored by: Marvell
Differential Revision: https://reviews.freebsd.org/D30563
MFC after: 2 weeks
(cherry picked from commit df86876284)
The mmc_fdt_parse allows to parse more MMC-related
FDT properties. Start using it. "wp-inverted" property,
VQMMC and newly added VMMC power supply parsing
is now done in a generic code.
Reviewed by: manu
Obtained from: Semihalf
Sponsored by: Marvell
Differential Revision: https://reviews.freebsd.org/D30562
MFC after: 2 weeks
(cherry picked from commit 43e31350f8)
With this change the host controller drivers can set the MMC capabilities
(e.g. using mmc_fdt_parse() helper) before calling sdhci_init_slot().
This way the configuration dump (eg. in bootverbose) can include the
possible additional information.
Reviewed by: manu
Obtained from: Semihalf
Sponsored by: Marvell
Differential Revision: https://reviews.freebsd.org/D30561
MFC after: 2 weeks
(cherry picked from commit 5652be30a3)
DBG2 ACPI table description [1] specifies three subtypes
related to 16550 UART:
0x0 - 16550 compatible
0x1 - 16550 subset
0x12 - 16550 compatible with parameters defined in Generic Address Structure (GAS)
It turned out however, that the Windows OS treats 0x0 subtype as
legacy x86 UART with 8-bit access. ARM SoCs can use types 0x1 (16550 with
fixed mmio32 access) or 0x12 (16550 with fully respected GAS contents).
Switch Marvell SoCs ACPI UART subtype to 0x1 - thanks to that the same firmware
can run properly with UART output in FreeBSD, Windows 10, Linux and ESXI
hypervisor. Tests showed the older firmware versions that use 0x0
UART subtype in SPCR table continue to display output properly.
[1] https://docs.microsoft.com/en-us/windows-hardware/drivers/bringup/acpi-debug-port-table
Obtained from: Semihalf
Sponsored by: ARM
Differential revision: https://reviews.freebsd.org/D30386
MFC after: 2 weeks
(cherry picked from commit 9cf66a0458)
The recent addition of Synopsys ECAM quirk set the
device description only for the DT variant.
Do the same in ACPI case.
Reported by: jrtc27
(cherry picked from commit e8a8725360)
Due to the quirky nature of the Synopsys Designware PCIe IP,
the type 0 configuration is broadcast and whatever device
is plugged into slot, will appear at each 32 device
positions of bus0. Mitigate the issue by filtering out
duplicated devices on this bus for both DT and ACPI cases.
Reviewed by: mw
Sponsored by: Semihalf
MFC: after 3 weeks
Differential revision: https://reviews.freebsd.org/D31887
(cherry picked from commit 2de4c7f6d0)
HS200 and HS400 speeds can be enabled either with 1.2, or 1.8V signaling voltage.
Because of that we have four cabability flags: MMC_CAP_MMC_HS200_120,
MMC_CAP_MMC_HS200_180, MMC_CAP_MMC_HS400_120, MMC_CAP_MMC_HS400_180.
MMC logic only enables HS200/HS400 mode if both flags are set for the corresponding speed.
Fix that by being more permissive in host timing cap check.
Reviewed by: manu, mw
MFC after: 2 weeks
Obtained from: Semihalf
Sponsored by: Alstom Group
Differential revision: https://reviews.freebsd.org/D33130
(cherry picked from commit 8661e085fb)
Summary: Drop unsolicited BLS commands other than ABTS.
Reviewed by: mav
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D34423
(cherry picked from commit 57e4b67755)
