1
0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-25 16:13:17 +00:00
Commit Graph

231636 Commits

Author SHA1 Message Date
Kristof Provost
1ff545d642 pf tests: Basic ioctl validation for DIOCRGETTABLES, DIOCRGETTSTATS, DIOCRCLRTSTATS and DIOCRSETTFLAGS
Validate the DIOCRGETTABLES, DIOCRGETTSTATS, DIOCRCLRTSTATS and
DIOCRSETTFLAGS ioctls with invalid values. These may succeed (because
the kernel uses the minimally required size, not the specified size),
but should not trigger kernel panics.

MFC after:	1 week
2018-04-06 15:57:20 +00:00
Kristof Provost
adfe2f6aff pf: Improve ioctl validation for DIOCRGETTABLES, DIOCRGETTSTATS, DIOCRCLRTSTATS and DIOCRSETTFLAGS
These ioctls can process a number of items at a time, which puts us at
risk of overflow in mallocarray() and of impossibly large allocations
even if we don't overflow.

Limit the allocation to required size (or the user allocation, if that's
smaller). That does mean we need to do the allocation with the rules
lock held (so the number doesn't change while we're doing this), so it
can't M_WAITOK.

MFC after:	1 week
2018-04-06 15:54:30 +00:00
Kyle Evans
814a016d28 lualoader: Fix menu skipping with loader.conf(5) vars
Earlier efforts to stop loading the menu broke the ability to skip the menu
with, e.g., beastie_disable in loader.conf(5) as it was decided before
configuration was read.

Defer bringing in the menu module until we've loaded configuration so that
we can make a more informed decision on whether the menu should be skipped
or not.
2018-04-06 15:19:48 +00:00
Kyle Evans
4a432d6fa5 aw_sid(4): Use prctl read for all reads when it's required
It was later found that some operation on the OrangePi one will cause
direct accesses to the eeprom to return wrong data again, so reading it all
once via prctl at attach time is no longer sufficient.
2018-04-06 15:17:09 +00:00
Jonathan T. Looney
74800c5a08 In cases where an application issues certain IPMI commands at a high
enough rate, the IPMI code can print large numbers of messages to the
console, such as:
  ipmi0: KCS: Failed to read completion code
  ipmi0: KCS error: ff
  ipmi0: KCS: Failed to read completion code
  ipmi0: KCS error: ff

These seem to be innocuous from a system standpoint, and the user-
space code can deal with the failures. Therefore, suppress printing
these messages to the console unless bootverbose is enabled.

Obtained from:	Netflix, Inc.
2018-04-06 15:15:21 +00:00
Kristof Provost
98c5f9884e pf tests: Basic ioctl validation tests
Validate the DIOCRADDTABLES and DIOCRDELTABLES ioctls with invalid size
values. All of these requests should fail.

MFC after:	1 week
2018-04-06 15:03:48 +00:00
Kristof Provost
8748b499c1 pf: Improve ioctl validation for DIOCRADDTABLES and DIOCRDELTABLES
The DIOCRADDTABLES and DIOCRDELTABLES ioctls can process a number of
tables at a time, and as such try to allocate <number of tables> *
sizeof(struct pfr_table). This multiplication can overflow. Thanks to
mallocarray() this is not exploitable, but an overflow does panic the
system.

Arbitrarily limit this to 65535 tables. pfctl only ever processes one
table at a time, so it presents no issues there.

MFC after:	1 week
2018-04-06 15:01:45 +00:00
Ed Schouten
8129693e78 Let syslog(3) use RFC 5424.
With r332099 changing syslogd(8) to parse RFC 5424 formatted syslog
messages, go ahead and also change the syslog(3) libc function to
generate them. Compared to RFC 3164, RFC 5424 has various advantages,
such as sub-second precision for log entry timestamps.

As this change could have adverse effects when not updating syslogd(8)
or using a different system logging daemon, add a notice to UPDATING and
increase __FreeBSD_version.

Differential Revision:	https://reviews.freebsd.org/D14926
2018-04-06 13:00:45 +00:00
Ed Schouten
77f0ef9a96 Add RFC 5424 syslog message parsing to syslogd.
Syslogd currently uses the RFC 3164 format for its log messages.One
limitation of RFC 3164 is that it cannot be used to log entries with
sub-second precision timestamps. One of our users has expressed a desire
for doing this for doing some basic performance measurements.

This change attempts to make a first cut at switching to RFC 5424 based
logging. The first step is to alter syslogd's input path to properly
parse such messages. It alters the logmsg() prototype to match the
fields of RFC 5424. The parsemsg() function is extended to parse both
RFC 3164 and 5424 messages and call into logmsg() accordingly.

Additional changes include:

- Introducing proper parsing of timestamps, so that they can be printed
  in any desired output format. This means we need to infer the year and
  timezone for RFC 3164 timestamps.
- Removing ISKERNEL. This can now be realised by simply providing an
  APP-NAME (== "kernel").
- Extending RFC 3164 parsing to trim off the TAG prefix and using that
  to derive APP-NAME and PROCID.
- Increase MAXLINE. RFC 5424 mentions we should support 2k messages.

Differential Revision:	https://reviews.freebsd.org/D14926
2018-04-06 12:57:01 +00:00
Roger Pau Monné
444c6d6f03 remove GiB/MiB macros from param.h
And instead define them in the files where they are used.

Requested by: bde
2018-04-06 11:20:06 +00:00
Ed Maste
93b980a802 stand: pass --no-rosegment for i386 bits when linking with lld
btxld does not correctly handle input with other than 2 PT_LOAD
segments.  Passing --no-rosegment lets lld produce output eqivalent to
ld.bfd: 2 PT_LOAD segments and no PT_GNU_RELRO.

PR:		225775
MFC after:	3 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14956
2018-04-06 02:57:58 +00:00
Brooks Davis
756181b8f5 Add 32-bit compat for ioctls that take struct ifgroupreq.
Use an accessor to access ifgr_group and ifgr_groups.

Use an macro CASE_IOC_IFGROUPREQ(cmd) in place of case statements such
as "case SIOCAIFGROUP:". This avoids poluting the switch statements
with large numbers of #ifdefs.

Reviewed by:	kib
Obtained from:	CheriBSD
MFC after:	1 week
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D14960
2018-04-05 22:14:55 +00:00
Brooks Davis
2443045f30 ifconf(): Always zero the whole struct ifreq.
The previous split of zeroing ifr_name and ifr_addr seperately is safe
on current architectures, but would be unsafe if pointers were larger
than 8 bytes. Combining the zeroing adds no real cost (a few
instructions) and makes the security property easier to verify.

Reviewed by:	kib, emaste
Obtained from:	CheriBSD
MFC after:	3 days
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D14912
2018-04-05 21:58:28 +00:00
Brooks Davis
89ea4a30d6 Added SAL annotatations to system calls.
Modify makesyscalls.sh to strip out SAL annotations.

No functional change.

This is based on work I started in CheriBSD and use to validate fat
pointers at the syscall boundary.  Tal Garfinkel reviewed the changes,
added annotations to COMPAT* syscalls and is using them in a record and
playback framework.  One can envision other uses such as a WITNESS-like
validator for copyin/out as speculated on in the review.

As this time we are only annotating sys/kern/syscalls.master as that is
sufficient for userspace work.  If kernel use cases materialize, we can
annotate other syscalls.master as needed.

Submitted by:	Tal Garfinkel <talg@cs.stanford.edu>
Sponsored by:	DARPA, AFRL (in part)
Differential Revision:	https://reviews.freebsd.org/D14285
2018-04-05 20:31:45 +00:00
Benno Rice
48990fce8e Add an ISO9660 "partition table" type to loader.
When booted via isoboot(8) loader will be handed a disk that simply contains
an ISO9660 image. Currently this confuses it greatly. Teach it how to spot
that it's in this situation and that ISO9660 has one "partition" covering
the whole disk.

Reviewed by:	imp
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D14915
2018-04-05 19:45:30 +00:00
Benno Rice
7acb51f681 Add isoboot(8) for booting BIOS systems from HDDs containing ISO images.
This is part of a project for adding the ability to create hybrid CD/USB boot
images. In the BIOS case when booting from something that isn't a CD we need
some extra boot code to actually find our next stage (loader) within an
ISO9660 filesystem. This code will reside in a GPT partition (similar to
gptboot(8) from which it is derived) and looks for /boot/loader in an
ISO9660 filesystem on the image.

Reviewed by:	imp
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D14914
2018-04-05 19:40:46 +00:00
Benno Rice
288013f54c Various style(9) fixes.
Reviewed by:	strip --strip-debug -o - gptboot.o | md5
Sponsored by:	iXsystems, Inc.
2018-04-05 19:29:22 +00:00
Benno Rice
8e48426cae Use consistent whitespace.
Reviewed by:	strip --strip-debug -o - gptboot.o | md5
Sponsored by:	iXsystems, Inc.
2018-04-05 19:27:24 +00:00
Brooks Davis
e4e7a46ba9 Allow -DNO_CLEAN buildworld after r332080. 2018-04-05 18:19:48 +00:00
Brooks Davis
97e5d68bb0 Remove architecture specific shmat.S files.
These files are identical to the generated system calls.
In the case of MIPS, the file was already disconnected from the build.

Submitted by:	Ali Mashtizadeh <ali@mashtizadeh.com>
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D14976
2018-04-05 18:17:46 +00:00
Mark Johnston
e4ba1a50af Fix the definitions of get_cpu() and put_cpu().
They are supposed to disable preemption.

Reported by:	rstone
MFC after:	5 days
2018-04-05 17:26:03 +00:00
Ruslan Bukin
b09de0b34a Add support for the Coresight technology from ARM Ltd.
ARM Coresight is a solution for debug and trace of complex SoC designs.

This includes a collection of drivers for ARM Coresight interconnect
devices within a small Coresight framework.

Supported devices are:
o Embedded Trace Macrocell v4 (ETMv4)
o Funnel
o Dynamic Replicator
o Trace Memory Controller (TMC)
o CPU debug module

Devices are connected to each other internally in SoC and the
configuration of each device endpoints is described in FDT.

Typical trace flow (as found on Qualcomm Snapdragon 410e):
CPU0 -> ETM0 -> funnel1 -> funnel0 -> ETF -> replicator -> ETR -> DRAM
CPU1 -> ETM1 -^
CPU2 -> ETM2 -^
CPU3 -> ETM3 -^

Note that both Embedded Trace FIFO (ETF) and Embedded Trace Router (ETR)
are hardware configurations of TMC.

This is required for upcoming HWPMC tracing support.

This is tested on single-core system only.

Reviewed by:	andrew (partially)
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D14618
2018-04-05 15:45:54 +00:00
Rodney W. Grimes
2e23ded5c4 Exit with usage when extra arguments are on command line
preventing mistakes such as "halt 0p" for "halt -p".
Approved by:	bde (mentor), phk (mentor)
MFC after:	1 week
2018-04-05 15:00:08 +00:00
Roger Pau Monné
9dba82a442 x86: improve reservation of AP trampoline memory
So that it doesn't rely on physmap[1] containing an address below
1MiB. Instead scan the full physmap and search for a suitable address
to place the trampoline code (below 1MiB) and the initial memory pages
(below 4GiB).

Sponsored by:		Citrix Systems R&D
Reviewed by:		kib
Differential Revision:	https://reviews.freebsd.org/D14878
2018-04-05 14:39:51 +00:00
Roger Pau Monné
319cc4a700 introduce GiB and MiB macros
This macros convert from GiB or MiB into bytes.

Sponsored by: Citrix Systems R&D
2018-04-05 14:31:54 +00:00
Sean Bruno
2c385d51ce Squash error from geom by sizing ident strings to DISK_IDENT_SIZE.
Display attribute in future error strings and differentiate g_handleattr()
error messages for ease of debugging in the future.

"g_handleattr: md1 bio_length 24 strlen 31 -> EFAULT"

Reported by:	swills
Reviewed by:	imp cem avg
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D14962
2018-04-05 13:56:40 +00:00
Konstantin Belousov
2d7e563c39 Fix ERESTART for lcall $7,$0 syscalls.
The lcall trampoline enters kernel by int $0x80, which sets up invalid
length of the instruction for %rip rewind.

Reviewed by:	bde
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2018-04-05 11:03:21 +00:00
Konstantin Belousov
f407f5fb88 Make the INTO instruction operational in 32bit mode.
Having the IDT entry specify ring 0 DPL caused delivery of #GP instead
of #OF.

The instruction is not valid in 64bit mode, which probably explains
why the IDT entry for #OF was initially set this way.  It is
interesting to note that the BOUND instruction works with the IDT #BR
entry DPL 0, most likely CPU considers #BR from BOUND as generated by
a machine, not user.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2018-04-05 11:03:05 +00:00
Ed Maste
523bfea2a1 remove special handling for stale ptrace dependencies
r318957 added special handling for stale ptrace dependency files to
support a -DNO_CLEAN build in a tree last built before r305012.  That
revision is now over a year and a half old, so retire the special case.

Sponsored by:	The FreeBSD Foundation
2018-04-05 03:26:42 +00:00
Kirk McKusick
f8ccf17383 Renumber soft-update types starting at 1 instead of 0 to avoid confusion
of zero'ed memory appearing to have a valid soft-update type.

Also correct some comments.

Reviewed by: kib
2018-04-05 00:32:01 +00:00
Navdeep Parhar
de93353248 cxgbe(4): Always display an error message if SIOCSIFFLAGS will leave
IFF_UP and IFF_DRV_RUNNING out of sync.  ifhwioctl in the kernel pays no
attention to the return code from the driver ioctl during SIOCSIFFLAGS
so these messages are the only indication that the ioctl was called but
failed.

MFC after:	1 week
Sponsored by:	Chelsio Communications
2018-04-04 22:52:24 +00:00
Brooks Davis
62d6bc395a Allow -DNO_CLEAN builds over r332048. 2018-04-04 22:46:30 +00:00
Brooks Davis
7dd87e9a82 Remove architecture specific sigreturn.S files.
All of these files are identical (modulo license blocks and VCS IDs) to
the files generated by lib/libc/sys/Makefile.inc and serve no purpose.

Reported by:	Ali Mashtizadeh <ali@mashtizadeh.com>
Reviewed by:	kib
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D14953
2018-04-04 22:45:08 +00:00
Vincenzo Maffione
46023447b6 netmap: align if_ptnet guest driver to the upstream code (commit 0e15788)
The change upgrades the driver to use the split Communication Status
Block (CSB) format. In this way the variables written by the guest
and read by the host are allocated in a different cacheline than
the variables written by the host and read by the guest; this is
needed to avoid cache thrashing.

Approved by:	hrs (mentor)
2018-04-04 21:31:12 +00:00
Ian Lepore
cdfebb9cf5 Add a missing MODULE_DEPEND(). 2018-04-04 21:19:33 +00:00
Ed Maste
c73b6f4da9 Fix kernel memory disclosure in tcp_ctloutput
strcpy was used to copy a string into a buffer copied to userland, which
left uninitialized data after the terminating 0-byte.  Use the same
approach as in tcp_subr.c: strncpy and explicit '\0'.

admbugs:	765, 822
MFC after:	1 day
Reported by:	Ilja Van Sprundel <ivansprundel@ioactive.com>
Reported by:	Vlad Tsyrklevich
Security:	Kernel memory disclosure
Sponsored by:	The FreeBSD Foundation
2018-04-04 21:12:35 +00:00
Mark Johnston
b1075b0ec5 Typo.
MFC after:	3 days
2018-04-04 20:15:41 +00:00
Ed Maste
19406511e5 Fix kernel memory disclosure in linux_ioctl_socket
strlcpy is used to copy a string into a buffer to be copied to userland,
previously leaving uninitialized data after the terminating NUL.  Zero
the buffer first to avoid a kernel memory disclosure.

admbugs:	765, 811
MFC after:	1 day
Reported by:	Ilja Van Sprundel <ivansprundel@ioactive.com>
Reported by:	Vlad Tsyrklevich
Sponsored by:	The FreeBSD Foundation
2018-04-04 19:58:25 +00:00
Pedro F. Giffuni
65436b2e12 pthread.h: minor indentation cleanups.
No functional change.

X-MFC with:	r331969
2018-04-04 15:16:04 +00:00
Ed Maste
d851b216eb linux_ioctl_hdio: fix kernel memory disclosure
Stack-allocated struct linux_hd_big_geometry has undeclared padding
copied to userland.

admbugs:	765
Reported by:	Vlad Tsyrklevich
MFC after:	1 day
Security:	Kernel memory disclosure
Sponsored by:	The FreeBSD Foundation
2018-04-04 14:41:48 +00:00
Ruslan Bukin
cde6fa2857 Add new shared library -- libopencsd.
OpenCSD is an ARM CoreSight(tm) trace packets decoder.

- Connect libopencsd to the arm64 build.
- Install opencsd headers to /usr/include/opencsd/

Sponsored by:	DARPA, AFRL
2018-04-04 14:31:56 +00:00
Andrew Turner
9e4fa9eb4a Remove fdt_pm_is_enabled as it's Marvell specific. Replace the only call to
it with a call to the helper function fdt_pm_is_enabled would call.

Sponsored by:	DARPA, AFRL
2018-04-04 13:37:59 +00:00
Marcin Wojtas
edf9ef7384 Enable Marvell gpio driver to work with many controllers
This patch moves all global data structures into mv_gpio_softc,
and puts device_t parameter to functions calls everywhere where needed.
As a result, we can create multiple driver instances.

Removed names in function declaration to keep style.

Submitted by: Patryk Duda <pdk@semihalf.com>
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D14755
2018-04-04 13:20:29 +00:00
Marcin Wojtas
ad2be10ff0 Improve interrupt and resource allocation in Marvell GPIO driver
This patch adds support for more than one interrupts
in GPIO controller. It reads necessary information (such as cell size)
from FDT, so there are no magic numbers.

Note that interrupts are still not working, but this patch makes
one good step in correct direction

Submitted by: Patryk Duda <pdk@semihalf.com>
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D14754
2018-04-04 13:12:49 +00:00
Marcin Wojtas
1c45bd112b Introduce port debouncing mechanism in mv_gpio driver
This patch introduces gpio debouncing mechanism
with fixed memory allocation in critical section.

When you press button, value at gpio pin connected to button
is changing many times which will cause in unexpected behaviour.
Debouncing mechanism will prevent this phenomenon

Submitted by: Patryk Duda <pdk@semihalf.com>
	      Wojciech Macek <wma@semihalf.com>
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D14753
2018-04-04 13:08:51 +00:00
Marcin Wojtas
46db728392 Match Marvell Armada38X PCIE ranges in dts with Linux
If driver cannot determine ranges based on fdt, it will calculate
them based on number and type of current port.

Submitted by: Rafal Kozik <rk@semihalf.com>
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D14752
2018-04-04 13:01:14 +00:00
Ruslan Bukin
17f651708e Import OpenCSD -- an ARM CoreSight(tm) Trace Decode Library.
Sponsored by:	DARPA, AFRL
2018-04-04 12:55:31 +00:00
Marcin Wojtas
13d464bf71 Change reg in Marvell Armada38X pcie FDT
Ranges in pcie-controller are unused, so could be changed to match Linux
device tree represntation. Same with interrupt-cells and interrupt-parent.
In PCI controller driver ocd_data are used for matching driver and
choose proper resources acquisition function.
fdt_win_process_child have new argument which provide information
about fdt node containing addresses of MMIO registers.

Submitted by: Rafal Kozik <rk@semihalf.com>
Reviewed by: manu [DT part]
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D14751
2018-04-04 12:54:18 +00:00
Marcin Wojtas
d310c9e018 Add api for creating resource list based on 'assigned-addresses'
According to device tree binding 'assigned-addresses' can refer to PCIE MMIO
register space. New function ofw_bus_assigned_addresses_to_rl is
provided to support it.

Submitted by: Rafal Kozik <rk@semihalf.com>
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D14750
2018-04-04 12:47:41 +00:00
Marcin Wojtas
c7dbc00c34 Match Marvell Armada38X PCI compatible with Linux
In Linux FDT pcie does not have compatible string.
Configuration of windows in mv_common was based on fdt compatible.
Now pcie windows are configured by their parent: pcie_controller.
Processing is moved to fdt_win_process_child. fdt_win_process now
only walk through the tree. SOC_NODE_PCI is position of pcie function in
soc_node_spec array.

PCIe probe cannot use ofw_bus_search_compatible, because it needs to
check also device type and parents compatible.

Submitted by: Rafal Kozik <rk@semihalf.com>
Reviewed by: manu [DT part]
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D14749
2018-04-04 12:41:42 +00:00