This fixes a clang 19 warning:
crypto/heimdal/lib/krb5/deprecated.c:75:17: error: comparison of different enumeration types ('krb5_keytype' (aka 'enum ENCTYPE') and 'enum krb5_keytype_old') [-Werror,-Wenum-compare]
75 | if (keytype != KEYTYPE_DES || context->etypes_des == NULL)
| ~~~~~~~ ^ ~~~~~~~~~~~
In https://github.com/heimdal/heimdal/commit/3bebbe5323 this was solved
by adding a cast. That commit is rather large, so I'm only applying the
one-liner here.
MFC after: 3 days
Pass VM_NOFREE_IMPORT_ORDER to vm_phys_alloc_pages instead of
VM_LEVEL_0_ORDER when allocating a higher-order page for
the NOFREE page allocator.
Reported by: alc
Fixes: a8693e8
This mirrors ppoll's visibility in sys/poll.h and fixes a build issue
with some _POSIX_C_SOURCE requests due to missing the sigset_t typedef.
Reported by: eduardo
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
This patch modifies pmap_growkernel in all pmaps to use VM_ALLOC_NOFREE
when allocating new pagetable pages. This should help reduce longterm
fragmentation as these pages are never released after
they are allocated.
Differential Revision: https://reviews.freebsd.org/D45998
Reviewed by: alc, markj, kib, mhorne
Tested by: alc
This patch adds a new KVA arena for separating M_NEVERFREED allocations.
Separating KVAs for pages that are never freed should facilitate
superpage promotion in the kernel.
Differential Revision: https://reviews.freebsd.org/D45997
Reviewed by: alc, kib, markj
Tested by: alc
This patch adds a reservation-aware bump allocator intended for
allocating NOFREE pages. The main goal of this change is to reduce the
long-term fragmentation issues caused by pages that are never freed during runtime.
The `vm_page_alloc_nofree_domain` routine hands out 0-order pages from
a preallocated superpage. Once an active NOFREE superpage fills up, the
routine will try to allocate a new one and discard the old one.
This routine will get invoked whenever VM_ALLOC_NOFREE is passed to
vm_page_alloc_noobj or vm_page_alloc.
Differential Revision: https://reviews.freebsd.org/D45863
Reviewed by: alc, kib, markj
Tested by: alc
This patch adds two additional vm_page flags to distinguish pages that
never get released while the system is running (e.g. UMA_ZONE_NOFREE slabs).
Differential Revision: https://reviews.freebsd.org/D45970
Reviewed by: alc, kib, markj
Tested by: alc
This patch adds an additional malloc(9) flag to distinguish allocations
that are never freed during runtime.
Differential Revision: https://reviews.freebsd.org/D45045
Reviewed by: alc, kib, markj
Tested by: alc
Right now, only IPv4 transport mode, with aes-gcm ESP, is supported.
Driver also cooperates with NAT-T, and obeys socket policies, which
makes IKEd like StrongSwan working.
Sponsored by: NVIDIA networking
Specifically, ipsec_accel_on_ifdown() and ipsec_accel_drv_sa_lifetime_update()
should be present in kernel for future mlx5en driver to be statically
linkable into the kernel built with IPSEC_HOOKS + IPSEC_OFFLOAD.
Sponsored by: NVIDIA networking
Previously, to destroy an ithread we would set IT_DEAD in its flags, and
then wake it up if it wasn't already running. After doing this,
intr_event_destroy() would free the intr_event structure. However, it
did not wait for the ithread to exit, so it was possible for the ithread
to access the intr_event after it was freed.
This use-after-free happens readily when running the pf tests in
parallel, since they frequently create and destroy VNET jails, and pf
registers several VNET-local swi handlers.
Fix the race by modifying ithread_destroy() to wait until the ithread
has signaled that it is about to exit by setting ie->ie_thread = NULL.
Existing callers of intr_event_destroy() are allowed to sleep.
Reported by: KASAN
Reviewed by: kib, jhb
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D45492
We currently destroy the ithread in intr_event_destroy(). In
preparation for fixing a bug there, remove this dead code and reorganize
a bit to avoid some code duplication. No functional change intended.
Reviewed by: kib, jhb
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D45490
The increment of 1 was intended to convert qp->maxr2t from 0's based
to 1 based before multiplying by the queue length.
Sponsored by: Chelsio Communications
If a queue pair is destroyed (e.g. due to the TCP connection dropping)
while a host to controller data transfer is in progress, the
pending_r2ts counter can be non-zero. This can later trigger an
assertion failure when the capsule is freed. To fix, update the
relevant R2T accounting stats when aborting active command buffers
during queue pair destruction.
Sponsored by: Chelsio Communications
Using holes in the memory map to create external mappings (for example grants
or foreign maps) can be dangerous, as the guest might not have enough knowledge
of whether such holes are maybe MMIO of some devices.
Workaround this by using UNUSABLE e820 ranges as scratch space for external
mappings. The e820 memory map provided to dom0 is based on the native one, but
since PVH dom0 uses second stage translation, the UNUSABLE ranges on the host
memory map doesn't affect it, and we can also guarantee no device MMIO uses
those.
Additionally, any RAM in the e820 not available to dom0 because dom0
memory has been limited on the command line, or because those are in use by
Xen, are converted to UNUSABLE in the dom0 memory map.
Note that domU don't usually have UNUSABLE ranges in their memory maps, and
hence the logic introduced here won't help in avoiding conflicts with MMIO
regions. However the usage of external mappings on domUs is in general
limited, and the logic introduced here simply won't be helpful to them, but
won't regress the current state.
Sponsored by: Cloud Software Group
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D46123
The current approach is to create foreign mappings in any unpopulated address
on the memory map. This however can cause issues, as late-loaded drivers could
then found their MMIO region has been stolen to be used as foreign mapping
scratch space (due to the Xen drivers having started first).
Add a local resource manager to the xenpv bus driver, architectures can add
suitable resources to that resource manager at boot in order to be used in
preference of the generic MMIO resource allocator.
No functional change, as the introduced scratch mapping range is not yet
populated.
Sponsored by: Cloud Software Group
MFC after: 1 week
Reviewed by: Elliott Mitchell <ehem+freebsd@m5p.com>
Differential revision: https://reviews.freebsd.org/D46122
Use the correct loader code that adds an inactive highlighted menu item
indicating that an update is needed.
My laptop is the only machine that I have a boot menu. I'd debugged the
menu part there, but had all the other changes, including my original
menu code, on my server and hadn't copied it back before pushing.
Fixes: 0eac99f76e
Sponsored by: Netflix
The function is called by rtld with the rtld bind lock write-locked,
when fixing the stack permission during dso load. Not every ARMv7 CPU
supports the div, which causes the recursive entry into rtld to resolve
the __aeabi_uidiv symbol, causing self-lock.
Workaround the problem by using roundup2() instead of open-coding less
efficient formula.
Diagnosed by: mmel
Based on submission by: John F Carr <jfc@mit.edu>
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
which makes threaded fork ignore the phdr rtld lock, in particular
allowing the dl_iterate_phdr() to block in callback. The cost is that
the image started in this mode cannot use dl_iterate_phdr() after fork.
PR: 280318
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
When the boot loader version is too old, add a warning to the boot menu
to maybe catch people's attention.
Sponsored by: Netflix
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D45890
If the loader is < 3.0, print a warning that it's too old and needs to
be upgraded.
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D45889
Each incompatible change we make, we bump the major version. We've not
done the bump in a while, so sync everybody to 3.0. Anything older than
3.0 will be given a warning that their boot loader is too old. We check
only the major version, though, so minor versions can still be bumped
for individual loaders (though I honestly doubt we'll ever need to do
that again).
Sponsored by: Netflix
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D45888
This reverts commit 552f3072af.
loader.command_error was added just after 11.2, but appears to not have
been back ported to 11.x. 11.0 was the first lua loader release, so keep
this compat shim until we sort out what to do.
MFC After: 3 days
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D45883
This reverts commit ab97d42add.
There's too many people in the field with FreeBSD 12.0 loader.efi that
stubbed their toe on upgrading to 14.1 since they'd not updated
loader.efi. While we sort out that mess, add back this workaround. Can
revisit after 14.2 maybe.
MFC After: 3 days
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D45882
This reverts commit 8b9178cd0d.
Really old loader.efi files persist in the field. Revert this to support
it. We need to support this through at least 14.2 now, alas.
MFC After: 3 days
Sponsored by: Netflix
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D45881
This line is no longer needed as fallback, and should have been deleted
in 7870a52598 instead of commented out, but 26 years later, I have a
high degree of confidence that old change was right and we won't need
this line as a fallback.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D45880
We long ago changed newvers.sh to make these comments bogus. Remove
them since every single one of them is broken after the $FreeBSD$
removal.
Sponsored by: Netflix
Reviewed by: kevans, jhb
Differential Revision: https://reviews.freebsd.org/D45879
Currently the assert checks for XOR of final and len.
This assert fails when running the unit tests in siphash_test.c.
We need to allow the case where both values are zero.
Signed-off-by: Mark O'Donovan <shiftee@posteo.net>
Reviewed by: imp, cperciva
Pull Request: https://github.com/freebsd/freebsd-src/pull/1324
GCC 14 (but not earlier versions) warns about a missing prototype
for getrandom(). Include <sys/random.h> explicitly to bring in the
prototype rather than depending on a nested include. While here,
stop defining sysctl_random() since it is no longer used.
Reviewed by: brooks
Fixes: 838b6caaba openssl: use getrandom(2) instead of probing for getentropy(2)
Differential Revision: https://reviews.freebsd.org/D45995
If test is called as [ and one forgets to close the bracket, the error
message is currently
[: missing ]
To make it obvious that this is not something printed in brackets,
quote the closing bracket in the message, which is what everybody else
is doing:
[: missing ']'
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1346
The man page states that the -d flag can be used to show the dropped
packets. But, the number of dropped input packets are always shown,
independent of the -d flag. This commit clarifies that the -d flag will
add the number of dropped output packets to the output.
MFC after: 3 days
Reviewed by: imp, Alexander Ziaee
Pull Request: https://github.com/freebsd/freebsd-src/pull/1332
