sendfile: stop abusing kern_writev()
Provide convenient wrapper kern_filewrite() around fo_write().
Switch to use it in vn_sendfile(). This allows to avoid duplicate
fget() when we already have the reference to the file, which creates a
correctness race with the userspace. Also td_retval[0] clearing hack
can be removed.
Reviewed by: glebius, markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D58035
acpi: fix instant panic in hest_attach()
Since now there is a pseudo-bus between our device and acpi0, we need to
go deeper.
Fixes: 9313f6b01485ad9a0b7cc59b459f5714533587c3
einj: Tool to manage APEI error injection
This tool supports two commands. The list command outputs a summary
of injectable errors supported by the current system. The inject
command injects the requested error.
Reviewed by: gallatin, imp
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D58026
acpi_einj: Support for ACPI error injection
This driver parses the ACPI EINJ table and builds a list of
instructions associated with known actions. It then exports ioctls to
fetch the set of supported errors and inject system errors by
executing specific sequences of actions. This can be used to test
error reporting facilities for events such as ECC errors.
Reviewed by: gallatin
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D58025
acpi: Add a pseudo-bus for APEI devices to manage resources
Different APEI tables can reuse the same registers (and sometimes
different views of the same register, e.g. 32- vs 64-bit mappings of
the same register). To enable this sharing, apei0 now acts as a bus
device managing a pool of allocated resources and handing out mappings
to child devices which handle individual tables.
Most of the previous apei(4) driver has been moved into a new
hest0 device that is a child of apei0.
Reviewed by: gallatin
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D58024
x86/local_apic.c: Thermal interrupt support: Additional style fixes
Rename handler function type 'lapic_thermal_handle_function' to the
shorter 'lapic_thermal_handler_t'. Move it closer to the function
declaration block where it is used. Make it a true function type (no
pointer) and add explicit pointer marks on usage.
Rename 'lapic_thermal_function_value' to the more immediately clear
'lapic_thermal_function_arg'. In lapic_thermal_enable(), use 'func_arg'
as the argument name for the handler argument, which at least refers to
function 'func', rather than the generic 'value'.
Finally, rename the global handler variable from
'lapic_thermal_function_ptr' to the shorter 'lapic_thermal_function'
(dynamic functions can be referenced only through a pointer).
MFC with: 87ba088fa310 ("x86/local_apic.c: Add support for installing a thermal interrupt handler")
Sponsored by: The FreeBSD Foundation
x86/local_apic.c: Add support for installing a thermal interrupt handler
The thermal interrupt is initially masked.
Thermal interrupt handling is enabled by calling lapic_enable_thermal(),
which installs a (single) handler.
[olce: Wrote the commit message.]
Reviewed by: kib, olce
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D44454
inpcb: make net.inet.ip.portrange port number limiting sysctls unsigned
And make net.inet.ip.portrange.randomized boolean.
Reviewed by: pouria, tuexen, markj
Differential Revision: https://reviews.freebsd.org/D57291
netinet6: further refactor in6_pcbconnect()
A mistake from 90ea8e89d9b7 is that in6_pcblookup_internal() was skipped
for an inpcb that had unspecified local address. This is incorrect, as
such inpcb could have already have a port set, and in_pcb_lport_dest()
shall not be called on such inpcb. That could lead to creation of an
alised connection in the database.
This makes the function almost identical to in_pcbconnect(). While here,
fix minor bug of missing INP_ANONPORT. This flag has no use in kernel,
but affects netstat(1) output in certain mode.
Fixes: 90ea8e89d9b751e8b5ae90ef3397883b035788e5
Reviewed by: pouria
Differential Revision: https://reviews.freebsd.org/D57987
if_bridge: Remove unused disable parameter in bridge_stop
The ```int disable``` parameter is included in the bridge_stop function
signature but is not used in the function body.
I had noticed this when tracing the driver's path while learning more
about the ifnet library.
This parameter originally appeared when importing the driver from NetBSD.
However, the FreeBSD ifnet library no longer requires an if_stop function.
Meaning that the function signature can be changed to only contain needed
parameters for our bridge driver.
Discussed with: freebsd-net@ mailing list
Signed-off-by: Acesp25 <acesp25 at freebsd.org>
Reviewed by: kp
Pull-Request: https://github.com/freebsd/freebsd-src/pull/2290
mlx5: propagate the DEVX uid through SRQ create and destroy
The SRQ command builders never stamped the owning DEVX uid into the
firmware CREATE_SRQ/CREATE_RMP/CREATE_XRC_SRQ commands, so a basic SRQ
was always created with uid 0. Every modern libmlx5 context runs with a
DEVX uid, and the QPs that reference the SRQ carry that uid, so firmware
rejected CREATE_QP with "bad resource": a uid-owned QP may not reference
a uid-0 SRQ.
Reviewed by: kib
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
mlx5: guard against a NULL CQ event handler in mlx5_cq_event()
DEVX and mlx5en created CQs are registered without an asynchronous
event handler (mcq.event is NULL). An asynchronous CQ_ERROR event for
such a CQ made mlx5_cq_event() call through a NULL pointer and panic.
Reviewed by: kib
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
mlx5: pass the full EQE to the DEVX event notifier
The DEVX event notifier and its helpers expect a full struct mlx5_eqe
and read eqe->data from it, but mlx5_eq_int() passed &eqe->data, so the
data offset was applied twice.
Reviewed by: kib
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
ofed/ib_uverbs: release rdma_user_mmap entry ref in rdma_umap_close()
Import Linux upstream commit 3411f9f01b76bd88aa6e0e013847ab6479cb4f24.
rdma_umap_priv_init() takes a reference on the rdma_user_mmap entry for
every VMA it maps, but rdma_umap_close() never dropped it. The entry
was therefore never freed and lingered in ucontext->mmap_xa, tripping
WARN_ON(!xa_empty(&ucontext->mmap_xa)) at context teardown and leaking
the firmware UAR on every context close.
Reviewed by: kib
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
mlx5ib: advertise write-combining support for dynamic BlueFlame UARs
Import Linux upstream commit 1f3db161881b7e21efb149e0ae8152b79a571a8f.
dev->wc_support was never set, so it was always false and the UAR ioctl
refused BlueFlame (write-combining) UAR allocations with EOPNOTSUPP.
That breaks QP creation in pure dynamic-UAR mode, where user space asks
for a BF doorbell UAR.
Reviewed by: kib
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
mlx5ib: encode dynamic UAR mmap offsets in the reserved command range
The UAR ioctl handed user space a raw mmap offset, so the first dynamic
UAR landed at page offset 0. mlx5_ib_mmap() decodes offset 0 as the
legacy regular-page command and routed the mapping through the old bfreg
path, which rejects dynamic-UAR contexts, so mmap() failed with EINVAL
and mlx5dv_devx_alloc_uar() returned NULL.
Follow the upstream scheme: reserve the mmap command range [9, 255] for
rdma_user_mmap entries and return command-encoded offsets, so the
dynamic-UAR mappings decode to the intended mlx5_ib_mmap() path.
Reviewed by: kib
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
mlx5ib: allocate IB queue counters as a shared resource
A QP owned by a DEVX uid references the port's queue counter. The
counter was allocated with uid 0, so RST2INIT_QP on a uid-owned QP
failed with "bad resource state".
Allocate and free the IB queue counters directly and, on devices that
support user contexts, stamp them with MLX5_SHARED_RESOURCE_UID so
uid-owned QPs can use them.
The code follows the Linux commit d2c8a1554c10d5e0443b1f97f480d7dacd55cf55
("IB/mlx5: Enable UAR to have DevX UID").
Reviewed by: kib
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
mlx5: mark completion EQs as a shared resource for DEVX uids
A firmware object owned by a DEVX uid may only reference resources owned
by the same uid or ones explicitly marked as shared. Completion EQs
were created with uid 0, so a CQ owned by a DEVX uid could not attach to
its EQ and CREATE_CQ failed with "bad resource".
Create completion EQs with MLX5_SHARED_RESOURCE_UID on devices that
support user contexts, so uid-owned CQs can use them.
The code follows the Linux commit d2c8a1554c10d5e0443b1f97f480d7dacd55cf55
("IB/mlx5: Enable UAR to have DevX UID").
Reviewed by: kib
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
mlx5ib: implement the MLX5_IB_OBJECT_UAR ioctl object
Import Linux upstream commit 342ee59de98a2ecdf15a46849a2534e7c808eb1f.
The dynamic UAR object was declared in the ABI headers but had no handler,
so the ioctl was rejected and dynamic-UAR contexts could not allocate a
doorbell UAR at all.
Implement the alloc and destroy methods following the upstream driver:
grab a UAR stamped with the caller's DEVX uid, expose it to user space
through an rdma_user_mmap entry (write-combining or non-cached as
requested), and free it on destroy.
Reviewed by: kib
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
mlx5_ib: register DEVX objects in the uverbs ioctl parse tree
Import Linux upstream commits a8b92ca1b0e5ce620e425e9d2f89ce44f1a82a82
and c59450c463695a016e823175bac421cff219935d.
The DEVX object and method definitions were already present, but nothing
pointed ib_device.driver_def at them. ibcore therefore never merged
them into the uverbs uapi tree and every DEVX ioctl came back as
EPROTONOSUPPORT.
Reviewed by: kib
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
mlx5_ib: do not consume CMD/PAGE_REQUEST events in the DEVX notifier
DEVX event notifier returned true for the command-completion and
page-request events. This is causing mlx5_eq_int() to skip the core EQ
handler, so the firmware command interface and the page supply stop
being serviced and the device wedges.
This commit also make notifier registration and dispatch safe against
the EQ interrupt running concurrently: publish the table pointer before
the callback and load it with acquire semantics. run the callback under
RCU, and drain it with synchronize_rcu() on teardown. Otherwise the
interrupt handler could observe a half-initialized notifier or race with
cleanup.
Reviewed by: kib
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
mlx5: extend mlx5_ib_create_cq struct with fields from the current Linux ABI
This is backward ABI-compatible, because the only place in kernel that
uses the structure, namely the mlx5_ib_cq.c:mlx5_ib_create_cq()
function, copies in as much structure members as provided by userspace.
Tested by: Wafa Hamzah <wafah at nvidia.com>
Sponsored by: Nvidia networking
MFC after: 1 month
Update vendor/libarchive to 3.8.8
New features in 3.8.8:
#2685 add support for reading encrypted zipx formats
(bzip2, lzma, ppmd, xz, zstd)
Bugfixes between 3.8.7 and 3.8.8:
Core:
#2905 Fix NULL pointer increment in archive_acl_from_text_nl
#2927 archive_match: Prevent call stack overflow
#2928 pathmatch: Treat anchors not special without flags
#2942 fix `archive_entry_set_mode` & `archive_entry_set_perm`
#2957 Fix a double-free in the link resolver
#2971 Fix mem leaks found with ASAN-enabled test suites
#2988 Fix buffer overrun and wrong output for NULL-name ACL entries
#2998, §3009: archive_read: FATAL should be sticky for all API calls
#3010 Date parsing: reject dates with numbers of more than 4 digits
#3011 acl: parser out-of-bounds read
[111 lines not shown]
tests/aslr: Fix spurious test failures
/sbin/ping and /sbin/ping6 are hard-linked, and the vmmap sysctl handler
doesn't know which name was used to launch the process.
PR: 296116
MFC after: 3 days
Fixes: 080a4087014e ("tests: Fix race condition in aslr_setuid")
(cherry picked from commit 81cf9a0ca765b48a430da61c221be17c4d0f753a)
ping: Fix bell char ordering in -A test cases
Previously, these tests expected the bell chars to arrive
before the initial status line. This appeared to be ok because
ping(8) incorrectly mixed unbuffered and buffered writes by using
printf(3) calls for the initial status, but direct write(2) calls
for the bell chars. 141bb85798 revealed that the test's assertions
only passed because the buffered writes did not get flushed before
the direct writes in the test runs.
8bda488114f3 fixed ping(8) to use POSIX stdio buffered writes
in all cases and guarantee a deterministic output ordering to stdout
observers. This patch fixes the test to match the correct ordering.
Reviewed by: des
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 7ac9995a062ff9f78b634fe403e6a313f5637945)
(cherry picked from commit 5b8c28adb829b50fb8ac065637fa99f717858bab)
(cherry picked from commit f7f916d755fe5b48a2a68a937beea770b7bafa95)
ping: Flush stdout after printing initial status
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57765
(cherry picked from commit 141bb8579882f9d1f7e95351573e30f10689f4bf)
ping: Don't mix stdio and direct writes
POSIX does not allow mixing direct writes to STDOUT_FILENO with stdio
operations on stdout like we do here. More importantly, it causes
tests to fail randomly (or not-so-randomly after I added an fflush in
a previous commit).
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57884
(cherry picked from commit 8bda488114f330d758e6741ff44882bb12b76c0d)
tests: Fix race condition in aslr_setuid
Use a cloexec pipe to block the parent until the child is ready.
While here, redirect the output from ping to /dev/null, and mark the
test as requiring the inet feature since we ping the IPv4 loopback.
PR: 296116
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57734
(cherry picked from commit 080a4087014e1d19136cc77028019d98b5c69e1e)
tests: Fix race condition in aslr_setuid, take 2
Instead of a cloexec pipe, ingest ping's stdout and block until it has
printed its initial summary, then close the pipe and return to the main
test loop. Run ping in quiet mode so it won't mind that stdout is gone.
[8 lines not shown]