These are all OpenSSL 1.1.0 and 1.1.1 symbols that aren't present in our
OpenSSL 3.0 builds.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D44249
Use __libc_interposing_slot() in favor of __libsys_interposing_slot() so
that the interposing interface is entierly between libc and libthr with
libsys only involved as an implementation detail.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44880
It reports the value of the g_eli_alloc_sz variable. Allocations of
this size or less will use UMA. Larger allocations will use malloc.
Since malloc is slower, it is useful for users to know this variable so
they can avoid such allocations. For example, ZFS users can set
vfs.zfs.vdev.aggregation_limit to this value.
MFC after: 1 week
Sponsored by: Axcient
Reviewed by: markj, imp
Differential Revision: https://reviews.freebsd.org/D44904
Otherwise bsd.own.mk overrides it, causing libcxxrt.so.1 to be
erroneously installed into /usr/lib.
Also add an ObsoleteFiles.inc entry, for removing the bad copy.
Reported by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
Fixes: da77a1b4f0
This tool is typically invoked from within a working tree containing the
desired MFC target branch, which is detected automatically. It also has
a default for when it is invoked from elsewhere. Switch the default to
the most recent branch, stable/14.
Sponsored by: The FreeBSD Foundation
I didn't notice this during testing because invariants-enabled kernels
implicitly include asan.h via kassert.h.
Reported by: Lexi Winter <lexi@le-Fay.org>
Fixes: 800da341bc ("thread: Simplify sanitizer integration with thread creation")
The if_bridge contains several instances of:
if (AF_INET code ...
#ifdef INET6
AF_INET6 code ...
#endif
) {
...
Clean this up by adding a couple of macros at the top of the file that
are conditionally defined based on whether INET and/or INET6 are enabled,
which makes the code more readable and easier to maintain.
No functional change intended.
Reviewed by: zlei, markj
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/1191
ng_btsocket_hci_raw_send() wasn't verifying that the destination address
specified by sendto() is large enough to fill a struct sockaddr_hci.
Thus, when copying the socket address into an mbuf,
ng_btsocket_hci_raw_send() may read past the end of the input sockaddr
while copying.
In practice this is effectively harmless since
ng_btsocket_hci_raw_output() only uses the address to identify a
netgraph node.
Reported by: Oliver Sieber <oliver@secfault-security.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
fork() may allocate a new thread in one of two ways: from UMA, or cached
in a freed proc that was just allocated from UMA. In either case, KASAN
and KMSAN need to initialize some state; in particular they need to
initialize the shadow mapping of the new thread's stack.
This is done differently between KASAN and KMSAN, which is confusing.
This patch improves things a bit:
- Add a new thread_recycle() function, which moves all kernel stack
handling out of kern_fork.c, since it doesn't really belong there.
- Then, thread_alloc_stack() has only one local caller, so just inline
it.
- Avoid redundant shadow stack initialization: thread_alloc()
initializes the KMSAN shadow stack (via kmsan_thread_alloc()) even
through vm_thread_new() already did that.
- Add kasan_thread_alloc(), for consistency with kmsan_thread_alloc().
No functional change intended.
Reviewed by: khng
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D44891
Define PTE_TO_VM_PAGE to compose the PHYS_TO_VM_PAGE and PTE_TO_PHYS
macros. Use it where appropriate, and drop some variables that it
makes unnecessary.
Reviewed by: jhb (previous version)
Differential Revision: https://reviews.freebsd.org/D44700
Thanks to @kevans91 for pointing me in the right direction. FreeBSD had
the same bug as Linux (see
https://bugzilla.kernel.org/show_bug.cgi?id=217276) where the ultimate
solution was to honor the brcm,enable-l1ss FDT property.
In current versions of the dtb files this property has been added by
default.
Without this on many, many pcie addin cards the pcib will Serror when
trying to assert the clreq# pin on the pcie bus. Many cards do not have
these hooked up.
PR: 260131, 277638, 277605
Reviewed-by: emaste
Signed-off-by: HP van Braam <hp@tmm.cx>
Pull-request: https://github.com/freebsd/freebsd-src/pull/1179
This change is still under review and should not have been merged
directly to main (yet).
This is a case and point for using `push.default` to nothing instead of
matching or simple.
This reverts commit 42ce242e35.
This change introduces a static copy of the fips and legacy linker version maps
generated by the OpenSSL 3.0.13 build process.
This unbreaks the fips and legacy providers by not exposing unnecessary
symbols from the fips/legacy provider shared objects shared with other
providers (base, default) and libcrypto.
More discussion:
Prior to this change, loading the fips provider indirectly from a
FreeBSD 14.0-CURRENT and 15.0-CURRENT host would result in a
process-wide deadlock when invoking select OpenSSL APIs
(CONF_modules_load* in this particular example).
Speaking with the upstream maintainers [1], it became obvious that
the FreeBSD base system was incorrectly building/linking the fips
provider, resulting in a symbol collision at runtime, and thus a
process-wide deadlock in specific circumstances. The fips provider
would deadlock when trying to acquire a write lock on internal
structures which should have only been available to the base and
default providers, as certain preprocessor ifdefs only allow specific
internal calls to be made with the base and default providers.
1. https://github.com/openssl/openssl/issues/24202
Differential Revision: https://reviews.freebsd.org/D44892
- Remove superfluous whitespace by removing trailing whitespace
before `\` (line continuation character)
- Quote `SUBDIR.` to clarify the fact that this is a variable
reference--not the end of a sentence.
d51c590023 moved the MFC hash matching logic into a lua utility
script but left the output formatting in the shell script. Simplify this
slightly by just printing the formatted output from lua.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D44836
This reverts commit e92491d95f.
The general idea looked good to me. In particular, it allowed to save
some memory and avoid memory allocation failures when a large buffer
size was requested along with ring and fill policies.
But I didn't take into account that the second, supposedly unused
buffer, was actually used as the scratch buffer. The scratch buffer is
used as a temporary space for DTrace subroutines like copyin, copyinstr,
and alloca.
I think that the change can be fixed by allocating a separate smaller
buffer for the scratch buffer, but that fix would require more work than
I am able to do now. Hence the revert.
Reported by: Domagoj Stolfa
Diagnosed by: Domagoj Stolfa, markj
MFC after: immediately
One of the comments in ahc_execute_scb() notes that the CAM direction is
actually w.r.t. the initiator. As a consequence, all of our sync ops
end up being wrong because the direction is flipped from that of the
transfer. Fix it to do proper invalidation and avoid spewing random
garbage out on the SCSI bus.
Reported and tested by: HP van Braam <hp@tmm.cx>
Reviewed by: imp, mav
Differential Revision: https://reviews.freebsd.org/D44860
In ahc_init(), qoutfifo is already assigned to effectively the same
value a couple lines up, except in the first assignment it uses the
proper definition; keep the more descriptive assignment.
ahc_targetcmd_offset() gets the offset wrong entirely; as per the
area of ahc_init() this diff also touches, targetcmds is laid out first
in the shared map and it's followed by the qoutfifo. As a result, we'd
generally be getting negative offsets here. We can't actually do a
partial sync anyways, so there was no consequence to getting this wrong.
Reviewed by: imp, mav
Differential Revision: https://reviews.freebsd.org/D44859
Commit 33cb9b3c3a replaced a g_raid3_destroy_device() call with a
g_raid3_free_device() call, which was incorrect and could lead to a
panic if a RAID3 GEOM failed to start (e.g., due to missing disks).
Reported by: graid3 tests
Fixes: 33cb9b3c3a ("graid3: Fix teardown races")
MFC after: 3 days
Sponsored by: Klara, Inc.
When in netmap (emulated) mode, wireguard interfaces prepend or strip a
dummy ethernet header when interfacing with netmap. The netmap
application thus sees unencrypted, de-encapsulated frames with a fixed
header.
In this mode, netmap hooks the if_input and if_transmit routines of the
ifnet. Packets from the host TX ring are handled by wg_if_input(),
which simply hands them to the netisr layer; packets which would
otherwise be tunneled are intercepted in wg_output() and placed in the
host RX ring.
The "physical" TX ring is processed by wg_transmit(), which behaves
identically to wg_output() when netmap is not enabled, and packets
appear in the "physical" RX ring by hooking wg_deliver_in().
Reviewed by: vmaffione
MFC after: 1 month
Sponsored by: Klara, Inc.
Sponsored by: Zenarmor
Differential Revision: https://reviews.freebsd.org/D43460