FreeBSD/src dfad790sys/kern sys_generic.c kern_sendfile.c, sys/sys syscallsubr.h

sendfile: stop abusing kern_writev()

Provide convenient wrapper kern_filewrite() around fo_write().
Switch to use it in vn_sendfile().  This allows to avoid duplicate
fget() when we already have the reference to the file, which creates a
correctness race with the userspace.  Also td_retval[0] clearing hack
can be removed.

Reviewed by:    glebius, markj
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D58035
DeltaFile
+30-11sys/kern/sys_generic.c
+13-12sys/kern/kern_sendfile.c
+2-0sys/sys/syscallsubr.h
+45-233 files

FreeBSD/src 11bd6adsys/compat/linux linux_if.c

linux: switch off interface name translation and schedule its removal

Modern Linuxes don't use ethX for almost 15 years already, see [1] and
[2].  The translation logic has always been a source of bugs and PITA.
Switch default to not translate (long due!) and schedule removal of the
code for FreeBSD 17.

[1] https://systemd.io/PREDICTABLE_INTERFACE_NAMES/
[2] https://www.freedesktop.org/software/systemd/man/latest/systemd.net-naming-scheme.html

Reviewed by:            iwtcex_gmail.com, vvd, melifaro, dchagin
Differential Revision:  https://reviews.freebsd.org/D57852
DeltaFile
+18-3sys/compat/linux/linux_if.c
+18-31 files

FreeBSD/src 6cfc526sys/dev/acpica acpi_apei.c

acpi: fix instant panic in hest_attach()

Since now there is a pseudo-bus between our device and acpi0, we need to
go deeper.

Fixes:  9313f6b01485ad9a0b7cc59b459f5714533587c3
DeltaFile
+1-1sys/dev/acpica/acpi_apei.c
+1-11 files

FreeBSD/src 81bab70usr.sbin/acpi Makefile, usr.sbin/acpi/einj einj.c einj.8

einj: Tool to manage APEI error injection

This tool supports two commands.  The list command outputs a summary
of injectable errors supported by the current system.  The inject
command injects the requested error.

Reviewed by:    gallatin, imp
Sponsored by:   Netflix
Differential Revision:  https://reviews.freebsd.org/D58026
DeltaFile
+256-0usr.sbin/acpi/einj/einj.c
+73-0usr.sbin/acpi/einj/einj.8
+4-0usr.sbin/acpi/einj/Makefile
+1-1usr.sbin/acpi/Makefile
+334-14 files

FreeBSD/src bc49842share/man/man4 acpi_einj.4 Makefile, sys/dev/acpica acpi_einj.c acpiio.h

acpi_einj: Support for ACPI error injection

This driver parses the ACPI EINJ table and builds a list of
instructions associated with known actions.  It then exports ioctls to
fetch the set of supported errors and inject system errors by
executing specific sequences of actions.  This can be used to test
error reporting facilities for events such as ECC errors.

Reviewed by:    gallatin
Sponsored by:   Netflix
Differential Revision:  https://reviews.freebsd.org/D58025
DeltaFile
+777-0sys/dev/acpica/acpi_einj.c
+58-0share/man/man4/acpi_einj.4
+39-0sys/dev/acpica/acpiio.h
+7-0sys/modules/acpi/acpi_einj/Makefile
+1-0share/man/man4/Makefile
+1-0sys/modules/acpi/Makefile
+883-06 files

FreeBSD/src 9313f6bsys/conf files, sys/dev/acpica acpi_apei_bus.c acpi_apei.c

acpi: Add a pseudo-bus for APEI devices to manage resources

Different APEI tables can reuse the same registers (and sometimes
different views of the same register, e.g. 32- vs 64-bit mappings of
the same register).  To enable this sharing, apei0 now acts as a bus
device managing a pool of allocated resources and handing out mappings
to child devices which handle individual tables.

Most of the previous apei(4) driver has been moved into a new
hest0 device that is a child of apei0.

Reviewed by:    gallatin
Sponsored by:   Netflix
Differential Revision:  https://reviews.freebsd.org/D58024
DeltaFile
+435-0sys/dev/acpica/acpi_apei_bus.c
+39-120sys/dev/acpica/acpi_apei.c
+54-0sys/dev/acpica/apeivar.h
+49-0sys/dev/acpica/apei_if.m
+2-0sys/conf/files
+579-1205 files

FreeBSD/src e1f4a8csys/x86/include apicvar.h, sys/x86/x86 local_apic.c

x86/local_apic.c: Thermal interrupt support: Additional style fixes

Rename handler function type 'lapic_thermal_handle_function' to the
shorter 'lapic_thermal_handler_t'.  Move it closer to the function
declaration block where it is used.  Make it a true function type (no
pointer) and add explicit pointer marks on usage.

Rename 'lapic_thermal_function_value' to the more immediately clear
'lapic_thermal_function_arg'.  In lapic_thermal_enable(), use 'func_arg'
as the argument name for the handler argument, which at least refers to
function 'func', rather than the generic 'value'.

Finally, rename the global handler variable from
'lapic_thermal_function_ptr' to the shorter 'lapic_thermal_function'
(dynamic functions can be referenced only through a pointer).

MFC with:       87ba088fa310 ("x86/local_apic.c: Add support for installing a thermal interrupt handler")
Sponsored by:   The FreeBSD Foundation
DeltaFile
+11-11sys/x86/x86/local_apic.c
+4-2sys/x86/include/apicvar.h
+15-132 files

FreeBSD/src 87ba088sys/amd64/amd64 apic_vector.S, sys/x86/include apicvar.h

x86/local_apic.c: Add support for installing a thermal interrupt handler

The thermal interrupt is initially masked.

Thermal interrupt handling is enabled by calling lapic_enable_thermal(),
which installs a (single) handler.

[olce: Wrote the commit message.]

Reviewed by:    kib, olce
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D44454
DeltaFile
+72-2sys/x86/x86/local_apic.c
+8-4sys/x86/include/apicvar.h
+9-0sys/amd64/amd64/apic_vector.S
+89-63 files

FreeBSD/src 1ea204bsys/netinet in_pcb.c in_pcb.h

inpcb: make net.inet.ip.portrange port number limiting sysctls unsigned

And make net.inet.ip.portrange.randomized boolean.

Reviewed by:            pouria, tuexen, markj
Differential Revision:  https://reviews.freebsd.org/D57291
DeltaFile
+24-24sys/netinet/in_pcb.c
+9-9sys/netinet/in_pcb.h
+33-332 files

FreeBSD/src 3fdb1b6sys/netinet6 in6_pcb.c

netinet6: further refactor in6_pcbconnect()

A mistake from 90ea8e89d9b7 is that in6_pcblookup_internal() was skipped
for an inpcb that had unspecified local address.  This is incorrect, as
such inpcb could have already have a port set, and in_pcb_lport_dest()
shall not be called on such inpcb.  That could lead to creation of an
alised connection in the database.

This makes the function almost identical to in_pcbconnect().  While here,
fix minor bug of missing INP_ANONPORT.  This flag has no use in kernel,
but affects netstat(1) output in certain mode.

Fixes:  90ea8e89d9b751e8b5ae90ef3397883b035788e5
Reviewed by:            pouria
Differential Revision:  https://reviews.freebsd.org/D57987
DeltaFile
+19-15sys/netinet6/in6_pcb.c
+19-151 files

FreeBSD/src 0083a4dtests/sys/kern procdesc.c

tests/procdesc: Add some test cases for pdopenpid()

Reviewed by:    kib
MFC with:       5c32aa785184 ("kern: add pdopenpid(2)")
Differential Revision:  https://reviews.freebsd.org/D58023
DeltaFile
+467-0tests/sys/kern/procdesc.c
+467-01 files

FreeBSD/src 3e3752csys/net if_bridge.c

if_bridge: Remove unused disable parameter in bridge_stop

The ```int disable``` parameter is included in the bridge_stop function
signature but is not used in the function body.

I had noticed this when tracing the driver's path while learning more
about the ifnet library.

This parameter originally appeared when importing the driver from NetBSD.
However, the FreeBSD ifnet library no longer requires an if_stop function.
Meaning that the function signature can be changed to only contain needed
parameters for our bridge driver.

Discussed with: freebsd-net@ mailing list
Signed-off-by:  Acesp25 <acesp25 at freebsd.org>
Reviewed by:    kp
Pull-Request:   https://github.com/freebsd/freebsd-src/pull/2290
DeltaFile
+5-5sys/net/if_bridge.c
+5-51 files

FreeBSD/src 07f780csys/dev/mlx5 mlx5_ifc.h driver.h, sys/dev/mlx5/mlx5_core mlx5_srq.c

mlx5: propagate the DEVX uid through SRQ create and destroy

The SRQ command builders never stamped the owning DEVX uid into the
firmware CREATE_SRQ/CREATE_RMP/CREATE_XRC_SRQ commands, so a basic SRQ
was always created with uid 0.  Every modern libmlx5 context runs with a
DEVX uid, and the QPs that reference the SRQ carry that uid, so firmware
rejected CREATE_QP with "bad resource": a uid-owned QP may not reference
a uid-0 SRQ.

Reviewed by:    kib
Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+27-3sys/dev/mlx5/mlx5_core/mlx5_srq.c
+1-1sys/dev/mlx5/mlx5_ifc.h
+1-0sys/dev/mlx5/driver.h
+29-43 files

FreeBSD/src 284e06dsys/dev/mlx5/mlx5_core mlx5_cq.c

mlx5: guard against a NULL CQ event handler in mlx5_cq_event()

DEVX and mlx5en created CQs are registered without an asynchronous
event handler (mcq.event is NULL).  An asynchronous CQ_ERROR event for
such a CQ made mlx5_cq_event() call through a NULL pointer and panic.

Reviewed by:    kib
Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+2-1sys/dev/mlx5/mlx5_core/mlx5_cq.c
+2-11 files

FreeBSD/src 0e9bbbdsys/dev/mlx5/mlx5_core mlx5_eq.c

mlx5: pass the full EQE to the DEVX event notifier

The DEVX event notifier and its helpers expect a full struct mlx5_eqe
and read eqe->data from it, but mlx5_eq_int() passed &eqe->data, so the
data offset was applied twice.

Reviewed by:    kib
Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+1-1sys/dev/mlx5/mlx5_core/mlx5_eq.c
+1-11 files

FreeBSD/src a729866sys/ofed/drivers/infiniband/core ib_uverbs_main.c

ofed/ib_uverbs: release rdma_user_mmap entry ref in rdma_umap_close()

Import Linux upstream commit 3411f9f01b76bd88aa6e0e013847ab6479cb4f24.

rdma_umap_priv_init() takes a reference on the rdma_user_mmap entry for
every VMA it maps, but rdma_umap_close() never dropped it.  The entry
was therefore never freed and lingered in ucontext->mmap_xa, tripping
WARN_ON(!xa_empty(&ucontext->mmap_xa)) at context teardown and leaking
the firmware UAR on every context close.

Reviewed by:    kib
Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+2-0sys/ofed/drivers/infiniband/core/ib_uverbs_main.c
+2-01 files

FreeBSD/src 80902b8sys/dev/mlx5/mlx5_ib mlx5_ib_main.c

mlx5ib: advertise write-combining support for dynamic BlueFlame UARs

Import Linux upstream commit 1f3db161881b7e21efb149e0ae8152b79a571a8f.

dev->wc_support was never set, so it was always false and the UAR ioctl
refused BlueFlame (write-combining) UAR allocations with EOPNOTSUPP.
That breaks QP creation in pure dynamic-UAR mode, where user space asks
for a BF doorbell UAR.

Reviewed by:    kib
Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+10-0sys/dev/mlx5/mlx5_ib/mlx5_ib_main.c
+10-01 files

FreeBSD/src 631e57dsys/dev/mlx5/mlx5_ib mlx5_ib_main.c mlx5_ib.h

mlx5ib: encode dynamic UAR mmap offsets in the reserved command range

The UAR ioctl handed user space a raw mmap offset, so the first dynamic
UAR landed at page offset 0.  mlx5_ib_mmap() decodes offset 0 as the
legacy regular-page command and routed the mapping through the old bfreg
path, which rejects dynamic-UAR contexts, so mmap() failed with EINVAL
and mlx5dv_devx_alloc_uar() returned NULL.

Follow the upstream scheme: reserve the mmap command range [9, 255] for
rdma_user_mmap entries and return command-encoded offsets, so the
dynamic-UAR mappings decode to the intended mlx5_ib_mmap() path.

Reviewed by:    kib
Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+21-3sys/dev/mlx5/mlx5_ib/mlx5_ib_main.c
+11-0sys/dev/mlx5/mlx5_ib/mlx5_ib.h
+32-32 files

FreeBSD/src 412aa22sys/dev/mlx5/mlx5_ib mlx5_ib_main.c

mlx5ib: allocate IB queue counters as a shared resource

A QP owned by a DEVX uid references the port's queue counter.  The
counter was allocated with uid 0, so RST2INIT_QP on a uid-owned QP
failed with "bad resource state".

Allocate and free the IB queue counters directly and, on devices that
support user contexts, stamp them with MLX5_SHARED_RESOURCE_UID so
uid-owned QPs can use them.

The code follows the Linux commit d2c8a1554c10d5e0443b1f97f480d7dacd55cf55
("IB/mlx5: Enable UAR to have DevX UID").

Reviewed by:    kib
Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+26-6sys/dev/mlx5/mlx5_ib/mlx5_ib_main.c
+26-61 files

FreeBSD/src bfe14bfsys/dev/mlx5 mlx5_ifc.h, sys/dev/mlx5/mlx5_core mlx5_eq.c

mlx5: mark completion EQs as a shared resource for DEVX uids

A firmware object owned by a DEVX uid may only reference resources owned
by the same uid or ones explicitly marked as shared.  Completion EQs
were created with uid 0, so a CQ owned by a DEVX uid could not attach to
its EQ and CREATE_CQ failed with "bad resource".

Create completion EQs with MLX5_SHARED_RESOURCE_UID on devices that
support user contexts, so uid-owned CQs can use them.

The code follows the Linux commit d2c8a1554c10d5e0443b1f97f480d7dacd55cf55
("IB/mlx5: Enable UAR to have DevX UID").

Reviewed by:    kib
Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+8-0sys/dev/mlx5/mlx5_core/mlx5_eq.c
+7-1sys/dev/mlx5/mlx5_ifc.h
+15-12 files

FreeBSD/src b7ca46bsys/dev/mlx5 mlx5_ifc.h, sys/dev/mlx5/mlx5_ib mlx5_ib_main.c

mlx5ib: implement the MLX5_IB_OBJECT_UAR ioctl object

Import Linux upstream commit 342ee59de98a2ecdf15a46849a2534e7c808eb1f.

The dynamic UAR object was declared in the ABI headers but had no handler,
so the ioctl was rejected and dynamic-UAR contexts could not allocate a
doorbell UAR at all.

Implement the alloc and destroy methods following the upstream driver:
grab a UAR stamped with the caller's DEVX uid, expose it to user space
through an rdma_user_mmap entry (write-combining or non-cached as
requested), and free it on destroy.

Reviewed by:    kib
Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+162-1sys/dev/mlx5/mlx5_ib/mlx5_ib_main.c
+2-2sys/dev/mlx5/mlx5_ifc.h
+164-32 files

FreeBSD/src 705d6cfsys/dev/mlx5/mlx5_ib mlx5_ib_main.c mlx5_ib.h

mlx5_ib: register DEVX objects in the uverbs ioctl parse tree

Import Linux upstream commits a8b92ca1b0e5ce620e425e9d2f89ce44f1a82a82
and c59450c463695a016e823175bac421cff219935d.

The DEVX object and method definitions were already present, but nothing
pointed ib_device.driver_def at them.  ibcore therefore never merged
them into the uverbs uapi tree and every DEVX ioctl came back as
EPROTONOSUPPORT.

Reviewed by:    kib
Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+20-2sys/dev/mlx5/mlx5_ib/mlx5_ib_main.c
+1-0sys/dev/mlx5/mlx5_ib/mlx5_ib.h
+21-22 files

FreeBSD/src 2e3b3cesys/dev/mlx5/mlx5_core mlx5_eq.c, sys/dev/mlx5/mlx5_ib mlx5_ib_devx.c

mlx5_ib: do not consume CMD/PAGE_REQUEST events in the DEVX notifier

DEVX event notifier returned true for the command-completion and
page-request events. This is causing mlx5_eq_int() to skip the core EQ
handler, so the firmware command interface and the page supply stop
being serviced and the device wedges.

This commit also make notifier registration and dispatch safe against
the EQ interrupt running concurrently: publish the table pointer before
the callback and load it with acquire semantics. run the callback under
RCU, and drain it with synchronize_rcu() on teardown. Otherwise the
interrupt handler could observe a half-initialized notifier or race with
cleanup.

Reviewed by:    kib
Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+28-7sys/dev/mlx5/mlx5_ib/mlx5_ib_devx.c
+30-3sys/dev/mlx5/mlx5_core/mlx5_eq.c
+58-102 files

FreeBSD/src 716bb8dsys/ofed/include/uapi/rdma mlx5-abi.h

mlx5: extend mlx5_ib_create_cq struct with fields from the current Linux ABI

This is backward ABI-compatible, because the only place in kernel that
uses the structure, namely the mlx5_ib_cq.c:mlx5_ib_create_cq()
function, copies in as much structure members as provided by userspace.

Tested by:      Wafa Hamzah <wafah at nvidia.com>
Sponsored by:   Nvidia networking
MFC after:      1 month
DeltaFile
+4-0sys/ofed/include/uapi/rdma/mlx5-abi.h
+4-01 files

FreeBSD/src 77a6696libarchive/test test_read_format_rar_newsub_rr_over_1m.rar.uu test_read_format_zip_winzip_aes256_large_zstd.zip.uu

Update vendor/libarchive to 3.8.8

New features in 3.8.8:
 #2685 add support for reading encrypted zipx formats
       (bzip2, lzma, ppmd, xz, zstd)

Bugfixes between 3.8.7 and 3.8.8:

Core:
 #2905 Fix NULL pointer increment in archive_acl_from_text_nl
 #2927 archive_match: Prevent call stack overflow
 #2928 pathmatch: Treat anchors not special without flags
 #2942 fix `archive_entry_set_mode` & `archive_entry_set_perm`
 #2957 Fix a double-free in the link resolver
 #2971 Fix mem leaks found with ASAN-enabled test suites
 #2988 Fix buffer overrun and wrong output for NULL-name ACL entries
 #2998, §3009: archive_read: FATAL should be sticky for all API calls
 #3010 Date parsing: reject dates with numbers of more than 4 digits
 #3011 acl: parser out-of-bounds read

    [111 lines not shown]
DeltaFile
+23,307-0libarchive/test/test_read_format_rar_newsub_rr_over_1m.rar.uu
+2,053-0libarchive/test/test_read_format_zip_winzip_aes256_large_zstd.zip.uu
+1,898-0libarchive/test/test_read_format_zip_winzip_aes256_large_xz.zip.uu
+1,893-0libarchive/test/test_read_format_zip_winzip_aes256_large_lzma.zip.uu
+1,616-0libarchive/test/test_read_format_zip_winzip_aes256_large_bzip2.zip.uu
+1,399-0libarchive/test/test_read_format_zip_winzip_aes256_large_ppmd.zip.uu
+32,166-0353 files not shown
+43,965-3,364359 files

FreeBSD/src 849a51alib/libsys pdfork.2

pdfork.2: grammar

Submitted by:   des
MFC after:      1 week
DeltaFile
+3-1lib/libsys/pdfork.2
+3-11 files

FreeBSD/src 478d81etests/sys/kern aslr.c

tests/aslr: Fix spurious test failures

/sbin/ping and /sbin/ping6 are hard-linked, and the vmmap sysctl handler
doesn't know which name was used to launch the process.

PR:             296116
MFC after:      3 days
Fixes:          080a4087014e ("tests: Fix race condition in aslr_setuid")

(cherry picked from commit 81cf9a0ca765b48a430da61c221be17c4d0f753a)
DeltaFile
+16-4tests/sys/kern/aslr.c
+16-41 files

FreeBSD/src f9f7b3asbin/ping/tests test_ping.py

ping: Fix bell char ordering in -A test cases

Previously, these tests expected the bell chars to arrive
before the initial status line. This appeared to be ok because
ping(8) incorrectly mixed unbuffered and buffered writes by using
printf(3) calls for the initial status, but direct write(2) calls
for the bell chars. 141bb85798 revealed that the test's assertions
only passed because the buffered writes did not get flushed before
the direct writes in the test runs.

8bda488114f3 fixed ping(8) to use POSIX stdio buffered writes
in all cases and guarantee a deterministic output ordering to stdout
observers. This patch fixes the test to match the correct ordering.

Reviewed by:    des
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit 7ac9995a062ff9f78b634fe403e6a313f5637945)
(cherry picked from commit 5b8c28adb829b50fb8ac065637fa99f717858bab)
(cherry picked from commit f7f916d755fe5b48a2a68a937beea770b7bafa95)
DeltaFile
+4-4sbin/ping/tests/test_ping.py
+4-41 files

FreeBSD/src b38b0besbin/ping ping6.c ping.c

ping: Flush stdout after printing initial status

MFC after:      1 week
Reviewed by:    markj
Differential Revision:  https://reviews.freebsd.org/D57765

(cherry picked from commit 141bb8579882f9d1f7e95351573e30f10689f4bf)

ping: Don't mix stdio and direct writes

POSIX does not allow mixing direct writes to STDOUT_FILENO with stdio
operations on stdout like we do here.  More importantly, it causes
tests to fail randomly (or not-so-randomly after I added an fflush in
a previous commit).

MFC after:      1 week
Reviewed by:    markj
Differential Revision:  https://reviews.freebsd.org/D57884

(cherry picked from commit 8bda488114f330d758e6741ff44882bb12b76c0d)
DeltaFile
+18-10sbin/ping/ping6.c
+17-10sbin/ping/ping.c
+35-202 files

FreeBSD/src 19a4967tests/sys/kern aslr.c Makefile

tests: Fix race condition in aslr_setuid

Use a cloexec pipe to block the parent until the child is ready.

While here, redirect the output from ping to /dev/null, and mark the
test as requiring the inet feature since we ping the IPv4 loopback.

PR:             296116
MFC after:      1 week
Reviewed by:    markj
Differential Revision:  https://reviews.freebsd.org/D57734

(cherry picked from commit 080a4087014e1d19136cc77028019d98b5c69e1e)

tests: Fix race condition in aslr_setuid, take 2

Instead of a cloexec pipe, ingest ping's stdout and block until it has
printed its initial summary, then close the pipe and return to the main
test loop.  Run ping in quiet mode so it won't mind that stdout is gone.

    [8 lines not shown]
DeltaFile
+12-4tests/sys/kern/aslr.c
+1-0tests/sys/kern/Makefile
+13-42 files