From owner-svn-src-releng@freebsd.org Sun Sep 13 02:17:18 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7DEA33E9823; Sun, 13 Sep 2020 02:17:18 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BptRf2Kslz4nn0; Sun, 13 Sep 2020 02:17:18 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 34AFF1EBC9; Sun, 13 Sep 2020 02:17:18 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08D2HI4N036897; Sun, 13 Sep 2020 02:17:18 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08D2HIDF036896; Sun, 13 Sep 2020 02:17:18 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <202009130217.08D2HIDF036896@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Sun, 13 Sep 2020 02:17:18 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365683 - releng/12.2/usr.sbin/certctl X-SVN-Group: releng X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: releng/12.2/usr.sbin/certctl X-SVN-Commit-Revision: 365683 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Sep 2020 02:17:18 -0000 Author: kevans Date: Sun Sep 13 02:17:17 2020 New Revision: 365683 URL: https://svnweb.freebsd.org/changeset/base/365683 Log: MFS r365681: certctl: fix hashed link generation with duplicate subjects Currently, certctl rehash will just keep clobbering .0 rather than incrementing the suffix upon encountering a duplicate. Do this, and do it for blacklisted certs as well. This also improves the situation with the blacklist to be a little less flakey, comparing cert fingerprints for all certs with a matching subject hash in the blacklist to determine if the cert we're looking at can be installed. Future work needs to completely revamp the blacklist to align more with how it's described in PR 246614. In particular, /etc/ssl/blacklisted should go away to avoid potential confusion -- OpenSSL will not read it, it's basically certctl internal. PR: 246614 Approved by: re (gjb) Modified: releng/12.2/usr.sbin/certctl/certctl.sh Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/usr.sbin/certctl/certctl.sh ============================================================================== --- releng/12.2/usr.sbin/certctl/certctl.sh Sun Sep 13 01:44:31 2020 (r365682) +++ releng/12.2/usr.sbin/certctl/certctl.sh Sun Sep 13 02:17:17 2020 (r365683) @@ -30,7 +30,7 @@ ############################################################ CONFIGURATION : ${DESTDIR:=} -: ${FILEPAT:="\.pem$|\.crt$|\.cer$|\.crl$|\.0$"} +: ${FILEPAT:="\.pem$|\.crt$|\.cer$|\.crl$"} : ${VERBOSE:=0} ############################################################ GLOBALS @@ -56,31 +56,58 @@ do_hash() fi } +get_decimal() +{ + local checkdir hash decimal + + checkdir=$1 + hash=$2 + decimal=0 + + while [ -e "$checkdir/$hash.$decimal" ]; do + decimal=$((decimal + 1)) + done + + echo ${decimal} + return 0 +} + create_trusted_link() { - local hash + local blisthash certhash hash + local suffix hash=$( do_hash "$1" ) || return - if [ -e "$BLACKLISTDESTDIR/$hash.0" ]; then - echo "Skipping blacklisted certificate $1 ($BLACKLISTDESTDIR/$hash.0)" - return 1 - fi - [ $VERBOSE -gt 0 ] && echo "Adding $hash.0 to trust store" - [ $NOOP -eq 0 ] && install ${INSTALLFLAGS} -lrs $(realpath "$1") "$CERTDESTDIR/$hash.0" + certhash=$( openssl x509 -sha1 -in "$1" -noout -fingerprint ) + for blistfile in $(find $BLACKLISTDESTDIR -name "$hash.*"); do + blisthash=$( openssl x509 -sha1 -in "$blistfile" -noout -fingerprint ) + if [ "$certhash" = "$blisthash" ]; then + echo "Skipping blacklisted certificate $1 ($blistfile)" + return 1 + fi + done + suffix=$(get_decimal "$CERTDESTDIR" "$hash") + [ $VERBOSE -gt 0 ] && echo "Adding $hash.$suffix to trust store" + [ $NOOP -eq 0 ] && \ + install ${INSTALLFLAGS} -lrs $(realpath "$1") "$CERTDESTDIR/$hash.$suffix" } create_blacklisted() { local hash srcfile filename + local suffix # If it exists as a file, we'll try that; otherwise, we'll scan if [ -e "$1" ]; then hash=$( do_hash "$1" ) || return srcfile=$(realpath "$1") - filename="$hash.0" + suffix=$(get_decimal "$BLACKLISTDESTDIR" "$hash") + filename="$hash.$suffix" elif [ -e "${CERTDESTDIR}/$1" ]; then srcfile=$(realpath "${CERTDESTDIR}/$1") - filename="$1" + hash=$(echo "$1" | sed -Ee 's/\.([0-9])+$//') + suffix=$(get_decimal "$BLACKLISTDESTDIR" "$hash") + filename="$hash.$suffix" else return fi @@ -115,7 +142,7 @@ do_list() if [ -e "$1" ]; then cd "$1" - for CFILE in *.0; do + for CFILE in *.[0-9]; do if [ ! -s "$CFILE" ]; then echo "Unable to read $CFILE" >&2 ERRORS=$(( $ERRORS + 1 )) @@ -174,14 +201,20 @@ cmd_blacklist() cmd_unblacklist() { - local BFILE hash + local BFILE blisthash certhash hash shift # verb for BFILE in "$@"; do if [ -s "$BFILE" ]; then hash=$( do_hash "$BFILE" ) - echo "Removing $hash.0 from blacklist" - [ $NOOP -eq 0 ] && rm -f "$BLACKLISTDESTDIR/$hash.0" + certhash=$( openssl x509 -sha1 -in "$BFILE" -noout -fingerprint ) + for BLISTEDFILE in $(find $BLACKLISTDESTDIR -name "$hash.*"); do + blisthash=$( openssl x509 -sha1 -in "$BLISTEDFILE" -noout -fingerprint ) + if [ "$certhash" = "$blisthash" ]; then + echo "Removing $(basename "$BLISTEDFILE") from blacklist" + [ $NOOP -eq 0 ] && rm -f $BLISTEDFILE + fi + done elif [ -e "$BLACKLISTDESTDIR/$BFILE" ]; then echo "Removing $BFILE from blacklist" [ $NOOP -eq 0 ] && rm -f "$BLACKLISTDESTDIR/$BFILE" From owner-svn-src-releng@freebsd.org Sun Sep 13 02:17:59 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6ADCC3E9982; Sun, 13 Sep 2020 02:17:59 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BptSR26NFz4pLC; Sun, 13 Sep 2020 02:17:59 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2BE4E1EB4F; Sun, 13 Sep 2020 02:17:59 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08D2HwHR036985; Sun, 13 Sep 2020 02:17:58 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08D2Hw97036981; Sun, 13 Sep 2020 02:17:58 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <202009130217.08D2Hw97036981@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Sun, 13 Sep 2020 02:17:58 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365684 - in releng/12.2: include lib/libc/gen lib/libc/sys X-SVN-Group: releng X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: in releng/12.2: include lib/libc/gen lib/libc/sys X-SVN-Commit-Revision: 365684 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Sep 2020 02:17:59 -0000 Author: kevans Date: Sun Sep 13 02:17:57 2020 New Revision: 365684 URL: https://svnweb.freebsd.org/changeset/base/365684 Log: MFS r365682: getlogin_r: fix the type of len getlogin_r is specified by POSIX to to take a size_t len, not int. Fix our version to do the same, bump the symbol version due to ABI change and provide compat. This was reported to break compilation of Ruby 2.8. Some discussion about the necessity of the ABI compat did take place in the review. While many 64-bit platforms would likely be passing it in a 64-bit register and zero-extended and thus, not notice ABI breakage, some do sign-extend (e.g. mips). PR: 247102 Approved by: re (gjb) Modified: releng/12.2/include/unistd.h releng/12.2/lib/libc/gen/Symbol.map releng/12.2/lib/libc/gen/getlogin.c releng/12.2/lib/libc/sys/getlogin.2 Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/include/unistd.h ============================================================================== --- releng/12.2/include/unistd.h Sun Sep 13 02:17:17 2020 (r365683) +++ releng/12.2/include/unistd.h Sun Sep 13 02:17:57 2020 (r365684) @@ -399,7 +399,7 @@ int ftruncate(int, off_t); #endif #if __POSIX_VISIBLE >= 199506 -int getlogin_r(char *, int); +int getlogin_r(char *, size_t); #endif /* 1003.1-2001 */ Modified: releng/12.2/lib/libc/gen/Symbol.map ============================================================================== --- releng/12.2/lib/libc/gen/Symbol.map Sun Sep 13 02:17:17 2020 (r365683) +++ releng/12.2/lib/libc/gen/Symbol.map Sun Sep 13 02:17:57 2020 (r365684) @@ -156,7 +156,6 @@ FBSD_1.0 { gethostname; getloadavg; getlogin; - getlogin_r; setnetgrent; getnetgrent; endnetgrent; @@ -423,6 +422,7 @@ FBSD_1.5 { FBSD_1.6 { __sysctlbyname; + getlogin_r; memalign; scandir_b; sigandset; Modified: releng/12.2/lib/libc/gen/getlogin.c ============================================================================== --- releng/12.2/lib/libc/gen/getlogin.c Sun Sep 13 02:17:17 2020 (r365683) +++ releng/12.2/lib/libc/gen/getlogin.c Sun Sep 13 02:17:57 2020 (r365684) @@ -58,7 +58,7 @@ getlogin(void) } int -getlogin_r(char *logname, int namelen) +getlogin_r(char *logname, size_t namelen) { char tmpname[MAXLOGNAME]; int len; @@ -75,3 +75,13 @@ getlogin_r(char *logname, int namelen) strlcpy(logname, tmpname, len); return (0); } + +/* FreeBSD 12 and earlier compat. */ +int +__getlogin_r_fbsd12(char *logname, int namelen) +{ + if (namelen < 1) + return (ERANGE); + return (getlogin_r(logname, namelen)); +} +__sym_compat(getlogin_r, __getlogin_r_fbsd12, FBSD_1.0); Modified: releng/12.2/lib/libc/sys/getlogin.2 ============================================================================== --- releng/12.2/lib/libc/sys/getlogin.2 Sun Sep 13 02:17:17 2020 (r365683) +++ releng/12.2/lib/libc/sys/getlogin.2 Sun Sep 13 02:17:57 2020 (r365684) @@ -28,7 +28,7 @@ .\" @(#)getlogin.2 8.1 (Berkeley) 6/9/93 .\" $FreeBSD$ .\" -.Dd June 9, 1993 +.Dd September 9, 2020 .Dt GETLOGIN 2 .Os .Sh NAME @@ -44,7 +44,7 @@ .Fn getlogin void .In sys/param.h .Ft int -.Fn getlogin_r "char *name" "int len" +.Fn getlogin_r "char *name" "size_t len" .Ft int .Fn setlogin "const char *name" .Sh DESCRIPTION From owner-svn-src-releng@freebsd.org Sun Sep 13 23:51:08 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D61F33ECD27; Sun, 13 Sep 2020 23:51:08 +0000 (UTC) (envelope-from allanjude@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BqR8X5jFyz3y1N; Sun, 13 Sep 2020 23:51:08 +0000 (UTC) (envelope-from allanjude@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8D4D1E324; Sun, 13 Sep 2020 23:51:08 +0000 (UTC) (envelope-from allanjude@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08DNp8S5039875; Sun, 13 Sep 2020 23:51:08 GMT (envelope-from allanjude@FreeBSD.org) Received: (from allanjude@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08DNp74P039871; Sun, 13 Sep 2020 23:51:07 GMT (envelope-from allanjude@FreeBSD.org) Message-Id: <202009132351.08DNp74P039871@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: allanjude set sender to allanjude@FreeBSD.org using -f From: Allan Jude Date: Sun, 13 Sep 2020 23:51:07 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365702 - in releng/12.2: sys/dev/virtio/block usr.sbin/bhyve X-SVN-Group: releng X-SVN-Commit-Author: allanjude X-SVN-Commit-Paths: in releng/12.2: sys/dev/virtio/block usr.sbin/bhyve X-SVN-Commit-Revision: 365702 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Sep 2020 23:51:08 -0000 Author: allanjude Date: Sun Sep 13 23:51:07 2020 New Revision: 365702 URL: https://svnweb.freebsd.org/changeset/base/365702 Log: MFC r360229, r363255 MFS r365614 r360229: Add VIRTIO_BLK_T_DISCARD (TRIM) support to the bhyve virtio-blk backend This will advertise support for TRIM to the guest virtio-blk driver and perform the DIOCGDELETE ioctl on the backing storage if it supports it. Thanks to Jason King and others at Joyent and illumos for expanding on my original patch, adding improvements including better error handling and making sure to following the virtio spec. r363255: Add VIRTIO_BLK_T_DISCARD support to the virtio-blk driver If the hypervisor advertises support for the DISCARD command then the guest can perform TRIM commands, freeing space on the backing store. If VIRTIO_BLK_F_DISCARD is enabled, advertise DISKFLAG_CANDELETE Tested with FreeBSD guests on bhyve and KVM Approved by: re (gjb) Relnotes: yes Sponsored by: Klara Inc. Modified: releng/12.2/sys/dev/virtio/block/virtio_blk.c releng/12.2/sys/dev/virtio/block/virtio_blk.h releng/12.2/usr.sbin/bhyve/block_if.c releng/12.2/usr.sbin/bhyve/pci_virtio_block.c Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/sys/dev/virtio/block/virtio_blk.c ============================================================================== --- releng/12.2/sys/dev/virtio/block/virtio_blk.c Sun Sep 13 23:05:19 2020 (r365701) +++ releng/12.2/sys/dev/virtio/block/virtio_blk.c Sun Sep 13 23:51:07 2020 (r365702) @@ -81,6 +81,7 @@ struct vtblk_softc { #define VTBLK_FLAG_SUSPEND 0x0008 #define VTBLK_FLAG_BARRIER 0x0010 #define VTBLK_FLAG_WC_CONFIG 0x0020 +#define VTBLK_FLAG_DISCARD 0x0040 struct virtqueue *vtblk_vq; struct sglist *vtblk_sglist; @@ -112,6 +113,7 @@ static struct virtio_feature_desc vtblk_feature_desc[] { VIRTIO_BLK_F_WCE, "WriteCache" }, { VIRTIO_BLK_F_TOPOLOGY, "Topology" }, { VIRTIO_BLK_F_CONFIG_WCE, "ConfigWCE" }, + { VIRTIO_BLK_F_DISCARD, "Discard" }, { 0, NULL } }; @@ -210,6 +212,7 @@ TUNABLE_INT("hw.vtblk.writecache_mode", &vtblk_writeca VIRTIO_BLK_F_WCE | \ VIRTIO_BLK_F_TOPOLOGY | \ VIRTIO_BLK_F_CONFIG_WCE | \ + VIRTIO_BLK_F_DISCARD | \ VIRTIO_RING_F_INDIRECT_DESC) #define VTBLK_MTX(_sc) &(_sc)->vtblk_mtx @@ -461,7 +464,7 @@ vtblk_config_change(device_t dev) vtblk_read_config(sc, &blkcfg); /* Capacity is always in 512-byte units. */ - capacity = blkcfg.capacity * 512; + capacity = blkcfg.capacity * VTBLK_BSIZE; if (sc->vtblk_disk->d_mediasize != capacity) vtblk_resize_disk(sc, capacity); @@ -546,11 +549,18 @@ vtblk_strategy(struct bio *bp) * be a better way to report our readonly'ness to GEOM above. */ if (sc->vtblk_flags & VTBLK_FLAG_READONLY && - (bp->bio_cmd == BIO_WRITE || bp->bio_cmd == BIO_FLUSH)) { + (bp->bio_cmd == BIO_WRITE || bp->bio_cmd == BIO_FLUSH || + bp->bio_cmd == BIO_DELETE)) { vtblk_bio_done(sc, bp, EROFS); return; } + if ((bp->bio_cmd != BIO_READ) && (bp->bio_cmd != BIO_WRITE) && + (bp->bio_cmd != BIO_FLUSH) && (bp->bio_cmd != BIO_DELETE)) { + vtblk_bio_done(sc, bp, EOPNOTSUPP); + return; + } + VTBLK_LOCK(sc); if (sc->vtblk_flags & VTBLK_FLAG_DETACH) { @@ -559,6 +569,13 @@ vtblk_strategy(struct bio *bp) return; } + if ((bp->bio_cmd == BIO_DELETE) && + !(sc->vtblk_flags & VTBLK_FLAG_DISCARD)) { + VTBLK_UNLOCK(sc); + vtblk_bio_done(sc, bp, EOPNOTSUPP); + return; + } + bioq_insert_tail(&sc->vtblk_bioq, bp); vtblk_startio(sc); @@ -594,6 +611,8 @@ vtblk_setup_features(struct vtblk_softc *sc) sc->vtblk_flags |= VTBLK_FLAG_BARRIER; if (virtio_with_feature(dev, VIRTIO_BLK_F_CONFIG_WCE)) sc->vtblk_flags |= VTBLK_FLAG_WC_CONFIG; + if (virtio_with_feature(dev, VIRTIO_BLK_F_DISCARD)) + sc->vtblk_flags |= VTBLK_FLAG_DISCARD; } static int @@ -683,12 +702,12 @@ vtblk_alloc_disk(struct vtblk_softc *sc, struct virtio dp->d_dump = vtblk_dump; /* Capacity is always in 512-byte units. */ - dp->d_mediasize = blkcfg->capacity * 512; + dp->d_mediasize = blkcfg->capacity * VTBLK_BSIZE; if (virtio_with_feature(dev, VIRTIO_BLK_F_BLK_SIZE)) dp->d_sectorsize = blkcfg->blk_size; else - dp->d_sectorsize = 512; + dp->d_sectorsize = VTBLK_BSIZE; /* * The VirtIO maximum I/O size is given in terms of segments. @@ -722,6 +741,11 @@ vtblk_alloc_disk(struct vtblk_softc *sc, struct virtio dp->d_stripesize; } + if (virtio_with_feature(dev, VIRTIO_BLK_F_DISCARD)) { + dp->d_flags |= DISKFLAG_CANDELETE; + dp->d_delmaxsize = blkcfg->max_discard_sectors * VTBLK_BSIZE; + } + if (vtblk_write_cache_enabled(sc, blkcfg) != 0) sc->vtblk_write_cache = VTBLK_CACHE_WRITEBACK; else @@ -872,12 +896,16 @@ vtblk_request_bio(struct vtblk_softc *sc) break; case BIO_READ: req->vbr_hdr.type = VIRTIO_BLK_T_IN; - req->vbr_hdr.sector = bp->bio_offset / 512; + req->vbr_hdr.sector = bp->bio_offset / VTBLK_BSIZE; break; case BIO_WRITE: req->vbr_hdr.type = VIRTIO_BLK_T_OUT; - req->vbr_hdr.sector = bp->bio_offset / 512; + req->vbr_hdr.sector = bp->bio_offset / VTBLK_BSIZE; break; + case BIO_DELETE: + req->vbr_hdr.type = VIRTIO_BLK_T_DISCARD; + req->vbr_hdr.sector = bp->bio_offset / VTBLK_BSIZE; + break; default: panic("%s: bio with unhandled cmd: %d", __func__, bp->bio_cmd); } @@ -931,6 +959,20 @@ vtblk_request_execute(struct vtblk_softc *sc, struct v /* BIO_READ means the host writes into our buffer. */ if (bp->bio_cmd == BIO_READ) writable = sg->sg_nseg - 1; + } else if (bp->bio_cmd == BIO_DELETE) { + struct virtio_blk_discard_write_zeroes *discard; + + discard = malloc(sizeof(*discard), M_DEVBUF, M_NOWAIT | M_ZERO); + if (discard == NULL) + return (ENOMEM); + discard->sector = bp->bio_offset / VTBLK_BSIZE; + discard->num_sectors = bp->bio_bcount / VTBLK_BSIZE; + bp->bio_driver1 = discard; + error = sglist_append(sg, discard, sizeof(*discard)); + if (error || sg->sg_nseg == sg->sg_maxseg) { + panic("%s: bio %p data buffer too big %d", + __func__, bp, error); + } } writable++; @@ -1091,6 +1133,11 @@ vtblk_bio_done(struct vtblk_softc *sc, struct bio *bp, bp->bio_flags |= BIO_ERROR; } + if (bp->bio_driver1 != NULL) { + free(bp->bio_driver1, M_DEVBUF); + bp->bio_driver1 = NULL; + } + biodone(bp); } @@ -1120,7 +1167,12 @@ vtblk_read_config(struct vtblk_softc *sc, struct virti VTBLK_GET_CONFIG(dev, VIRTIO_BLK_F_GEOMETRY, geometry, blkcfg); VTBLK_GET_CONFIG(dev, VIRTIO_BLK_F_BLK_SIZE, blk_size, blkcfg); VTBLK_GET_CONFIG(dev, VIRTIO_BLK_F_TOPOLOGY, topology, blkcfg); - VTBLK_GET_CONFIG(dev, VIRTIO_BLK_F_CONFIG_WCE, writeback, blkcfg); + VTBLK_GET_CONFIG(dev, VIRTIO_BLK_F_CONFIG_WCE, wce, blkcfg); + VTBLK_GET_CONFIG(dev, VIRTIO_BLK_F_DISCARD, max_discard_sectors, + blkcfg); + VTBLK_GET_CONFIG(dev, VIRTIO_BLK_F_DISCARD, max_discard_seg, blkcfg); + VTBLK_GET_CONFIG(dev, VIRTIO_BLK_F_DISCARD, discard_sector_alignment, + blkcfg); } #undef VTBLK_GET_CONFIG @@ -1278,7 +1330,7 @@ vtblk_dump_write(struct vtblk_softc *sc, void *virtual req->vbr_ack = -1; req->vbr_hdr.type = VIRTIO_BLK_T_OUT; req->vbr_hdr.ioprio = 1; - req->vbr_hdr.sector = offset / 512; + req->vbr_hdr.sector = offset / VTBLK_BSIZE; req->vbr_bp = &buf; g_reset_bio(&buf); @@ -1327,7 +1379,7 @@ vtblk_set_write_cache(struct vtblk_softc *sc, int wc) /* Set either writeback (1) or writethrough (0) mode. */ virtio_write_dev_config_1(sc->vtblk_dev, - offsetof(struct virtio_blk_config, writeback), wc); + offsetof(struct virtio_blk_config, wce), wc); } static int @@ -1342,7 +1394,7 @@ vtblk_write_cache_enabled(struct vtblk_softc *sc, if (wc >= 0 && wc < VTBLK_CACHE_MAX) vtblk_set_write_cache(sc, wc); else - wc = blkcfg->writeback; + wc = blkcfg->wce; } else wc = virtio_with_feature(sc->vtblk_dev, VIRTIO_BLK_F_WCE); Modified: releng/12.2/sys/dev/virtio/block/virtio_blk.h ============================================================================== --- releng/12.2/sys/dev/virtio/block/virtio_blk.h Sun Sep 13 23:05:19 2020 (r365701) +++ releng/12.2/sys/dev/virtio/block/virtio_blk.h Sun Sep 13 23:51:07 2020 (r365702) @@ -33,20 +33,27 @@ #ifndef _VIRTIO_BLK_H #define _VIRTIO_BLK_H +#define VTBLK_BSIZE 512 + /* Feature bits */ -#define VIRTIO_BLK_F_BARRIER 0x0001 /* Does host support barriers? */ -#define VIRTIO_BLK_F_SIZE_MAX 0x0002 /* Indicates maximum segment size */ -#define VIRTIO_BLK_F_SEG_MAX 0x0004 /* Indicates maximum # of segments */ -#define VIRTIO_BLK_F_GEOMETRY 0x0010 /* Legacy geometry available */ -#define VIRTIO_BLK_F_RO 0x0020 /* Disk is read-only */ -#define VIRTIO_BLK_F_BLK_SIZE 0x0040 /* Block size of disk is available*/ -#define VIRTIO_BLK_F_SCSI 0x0080 /* Supports scsi command passthru */ -#define VIRTIO_BLK_F_WCE 0x0200 /* Writeback mode enabled after reset */ -#define VIRTIO_BLK_F_TOPOLOGY 0x0400 /* Topology information is available */ -#define VIRTIO_BLK_F_CONFIG_WCE 0x0800 /* Writeback mode available in config */ -#define VIRTIO_BLK_ID_BYTES 20 /* ID string length */ +#define VIRTIO_BLK_F_BARRIER 0x0001 /* Does host support barriers? */ +#define VIRTIO_BLK_F_SIZE_MAX 0x0002 /* Indicates maximum segment size */ +#define VIRTIO_BLK_F_SEG_MAX 0x0004 /* Indicates maximum # of segments */ +#define VIRTIO_BLK_F_GEOMETRY 0x0010 /* Legacy geometry available */ +#define VIRTIO_BLK_F_RO 0x0020 /* Disk is read-only */ +#define VIRTIO_BLK_F_BLK_SIZE 0x0040 /* Block size of disk is available*/ +#define VIRTIO_BLK_F_SCSI 0x0080 /* Supports scsi command passthru */ +#define VIRTIO_BLK_F_FLUSH 0x0200 /* Flush command supported */ +#define VIRTIO_BLK_F_WCE 0x0200 /* Legacy alias for FLUSH */ +#define VIRTIO_BLK_F_TOPOLOGY 0x0400 /* Topology information is available */ +#define VIRTIO_BLK_F_CONFIG_WCE 0x0800 /* Writeback mode available in config */ +#define VIRTIO_BLK_F_MQ 0x1000 /* Support more than one vq */ +#define VIRTIO_BLK_F_DISCARD 0x2000 /* Trim blocks */ +#define VIRTIO_BLK_F_WRITE_ZEROES 0x4000 /* Write zeros */ +#define VIRTIO_BLK_ID_BYTES 20 /* ID string length */ + struct virtio_blk_config { /* The capacity (in 512-byte sectors). */ uint64_t capacity; @@ -66,15 +73,29 @@ struct virtio_blk_config { /* Topology of the device (if VIRTIO_BLK_F_TOPOLOGY) */ struct virtio_blk_topology { + /* Exponent for physical block per logical block. */ uint8_t physical_block_exp; + /* Alignment offset in logical blocks. */ uint8_t alignment_offset; + /* Minimum I/O size without performance penalty in logical + * blocks. */ uint16_t min_io_size; + /* Optimal sustained I/O size in logical blocks. */ uint32_t opt_io_size; } topology; /* Writeback mode (if VIRTIO_BLK_F_CONFIG_WCE) */ - uint8_t writeback; - + uint8_t wce; + uint8_t unused; + /* Number of vqs, only available when VIRTIO_BLK_F_MQ is set */ + uint16_t num_queues; + uint32_t max_discard_sectors; + uint32_t max_discard_seg; + uint32_t discard_sector_alignment; + uint32_t max_write_zeroes_sectors; + uint32_t max_write_zeroes_seg; + uint8_t write_zeroes_may_unmap; + uint8_t unused1[3]; } __packed; /* @@ -89,24 +110,35 @@ struct virtio_blk_config { */ /* These two define direction. */ -#define VIRTIO_BLK_T_IN 0 -#define VIRTIO_BLK_T_OUT 1 +#define VIRTIO_BLK_T_IN 0 +#define VIRTIO_BLK_T_OUT 1 /* This bit says it's a scsi command, not an actual read or write. */ -#define VIRTIO_BLK_T_SCSI_CMD 2 +#define VIRTIO_BLK_T_SCSI_CMD 2 +#define VIRTIO_BLK_T_SCSI_CMD_OUT 3 /* Cache flush command */ -#define VIRTIO_BLK_T_FLUSH 4 +#define VIRTIO_BLK_T_FLUSH 4 +#define VIRTIO_BLK_T_FLUSH_OUT 5 /* Get device ID command */ -#define VIRTIO_BLK_T_GET_ID 8 +#define VIRTIO_BLK_T_GET_ID 8 +/* Discard command */ +#define VIRTIO_BLK_T_DISCARD 11 + +/* Write zeros command */ +#define VIRTIO_BLK_T_WRITE_ZEROES 13 + /* Barrier before this op. */ -#define VIRTIO_BLK_T_BARRIER 0x80000000 +#define VIRTIO_BLK_T_BARRIER 0x80000000 /* ID string length */ -#define VIRTIO_BLK_ID_BYTES 20 +#define VIRTIO_BLK_ID_BYTES 20 +/* Unmap this range (only valid for write zeroes command) */ +#define VIRTIO_BLK_WRITE_ZEROES_FLAG_UNMAP 0x00000001 + /* This is the first element of the read scatter-gather list. */ struct virtio_blk_outhdr { /* VIRTIO_BLK_T* */ @@ -115,6 +147,15 @@ struct virtio_blk_outhdr { uint32_t ioprio; /* Sector (ie. 512 byte offset) */ uint64_t sector; +}; + +struct virtio_blk_discard_write_zeroes { + uint64_t sector; + uint32_t num_sectors; + struct { + uint32_t unmap:1; + uint32_t reserved:31; + } flags; }; struct virtio_scsi_inhdr { Modified: releng/12.2/usr.sbin/bhyve/block_if.c ============================================================================== --- releng/12.2/usr.sbin/bhyve/block_if.c Sun Sep 13 23:05:19 2020 (r365701) +++ releng/12.2/usr.sbin/bhyve/block_if.c Sun Sep 13 23:51:07 2020 (r365702) @@ -3,6 +3,7 @@ * * Copyright (c) 2013 Peter Grehan * All rights reserved. + * Copyright 2020 Joyent, Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -410,6 +411,8 @@ blockif_open(const char *optstr, const char *ident) off_t size, psectsz, psectoff; int extra, fd, i, sectsz; int nocache, sync, ro, candelete, geom, ssopt, pssopt; + int nodelete; + #ifndef WITHOUT_CAPSICUM cap_rights_t rights; cap_ioctl_t cmds[] = { DIOCGFLUSH, DIOCGDELETE }; @@ -422,6 +425,7 @@ blockif_open(const char *optstr, const char *ident) nocache = 0; sync = 0; ro = 0; + nodelete = 0; /* * The first element in the optstring is always a pathname. @@ -434,6 +438,8 @@ blockif_open(const char *optstr, const char *ident) continue; else if (!strcmp(cp, "nocache")) nocache = 1; + else if (!strcmp(cp, "nodelete")) + nodelete = 1; else if (!strcmp(cp, "sync") || !strcmp(cp, "direct")) sync = 1; else if (!strcmp(cp, "ro")) @@ -500,7 +506,7 @@ blockif_open(const char *optstr, const char *ident) ioctl(fd, DIOCGSTRIPEOFFSET, &psectoff); strlcpy(arg.name, "GEOM::candelete", sizeof(arg.name)); arg.len = sizeof(arg.value.i); - if (ioctl(fd, DIOCGATTR, &arg) == 0) + if (nodelete == 0 && ioctl(fd, DIOCGATTR, &arg) == 0) candelete = arg.value.i; if (ioctl(fd, DIOCGPROVIDERNAME, name) == 0) geom = 1; Modified: releng/12.2/usr.sbin/bhyve/pci_virtio_block.c ============================================================================== --- releng/12.2/usr.sbin/bhyve/pci_virtio_block.c Sun Sep 13 23:05:19 2020 (r365701) +++ releng/12.2/usr.sbin/bhyve/pci_virtio_block.c Sun Sep 13 23:51:07 2020 (r365702) @@ -3,7 +3,7 @@ * * Copyright (c) 2011 NetApp, Inc. * All rights reserved. - * Copyright (c) 2019 Joyent, Inc. + * Copyright 2020 Joyent, Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -57,26 +57,37 @@ __FBSDID("$FreeBSD$"); #include "virtio.h" #include "block_if.h" -#define VTBLK_RINGSZ 128 +#define VTBLK_BSIZE 512 +#define VTBLK_RINGSZ 128 _Static_assert(VTBLK_RINGSZ <= BLOCKIF_RING_MAX, "Each ring entry must be able to queue a request"); -#define VTBLK_S_OK 0 -#define VTBLK_S_IOERR 1 +#define VTBLK_S_OK 0 +#define VTBLK_S_IOERR 1 #define VTBLK_S_UNSUPP 2 #define VTBLK_BLK_ID_BYTES 20 + 1 /* Capability bits */ -#define VTBLK_F_SEG_MAX (1 << 2) /* Maximum request segments */ -#define VTBLK_F_BLK_SIZE (1 << 6) /* cfg block size valid */ -#define VTBLK_F_FLUSH (1 << 9) /* Cache flush support */ -#define VTBLK_F_TOPOLOGY (1 << 10) /* Optimal I/O alignment */ +#define VTBLK_F_BARRIER (1 << 0) /* Does host support barriers? */ +#define VTBLK_F_SIZE_MAX (1 << 1) /* Indicates maximum segment size */ +#define VTBLK_F_SEG_MAX (1 << 2) /* Indicates maximum # of segments */ +#define VTBLK_F_GEOMETRY (1 << 4) /* Legacy geometry available */ +#define VTBLK_F_RO (1 << 5) /* Disk is read-only */ +#define VTBLK_F_BLK_SIZE (1 << 6) /* Block size of disk is available*/ +#define VTBLK_F_SCSI (1 << 7) /* Supports scsi command passthru */ +#define VTBLK_F_FLUSH (1 << 9) /* Writeback mode enabled after reset */ +#define VTBLK_F_WCE (1 << 9) /* Legacy alias for FLUSH */ +#define VTBLK_F_TOPOLOGY (1 << 10) /* Topology information is available */ +#define VTBLK_F_CONFIG_WCE (1 << 11) /* Writeback mode available in config */ +#define VTBLK_F_MQ (1 << 12) /* Multi-Queue */ +#define VTBLK_F_DISCARD (1 << 13) /* Trim blocks */ +#define VTBLK_F_WRITE_ZEROES (1 << 14) /* Write zeros */ /* * Host capabilities */ -#define VTBLK_S_HOSTCAPS \ +#define VTBLK_S_HOSTCAPS \ ( VTBLK_F_SEG_MAX | \ VTBLK_F_BLK_SIZE | \ VTBLK_F_FLUSH | \ @@ -84,6 +95,18 @@ _Static_assert(VTBLK_RINGSZ <= BLOCKIF_RING_MAX, "Each VIRTIO_RING_F_INDIRECT_DESC ) /* indirect descriptors */ /* + * The current blockif_delete() interface only allows a single delete + * request at a time. + */ +#define VTBLK_MAX_DISCARD_SEG 1 + +/* + * An arbitrary limit to prevent excessive latency due to large + * delete requests. + */ +#define VTBLK_MAX_DISCARD_SECT ((16 << 20) / VTBLK_BSIZE) /* 16 MiB */ + +/* * Config space "registers" */ struct vtblk_config { @@ -103,6 +126,15 @@ struct vtblk_config { uint32_t opt_io_size; } vbc_topology; uint8_t vbc_writeback; + uint8_t unused0[1]; + uint16_t num_queues; + uint32_t max_discard_sectors; + uint32_t max_discard_seg; + uint32_t discard_sector_alignment; + uint32_t max_write_zeroes_sectors; + uint32_t max_write_zeroes_seg; + uint8_t write_zeroes_may_unmap; + uint8_t unused1[3]; } __packed; /* @@ -111,9 +143,14 @@ struct vtblk_config { struct virtio_blk_hdr { #define VBH_OP_READ 0 #define VBH_OP_WRITE 1 +#define VBH_OP_SCSI_CMD 2 +#define VBH_OP_SCSI_CMD_OUT 3 #define VBH_OP_FLUSH 4 #define VBH_OP_FLUSH_OUT 5 #define VBH_OP_IDENT 8 +#define VBH_OP_DISCARD 11 +#define VBH_OP_WRITE_ZEROES 13 + #define VBH_FLAG_BARRIER 0x80000000 /* OR'ed into vbh_type */ uint32_t vbh_type; uint32_t vbh_ioprio; @@ -124,8 +161,8 @@ struct virtio_blk_hdr { * Debug printf */ static int pci_vtblk_debug; -#define DPRINTF(params) if (pci_vtblk_debug) PRINTLN params -#define WPRINTF(params) PRINTLN params +#define DPRINTF(params) if (pci_vtblk_debug) PRINTLN params +#define WPRINTF(params) PRINTLN params struct pci_vtblk_ioreq { struct blockif_req io_req; @@ -134,6 +171,15 @@ struct pci_vtblk_ioreq { uint16_t io_idx; }; +struct virtio_blk_discard_write_zeroes { + uint64_t sector; + uint32_t num_sectors; + struct { + uint32_t unmap:1; + uint32_t reserved:31; + } flags; +}; + /* * Per-device softc */ @@ -142,6 +188,7 @@ struct pci_vtblk_softc { pthread_mutex_t vsc_mtx; struct vqueue_info vbsc_vq; struct vtblk_config vbsc_cfg; + struct virtio_consts vbsc_consts; struct blockif_ctxt *bc; char vbsc_ident[VTBLK_BLK_ID_BYTES]; struct pci_vtblk_ioreq vbsc_ios[VTBLK_RINGSZ]; @@ -174,9 +221,8 @@ pci_vtblk_reset(void *vsc) } static void -pci_vtblk_done(struct blockif_req *br, int err) +pci_vtblk_done_locked(struct pci_vtblk_ioreq *io, int err) { - struct pci_vtblk_ioreq *io = br->br_param; struct pci_vtblk_softc *sc = io->io_sc; /* convert errno into a virtio block error return */ @@ -191,9 +237,18 @@ pci_vtblk_done(struct blockif_req *br, int err) * Return the descriptor back to the host. * We wrote 1 byte (our status) to host. */ - pthread_mutex_lock(&sc->vsc_mtx); vq_relchain(&sc->vbsc_vq, io->io_idx, 1); vq_endchains(&sc->vbsc_vq, 0); +} + +static void +pci_vtblk_done(struct blockif_req *br, int err) +{ + struct pci_vtblk_ioreq *io = br->br_param; + struct pci_vtblk_softc *sc = io->io_sc; + + pthread_mutex_lock(&sc->vsc_mtx); + pci_vtblk_done_locked(io, err); pthread_mutex_unlock(&sc->vsc_mtx); } @@ -208,6 +263,7 @@ pci_vtblk_proc(struct pci_vtblk_softc *sc, struct vque int writeop, type; struct iovec iov[BLOCKIF_IOV_MAX + 2]; uint16_t idx, flags[BLOCKIF_IOV_MAX + 2]; + struct virtio_blk_discard_write_zeroes *discard; n = vq_getchain(vq, &idx, iov, BLOCKIF_IOV_MAX + 2, flags); @@ -224,11 +280,11 @@ pci_vtblk_proc(struct pci_vtblk_softc *sc, struct vque io = &sc->vbsc_ios[idx]; assert((flags[0] & VRING_DESC_F_WRITE) == 0); assert(iov[0].iov_len == sizeof(struct virtio_blk_hdr)); - vbh = iov[0].iov_base; + vbh = (struct virtio_blk_hdr *)iov[0].iov_base; memcpy(&io->io_req.br_iov, &iov[1], sizeof(struct iovec) * (n - 2)); io->io_req.br_iovcnt = n - 2; - io->io_req.br_offset = vbh->vbh_sector * DEV_BSIZE; - io->io_status = iov[--n].iov_base; + io->io_req.br_offset = vbh->vbh_sector * VTBLK_BSIZE; + io->io_status = (uint8_t *)iov[--n].iov_base; assert(iov[n].iov_len == 1); assert(flags[n] & VRING_DESC_F_WRITE); @@ -238,7 +294,7 @@ pci_vtblk_proc(struct pci_vtblk_softc *sc, struct vque * we don't advertise the capability. */ type = vbh->vbh_type & ~VBH_FLAG_BARRIER; - writeop = (type == VBH_OP_WRITE); + writeop = (type == VBH_OP_WRITE || type == VBH_OP_DISCARD); iolen = 0; for (i = 1; i < n; i++) { @@ -254,7 +310,7 @@ pci_vtblk_proc(struct pci_vtblk_softc *sc, struct vque io->io_req.br_resid = iolen; DPRINTF(("virtio-block: %s op, %zd bytes, %d segs, offset %ld", - writeop ? "write" : "read/ident", iolen, i - 1, + writeop ? "write/discard" : "read/ident", iolen, i - 1, io->io_req.br_offset)); switch (type) { @@ -264,6 +320,46 @@ pci_vtblk_proc(struct pci_vtblk_softc *sc, struct vque case VBH_OP_WRITE: err = blockif_write(sc->bc, &io->io_req); break; + case VBH_OP_DISCARD: + /* + * We currently only support a single request, if the guest + * has submitted a request that doesn't conform to the + * requirements, we return a error. + */ + if (iov[1].iov_len != sizeof (*discard)) { + pci_vtblk_done_locked(io, EINVAL); + return; + } + + /* The segments to discard are provided rather than data */ + discard = (struct virtio_blk_discard_write_zeroes *) + iov[1].iov_base; + + /* + * virtio v1.1 5.2.6.2: + * The device MUST set the status byte to VIRTIO_BLK_S_UNSUPP + * for discard and write zeroes commands if any unknown flag is + * set. Furthermore, the device MUST set the status byte to + * VIRTIO_BLK_S_UNSUPP for discard commands if the unmap flag + * is set. + * + * Currently there are no known flags for a DISCARD request. + */ + if (discard->flags.unmap != 0 || discard->flags.reserved != 0) { + pci_vtblk_done_locked(io, ENOTSUP); + return; + } + + /* Make sure the request doesn't exceed our size limit */ + if (discard->num_sectors > VTBLK_MAX_DISCARD_SECT) { + pci_vtblk_done_locked(io, EINVAL); + return; + } + + io->io_req.br_offset = discard->sector * VTBLK_BSIZE; + io->io_req.br_resid = discard->num_sectors * VTBLK_BSIZE; + err = blockif_delete(sc->bc, &io->io_req); + break; case VBH_OP_FLUSH: case VBH_OP_FLUSH_OUT: err = blockif_flush(sc->bc, &io->io_req); @@ -274,10 +370,10 @@ pci_vtblk_proc(struct pci_vtblk_softc *sc, struct vque memset(iov[1].iov_base, 0, iov[1].iov_len); strncpy(iov[1].iov_base, sc->vbsc_ident, MIN(iov[1].iov_len, sizeof(sc->vbsc_ident))); - pci_vtblk_done(&io->io_req, 0); + pci_vtblk_done_locked(io, 0); return; default: - pci_vtblk_done(&io->io_req, EOPNOTSUPP); + pci_vtblk_done_locked(io, EOPNOTSUPP); return; } assert(err == 0); @@ -332,10 +428,14 @@ pci_vtblk_init(struct vmctx *ctx, struct pci_devinst * io->io_idx = i; } + bcopy(&vtblk_vi_consts, &sc->vbsc_consts, sizeof (vtblk_vi_consts)); + if (blockif_candelete(sc->bc)) + sc->vbsc_consts.vc_hv_caps |= VTBLK_F_DISCARD; + pthread_mutex_init(&sc->vsc_mtx, NULL); /* init virtio softc and virtqueues */ - vi_softc_linkup(&sc->vbsc_vs, &vtblk_vi_consts, sc, pi, &sc->vbsc_vq); + vi_softc_linkup(&sc->vbsc_vs, &sc->vbsc_consts, sc, pi, &sc->vbsc_vq); sc->vbsc_vs.vs_mtx = &sc->vsc_mtx; sc->vbsc_vq.vq_qsize = VTBLK_RINGSZ; @@ -353,7 +453,7 @@ pci_vtblk_init(struct vmctx *ctx, struct pci_devinst * digest[0], digest[1], digest[2], digest[3], digest[4], digest[5]); /* setup virtio block config space */ - sc->vbsc_cfg.vbc_capacity = size / DEV_BSIZE; /* 512-byte units */ + sc->vbsc_cfg.vbc_capacity = size / VTBLK_BSIZE; /* 512-byte units */ sc->vbsc_cfg.vbc_size_max = 0; /* not negotiated */ /* @@ -375,6 +475,9 @@ pci_vtblk_init(struct vmctx *ctx, struct pci_devinst * sc->vbsc_cfg.vbc_topology.min_io_size = 0; sc->vbsc_cfg.vbc_topology.opt_io_size = 0; sc->vbsc_cfg.vbc_writeback = 0; + sc->vbsc_cfg.max_discard_sectors = VTBLK_MAX_DISCARD_SECT; + sc->vbsc_cfg.max_discard_seg = VTBLK_MAX_DISCARD_SEG; + sc->vbsc_cfg.discard_sector_alignment = sectsz / VTBLK_BSIZE; /* * Should we move some of this into virtio.c? Could From owner-svn-src-releng@freebsd.org Mon Sep 14 14:52:23 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 21D413D8768; Mon, 14 Sep 2020 14:52:23 +0000 (UTC) (envelope-from dim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Bqq8R06RSz3XdM; Mon, 14 Sep 2020 14:52:23 +0000 (UTC) (envelope-from dim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DB13218C66; Mon, 14 Sep 2020 14:52:22 +0000 (UTC) (envelope-from dim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08EEqMLQ098487; Mon, 14 Sep 2020 14:52:22 GMT (envelope-from dim@FreeBSD.org) Received: (from dim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08EEqM7R098486; Mon, 14 Sep 2020 14:52:22 GMT (envelope-from dim@FreeBSD.org) Message-Id: <202009141452.08EEqM7R098486@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: dim set sender to dim@FreeBSD.org using -f From: Dimitry Andric Date: Mon, 14 Sep 2020 14:52:22 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365721 - in releng/12.2: contrib/llvm-project/compiler-rt/lib/builtins lib/libcompiler_rt X-SVN-Group: releng X-SVN-Commit-Author: dim X-SVN-Commit-Paths: in releng/12.2: contrib/llvm-project/compiler-rt/lib/builtins lib/libcompiler_rt X-SVN-Commit-Revision: 365721 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Sep 2020 14:52:23 -0000 Author: dim Date: Mon Sep 14 14:52:22 2020 New Revision: 365721 URL: https://svnweb.freebsd.org/changeset/base/365721 Log: MF12 r365661: MFC r364753: Add atomic and bswap functions to libcompiler_rt There have been several mentions on our mailing lists about missing atomic functions in our system libraries (e.g. __atomic_load_8 and friends), and recently I saw __bswapdi2 and __bswapsi2 mentioned too. To address this, add implementations for the functions from compiler-rt to the system compiler support libraries, e.g. libcompiler_rt.a and and libgcc_s.so. This also needs a small fixup in compiler-rt's atomic.c, to ensure that 32-bit mips can build correctly. Bump __FreeBSD_version to make it easier for port maintainers to detect when these functions were added. Differential Revision: https://reviews.freebsd.org/D26159 MFC r364782: After r364753, there should be no need to suppress -Watomic-alignment warnings anymore for compiler-rt's atomic.c. This occurred because the IS_LOCK_FREE_8 macro was not correctly defined to 0 for mips, and this caused the compiler to emit a runtime call to __atomic_is_lock_free(), and that triggers the warning. MFC r365509: Follow-up r364753 by enabling compiler-rt's atomic implementation only for clang, as it uses clang specific builtins, and does not compile correctly with gcc. Note that gcc packages usually come with their own libatomic, providing these primitives. MFC r365588: Follow-up r364753 by only using arm's stdatomic.c implementation, as it already covers the functions in compiler-rt's atomic.c, leading to conflicts when linking. PR: 230888 Approved by: re (gjb) Modified: releng/12.2/contrib/llvm-project/compiler-rt/lib/builtins/atomic.c releng/12.2/lib/libcompiler_rt/Makefile.inc Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/contrib/llvm-project/compiler-rt/lib/builtins/atomic.c ============================================================================== --- releng/12.2/contrib/llvm-project/compiler-rt/lib/builtins/atomic.c Mon Sep 14 14:45:30 2020 (r365720) +++ releng/12.2/contrib/llvm-project/compiler-rt/lib/builtins/atomic.c Mon Sep 14 14:52:22 2020 (r365721) @@ -124,8 +124,8 @@ static __inline Lock *lock_for_pointer(void *ptr) { #define IS_LOCK_FREE_2 __c11_atomic_is_lock_free(2) #define IS_LOCK_FREE_4 __c11_atomic_is_lock_free(4) -/// 32 bit PowerPC doesn't support 8-byte lock_free atomics -#if !defined(__powerpc64__) && defined(__powerpc__) +/// 32 bit MIPS and PowerPC don't support 8-byte lock_free atomics +#if defined(__mips__) || (!defined(__powerpc64__) && defined(__powerpc__)) #define IS_LOCK_FREE_8 0 #else #define IS_LOCK_FREE_8 __c11_atomic_is_lock_free(8) Modified: releng/12.2/lib/libcompiler_rt/Makefile.inc ============================================================================== --- releng/12.2/lib/libcompiler_rt/Makefile.inc Mon Sep 14 14:45:30 2020 (r365720) +++ releng/12.2/lib/libcompiler_rt/Makefile.inc Mon Sep 14 14:52:22 2020 (r365721) @@ -18,6 +18,8 @@ SRCF+= ashldi3 SRCF+= ashlti3 SRCF+= ashrdi3 SRCF+= ashrti3 +SRCF+= bswapdi2 +SRCF+= bswapsi2 SRCF+= clear_cache SRCF+= clzdi2 SRCF+= clzsi2 @@ -121,6 +123,13 @@ SRCF+= umoddi3 SRCF+= umodsi3 SRCF+= umodti3 +# Enable compiler-rt's atomic implementation only for clang, as it uses clang +# specific builtins, and gcc packages usually come with their own libatomic. +# Exclude arm which has its own implementations of atomic functions, below. +.if "${COMPILER_TYPE}" == "clang" && ${MACHINE_CPUARCH} != "arm" +SRCF+= atomic +.endif + # Avoid using SSE2 instructions on i386, if unsupported. .if ${MACHINE_CPUARCH} == "i386" && empty(MACHINE_CPU:Msse2) SRCS+= floatdidf.c @@ -213,12 +222,6 @@ CFLAGS+= -DEMIT_SYNC_ATOMICS SRCF+= stdatomic .endif -.if "${COMPILER_TYPE}" == "clang" && \ - (${MACHINE_ARCH} == "powerpc" || ${MACHINE_ARCH} == "powerpcspe") -SRCS+= atomic.c -CFLAGS.atomic.c+= -Wno-atomic-alignment -.endif - .for file in ${SRCF} .if ${MACHINE_ARCH:Marmv[67]*} && (!defined(CPUTYPE) || ${CPUTYPE:M*soft*} == "") \ && exists(${CRTSRC}/${CRTARCH}/${file}vfp.S) @@ -240,18 +243,9 @@ SRCS+= aeabi_memmove.S SRCS+= aeabi_memset.S SRCS+= aeabi_uidivmod.S SRCS+= aeabi_uldivmod.S -SRCS+= bswapdi2.S -SRCS+= bswapsi2.S SRCS+= switch16.S SRCS+= switch32.S SRCS+= switch8.S SRCS+= switchu8.S SRCS+= sync_synchronize.S -.endif - -# On some archs GCC-6.3 requires bswap32 built-in. -.if ${MACHINE_CPUARCH} == "mips" || ${MACHINE_CPUARCH} == "riscv" || \ - ${MACHINE_CPUARCH} == "sparc64" -SRCS+= bswapdi2.c -SRCS+= bswapsi2.c .endif From owner-svn-src-releng@freebsd.org Mon Sep 14 14:53:11 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D5A153D8C02; Mon, 14 Sep 2020 14:53:11 +0000 (UTC) (envelope-from dim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Bqq9M5LSgz3XqP; Mon, 14 Sep 2020 14:53:11 +0000 (UTC) (envelope-from dim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9C25218B34; Mon, 14 Sep 2020 14:53:11 +0000 (UTC) (envelope-from dim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08EErBPn098589; Mon, 14 Sep 2020 14:53:11 GMT (envelope-from dim@FreeBSD.org) Received: (from dim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08EEr9u4098580; Mon, 14 Sep 2020 14:53:09 GMT (envelope-from dim@FreeBSD.org) Message-Id: <202009141453.08EEr9u4098580@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: dim set sender to dim@FreeBSD.org using -f From: Dimitry Andric Date: Mon, 14 Sep 2020 14:53:09 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365722 - in releng/12.2: . contrib/jemalloc contrib/jemalloc/doc contrib/jemalloc/include/jemalloc lib/libc/stdlib/jemalloc share/man/man5 share/mk tools/build/options X-SVN-Group: releng X-SVN-Commit-Author: dim X-SVN-Commit-Paths: in releng/12.2: . contrib/jemalloc contrib/jemalloc/doc contrib/jemalloc/include/jemalloc lib/libc/stdlib/jemalloc share/man/man5 share/mk tools/build/options X-SVN-Commit-Revision: 365722 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Sep 2020 14:53:11 -0000 Author: dim Date: Mon Sep 14 14:53:09 2020 New Revision: 365722 URL: https://svnweb.freebsd.org/changeset/base/365722 Log: MF12 r365662: MFC r365371: Turn MALLOC_PRODUCTION into a regular src.conf(5) option For historical reasons, defining MALLOC_PRODUCTION in /etc/make.conf has been used to turn off potentially expensive debug checks and statistics gathering in the implementation of malloc(3). It seems more consistent to turn this into a regular src.conf(5) option, e.g. WITH_MALLOC_PRODUCTION / WITHOUT_MALLOC_PRODUCTION. This can then be toggled similar to any other source build option, and turned on or off by default for e.g. stable branches. Reviewed by: imp, #manpages Differential Revision: https://reviews.freebsd.org/D26337 MFC r365373: Follow-up r365371 by removing sentences which indicate the state of the MK_MALLOC_PRODUCTION option on -CURRENT. Also, for the sake of backwards compatibility, support the old way of enabling 'production malloc', e.g. by adding a define in make.conf(5). MF12 r365671: Follow-up r365662 (MFC of r365371 and r365373) by correctly setting WITH_MALLOC_PRODUCTION for stable branches. Also add a note to UPDATING, to inform users about the new setting. Direct commit to stable/{11,12} as this does not apply to head. Noticed by: imp, Ronald Klop MF12 r365672: Follow-up r365662 (MFC of r365371 and r365373) by also removing the header hack from jemalloc_FreeBSD.h, which rendered any make.conf MALLOC_PRODUCTION or src.conf WITH/WITHOUT_MALLOC_PRODUCTION irrelevant. Direct commit to stable/{11,12} as this does not apply to head. Noticed by: kevans Approved by: re (gjb) Added: releng/12.2/tools/build/options/WITHOUT_MALLOC_PRODUCTION - copied unchanged from r365662, stable/12/tools/build/options/WITHOUT_MALLOC_PRODUCTION releng/12.2/tools/build/options/WITH_MALLOC_PRODUCTION - copied unchanged from r365662, stable/12/tools/build/options/WITH_MALLOC_PRODUCTION Modified: releng/12.2/UPDATING releng/12.2/contrib/jemalloc/FREEBSD-diffs releng/12.2/contrib/jemalloc/doc/jemalloc.3 releng/12.2/contrib/jemalloc/include/jemalloc/jemalloc_FreeBSD.h releng/12.2/lib/libc/stdlib/jemalloc/Makefile.inc releng/12.2/share/man/man5/make.conf.5 releng/12.2/share/man/man5/src.conf.5 releng/12.2/share/mk/src.opts.mk Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/UPDATING ============================================================================== --- releng/12.2/UPDATING Mon Sep 14 14:52:22 2020 (r365721) +++ releng/12.2/UPDATING Mon Sep 14 14:53:09 2020 (r365722) @@ -16,6 +16,18 @@ from older versions of FreeBSD, try WITHOUT_CLANG and the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20200912: + The make.conf(5) MALLOC_PRODUCTION variable, used for disabling and + enabling assertions and statistics gathering in malloc(3), has been + migrated to a src.conf(5) WITH/WITHOUT_MALLOC_PRODUCTION option. + + On stable branches, WITH_MALLOC_PRODUCTION is set by default, which + means that malloc(3) has assertions and statistics gathering disabled, + for improved performance. + + For backwards compatibility, the make.conf(5) MALLOC_PRODUCTION is still + honored, but it is now deprecated and undocumented. + 20200909: The resume code now notifies devd with the 'kernel' system rather than the old 'kern' subsystem to be consistent with Modified: releng/12.2/contrib/jemalloc/FREEBSD-diffs ============================================================================== --- releng/12.2/contrib/jemalloc/FREEBSD-diffs Mon Sep 14 14:52:22 2020 (r365721) +++ releng/12.2/contrib/jemalloc/FREEBSD-diffs Mon Sep 14 14:53:09 2020 (r365722) @@ -14,7 +14,7 @@ index 1e12fd3a..c42a7e10 100644 + . + Additionally, is enabled in development + versions of FreeBSD (controlled by the -+ MALLOC_PRODUCTION make variable). ++ MK_MALLOC_PRODUCTION make variable). + Modified: releng/12.2/contrib/jemalloc/doc/jemalloc.3 ============================================================================== --- releng/12.2/contrib/jemalloc/doc/jemalloc.3 Mon Sep 14 14:52:22 2020 (r365721) +++ releng/12.2/contrib/jemalloc/doc/jemalloc.3 Mon Sep 14 14:53:09 2020 (r365722) @@ -43,7 +43,7 @@ The following configuration options are enabled in lib \fB\-\-with\-malloc\-conf=abort_conf:false\fR\&. Additionally, \fB\-\-enable\-debug\fR is enabled in development versions of FreeBSD (controlled by the -\fBMALLOC_PRODUCTION\fR +\fBMK_MALLOC_PRODUCTION\fR make variable)\&. .SH "SYNOPSIS" .sp Modified: releng/12.2/contrib/jemalloc/include/jemalloc/jemalloc_FreeBSD.h ============================================================================== --- releng/12.2/contrib/jemalloc/include/jemalloc/jemalloc_FreeBSD.h Mon Sep 14 14:52:22 2020 (r365721) +++ releng/12.2/contrib/jemalloc/include/jemalloc/jemalloc_FreeBSD.h Mon Sep 14 14:53:09 2020 (r365722) @@ -5,7 +5,7 @@ #undef JEMALLOC_OVERRIDE_VALLOC #ifndef MALLOC_PRODUCTION -#define MALLOC_PRODUCTION +#define JEMALLOC_DEBUG #endif #undef JEMALLOC_DSS Modified: releng/12.2/lib/libc/stdlib/jemalloc/Makefile.inc ============================================================================== --- releng/12.2/lib/libc/stdlib/jemalloc/Makefile.inc Mon Sep 14 14:52:22 2020 (r365721) +++ releng/12.2/lib/libc/stdlib/jemalloc/Makefile.inc Mon Sep 14 14:53:09 2020 (r365722) @@ -44,6 +44,6 @@ MLINKS+= \ jemalloc.3 nallocx.3 \ jemalloc.3 malloc.conf.5 -.if defined(MALLOC_PRODUCTION) +.if ${MK_MALLOC_PRODUCTION} != "no" || defined(MALLOC_PRODUCTION) CFLAGS+= -DMALLOC_PRODUCTION .endif Modified: releng/12.2/share/man/man5/make.conf.5 ============================================================================== --- releng/12.2/share/man/man5/make.conf.5 Mon Sep 14 14:52:22 2020 (r365721) +++ releng/12.2/share/man/man5/make.conf.5 Mon Sep 14 14:53:09 2020 (r365722) @@ -401,12 +401,6 @@ console driver to and allow access over FireWire(IEEE1394) using .Xr dconschat 8 . Currently, only i386 and amd64 are supported. -.It Va MALLOC_PRODUCTION -.Pq Vt bool -Set this to disable assertions and statistics gathering in -.Xr malloc 3 . -It also defaults the A and J runtime options to off. -Disabled by default on -CURRENT. .It Va MAN_ARCH .Pq Vt str Space-delimited list of one or more MACHINE and/or MACHINE_ARCH values Modified: releng/12.2/share/man/man5/src.conf.5 ============================================================================== --- releng/12.2/share/man/man5/src.conf.5 Mon Sep 14 14:52:22 2020 (r365721) +++ releng/12.2/share/man/man5/src.conf.5 Mon Sep 14 14:53:09 2020 (r365722) @@ -1,6 +1,6 @@ .\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. .\" $FreeBSD$ -.Dd April 9, 2020 +.Dd September 12, 2020 .Dt SRC.CONF 5 .Os .Sh NAME @@ -1325,6 +1325,10 @@ if executed as an unprivileged user. See .Xr tests 7 for more details. +.It Va WITHOUT_MALLOC_PRODUCTION +Set to enable assertions and statistics gathering in +.Xr malloc 3 . +It also defaults the A and J runtime options to on. .It Va WITHOUT_MAN Set to not build manual pages. When set, these options are also in effect: Modified: releng/12.2/share/mk/src.opts.mk ============================================================================== --- releng/12.2/share/mk/src.opts.mk Mon Sep 14 14:52:22 2020 (r365721) +++ releng/12.2/share/mk/src.opts.mk Mon Sep 14 14:53:09 2020 (r365722) @@ -143,6 +143,7 @@ __DEFAULT_YES_OPTIONS = \ MAIL \ MAILWRAPPER \ MAKE \ + MALLOC_PRODUCTION \ NDIS \ NETCAT \ NETGRAPH \ Copied: releng/12.2/tools/build/options/WITHOUT_MALLOC_PRODUCTION (from r365662, stable/12/tools/build/options/WITHOUT_MALLOC_PRODUCTION) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/12.2/tools/build/options/WITHOUT_MALLOC_PRODUCTION Mon Sep 14 14:53:09 2020 (r365722, copy of r365662, stable/12/tools/build/options/WITHOUT_MALLOC_PRODUCTION) @@ -0,0 +1,4 @@ +.\" $FreeBSD$ +Set to enable assertions and statistics gathering in +.Xr malloc 3 . +It also defaults the A and J runtime options to on. Copied: releng/12.2/tools/build/options/WITH_MALLOC_PRODUCTION (from r365662, stable/12/tools/build/options/WITH_MALLOC_PRODUCTION) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/12.2/tools/build/options/WITH_MALLOC_PRODUCTION Mon Sep 14 14:53:09 2020 (r365722, copy of r365662, stable/12/tools/build/options/WITH_MALLOC_PRODUCTION) @@ -0,0 +1,4 @@ +.\" $FreeBSD$ +Set to disable assertions and statistics gathering in +.Xr malloc 3 . +It also defaults the A and J runtime options to off. From owner-svn-src-releng@freebsd.org Mon Sep 14 17:21:53 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 65A0E3DCFE8; Mon, 14 Sep 2020 17:21:53 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BqtSx279Sz41b0; Mon, 14 Sep 2020 17:21:53 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2C1AF1A915; Mon, 14 Sep 2020 17:21:53 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08EHLqJA088645; Mon, 14 Sep 2020 17:21:52 GMT (envelope-from markj@FreeBSD.org) Received: (from markj@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08EHLqao088644; Mon, 14 Sep 2020 17:21:52 GMT (envelope-from markj@FreeBSD.org) Message-Id: <202009141721.08EHLqao088644@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: markj set sender to markj@FreeBSD.org using -f From: Mark Johnston Date: Mon, 14 Sep 2020 17:21:52 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365728 - releng/12.2/sys/vm X-SVN-Group: releng X-SVN-Commit-Author: markj X-SVN-Commit-Paths: releng/12.2/sys/vm X-SVN-Commit-Revision: 365728 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Sep 2020 17:21:53 -0000 Author: markj Date: Mon Sep 14 17:21:52 2020 New Revision: 365728 URL: https://svnweb.freebsd.org/changeset/base/365728 Log: MFS r365718: MFC r365437: vm_object_split(): Handle orig_object type changes. Approved by: re (gjb) Modified: releng/12.2/sys/vm/vm_object.c Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/sys/vm/vm_object.c ============================================================================== --- releng/12.2/sys/vm/vm_object.c Mon Sep 14 16:18:53 2020 (r365727) +++ releng/12.2/sys/vm/vm_object.c Mon Sep 14 17:21:52 2020 (r365728) @@ -1313,7 +1313,7 @@ vm_object_shadow( void vm_object_split(vm_map_entry_t entry) { - vm_page_t m, m_next; + vm_page_t m, m_busy, m_next; vm_object_t orig_object, new_object, source; vm_pindex_t idx, offidxstart; vm_size_t size; @@ -1370,8 +1370,14 @@ vm_object_split(vm_map_entry_t entry) ("orig_object->charge < 0")); orig_object->charge -= ptoa(size); } + m_busy = NULL; +#ifdef INVARIANTS + idx = 0; +#endif retry: m = vm_page_find_least(orig_object, offidxstart); + KASSERT(m == NULL || idx <= m->pindex - offidxstart, + ("%s: object %p was repopulated", __func__, orig_object)); for (; m != NULL && (idx = m->pindex - offidxstart) < size; m = m_next) { m_next = TAILQ_NEXT(m, listq); @@ -1417,8 +1423,16 @@ retry: */ vm_reserv_rename(m, new_object, orig_object, offidxstart); #endif - if (orig_object->type == OBJT_SWAP) + + /* + * orig_object's type may change while sleeping, so keep track + * of the beginning of the busied range. + */ + if (orig_object->type == OBJT_SWAP) { vm_page_xbusy(m); + if (m_busy == NULL) + m_busy = m; + } } if (orig_object->type == OBJT_SWAP) { /* @@ -1426,8 +1440,9 @@ retry: * and new_object's locks are released and reacquired. */ swap_pager_copy(orig_object, new_object, offidxstart, 0); - TAILQ_FOREACH(m, &new_object->memq, listq) - vm_page_xunbusy(m); + if (m_busy != NULL) + TAILQ_FOREACH_FROM(m_busy, &new_object->memq, listq) + vm_page_xunbusy(m_busy); } VM_OBJECT_WUNLOCK(orig_object); VM_OBJECT_WUNLOCK(new_object); From owner-svn-src-releng@freebsd.org Mon Sep 14 22:42:20 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 215CD3E3F6F; Mon, 14 Sep 2020 22:42:20 +0000 (UTC) (envelope-from erj@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Br1Zh0MC6z4Qb5; Mon, 14 Sep 2020 22:42:20 +0000 (UTC) (envelope-from erj@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CA3351DDFD; Mon, 14 Sep 2020 22:42:19 +0000 (UTC) (envelope-from erj@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08EMgJdq095847; Mon, 14 Sep 2020 22:42:19 GMT (envelope-from erj@FreeBSD.org) Received: (from erj@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08EMgILj095837; Mon, 14 Sep 2020 22:42:18 GMT (envelope-from erj@FreeBSD.org) Message-Id: <202009142242.08EMgILj095837@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: erj set sender to erj@FreeBSD.org using -f From: Eric Joyner Date: Mon, 14 Sep 2020 22:42:18 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365733 - in releng/12.2: . sys/amd64/conf sys/conf sys/contrib/dev/ice sys/dev/ice sys/modules sys/modules/ice sys/modules/ice_ddp tools/kerneldoc/subsys X-SVN-Group: releng X-SVN-Commit-Author: erj X-SVN-Commit-Paths: in releng/12.2: . sys/amd64/conf sys/conf sys/contrib/dev/ice sys/dev/ice sys/modules sys/modules/ice sys/modules/ice_ddp tools/kerneldoc/subsys X-SVN-Commit-Revision: 365733 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Sep 2020 22:42:20 -0000 Author: erj Date: Mon Sep 14 22:42:17 2020 New Revision: 365733 URL: https://svnweb.freebsd.org/changeset/base/365733 Log: ice(4): Add Intel 100GbE Ethernet Driver to kernel This also adds the "package" file that's loaded by the device for configuration, used in the included ice_ddp kernel module. MFS of r365612 and r365731. Approved by: re (gjb@) Relnotes: yes Sponsored by: Intel Corporation Added: releng/12.2/sys/contrib/dev/ice/ - copied from r365612, stable/12/sys/contrib/dev/ice/ releng/12.2/sys/contrib/dev/ice/ice-1.3.16.0.pkg - copied unchanged from r365731, stable/12/sys/contrib/dev/ice/ice-1.3.16.0.pkg releng/12.2/sys/dev/ice/ - copied from r365612, stable/12/sys/dev/ice/ releng/12.2/sys/modules/ice/ - copied from r365612, stable/12/sys/modules/ice/ releng/12.2/sys/modules/ice_ddp/ - copied from r365612, stable/12/sys/modules/ice_ddp/ releng/12.2/tools/kerneldoc/subsys/Doxyfile-dev_ice - copied unchanged from r365612, stable/12/tools/kerneldoc/subsys/Doxyfile-dev_ice Deleted: releng/12.2/sys/contrib/dev/ice/ice-1.3.9.0.pkg Modified: releng/12.2/MAINTAINERS releng/12.2/sys/amd64/conf/GENERIC releng/12.2/sys/amd64/conf/NOTES releng/12.2/sys/conf/files.amd64 releng/12.2/sys/conf/files.arm64 releng/12.2/sys/contrib/dev/ice/README releng/12.2/sys/dev/ice/ice_adminq_cmd.h releng/12.2/sys/dev/ice/ice_bitops.h releng/12.2/sys/dev/ice/ice_common.c releng/12.2/sys/dev/ice/ice_common.h releng/12.2/sys/dev/ice/ice_controlq.c releng/12.2/sys/dev/ice/ice_controlq.h releng/12.2/sys/dev/ice/ice_dcb.c releng/12.2/sys/dev/ice/ice_dcb.h releng/12.2/sys/dev/ice/ice_drv_info.h releng/12.2/sys/dev/ice/ice_flex_pipe.c releng/12.2/sys/dev/ice/ice_flex_pipe.h releng/12.2/sys/dev/ice/ice_flex_type.h releng/12.2/sys/dev/ice/ice_flow.c releng/12.2/sys/dev/ice/ice_flow.h releng/12.2/sys/dev/ice/ice_hw_autogen.h releng/12.2/sys/dev/ice/ice_lan_tx_rx.h releng/12.2/sys/dev/ice/ice_lib.c releng/12.2/sys/dev/ice/ice_lib.h releng/12.2/sys/dev/ice/ice_nvm.c releng/12.2/sys/dev/ice/ice_nvm.h releng/12.2/sys/dev/ice/ice_protocol_type.h releng/12.2/sys/dev/ice/ice_sched.c releng/12.2/sys/dev/ice/ice_sched.h releng/12.2/sys/dev/ice/ice_status.h releng/12.2/sys/dev/ice/ice_strings.c releng/12.2/sys/dev/ice/ice_switch.c releng/12.2/sys/dev/ice/ice_switch.h releng/12.2/sys/dev/ice/ice_type.h releng/12.2/sys/dev/ice/if_ice_iflib.c releng/12.2/sys/dev/ice/virtchnl.h releng/12.2/sys/dev/ice/virtchnl_inline_ipsec.h releng/12.2/sys/modules/Makefile releng/12.2/sys/modules/ice_ddp/Makefile Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/MAINTAINERS ============================================================================== --- releng/12.2/MAINTAINERS Mon Sep 14 22:15:54 2020 (r365732) +++ releng/12.2/MAINTAINERS Mon Sep 14 22:42:17 2020 (r365733) @@ -89,9 +89,11 @@ share/mk/*.test.mk freebsd-testing,ngie (same list as stand/forth dteske Pre-commit review requested. stand/lua kevans Pre-commit review requested sys/compat/linuxkpi hselasky If in doubt, ask. +sys/contrib/dev/ice erj Pre-commit phabricator review requested. sys/dev/e1000 erj Pre-commit phabricator review requested. sys/dev/ixgbe erj Pre-commit phabricator review requested. sys/dev/ixl erj Pre-commit phabricator review requested. +sys/dev/ice erj Pre-commit phabricator review requested. sys/dev/sound/usb hselasky If in doubt, ask. sys/dev/usb hselasky If in doubt, ask. sys/dev/xen royger Pre-commit review recommended. Modified: releng/12.2/sys/amd64/conf/GENERIC ============================================================================== --- releng/12.2/sys/amd64/conf/GENERIC Mon Sep 14 22:15:54 2020 (r365732) +++ releng/12.2/sys/amd64/conf/GENERIC Mon Sep 14 22:42:17 2020 (r365733) @@ -225,6 +225,7 @@ device ix # Intel PRO/10GbE PCIE PF Ethernet device ixv # Intel PRO/10GbE PCIE VF Ethernet device ixl # Intel 700 Series Physical Function device iavf # Intel Adaptive Virtual Function +device ice # Intel 800 Series Physical Function device vmx # VMware VMXNET3 Ethernet # PCI Ethernet NICs. Modified: releng/12.2/sys/amd64/conf/NOTES ============================================================================== --- releng/12.2/sys/amd64/conf/NOTES Mon Sep 14 22:15:54 2020 (r365732) +++ releng/12.2/sys/amd64/conf/NOTES Mon Sep 14 22:42:17 2020 (r365733) @@ -306,6 +306,8 @@ options DRM_DEBUG # Include debug printfs (slow) # ed: Western Digital and SMC 80xx; Novell NE1000 and NE2000; 3Com 3C503 # HP PC Lan+, various PC Card devices # (requires miibus) +# ice: Intel 800 Series Physical Function +# Requires the ice_ddp module for full functionality # ipw: Intel PRO/Wireless 2100 IEEE 802.11 adapter # Requires the ipw firmware module # iwi: Intel PRO/Wireless 2200BG/2225BG/2915ABG IEEE 802.11 adapters @@ -332,6 +334,8 @@ device iwi # Intel 2200BG/2225BG/2915ABG wireless NI device iwn # Intel 4965/1000/5000/6000 wireless NICs. device ixl # Intel 700 Series Physical Function device iavf # Intel Adaptive Virtual Function +device ice # Intel 800 Series Physical Function +device ice_ddp # Intel 800 Series DDP Package device mthca # Mellanox HCA InfiniBand device mlx4 # Shared code module between IB and Ethernet device mlx4ib # Mellanox ConnectX HCA InfiniBand Modified: releng/12.2/sys/conf/files.amd64 ============================================================================== --- releng/12.2/sys/conf/files.amd64 Mon Sep 14 22:15:54 2020 (r365732) +++ releng/12.2/sys/conf/files.amd64 Mon Sep 14 22:42:17 2020 (r365733) @@ -255,6 +255,52 @@ dev/imcsmb/imcsmb.c optional imcsmb dev/imcsmb/imcsmb_pci.c optional imcsmb pci dev/intel/spi.c optional intelspi dev/io/iodev.c optional io +dev/ice/if_ice_iflib.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_lib.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_osdep.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_resmgr.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_strings.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_iflib_recovery_txrx.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_iflib_txrx.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_common.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_controlq.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_dcb.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_flex_pipe.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_flow.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_nvm.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_sched.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_sriov.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_switch.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +ice_ddp.c optional ice_ddp \ + compile-with "${AWK} -f $S/tools/fw_stub.awk ice_ddp.fw:ice_ddp:0x01031000 -mice_ddp -c${.TARGET}" \ + no-implicit-rule before-depend local \ + clean "ice_ddp.c" +ice_ddp.fwo optional ice_ddp \ + dependency "ice_ddp.fw" \ + compile-with "${NORMAL_FWO}" \ + no-implicit-rule \ + clean "ice_ddp.fwo" +ice_ddp.fw optional ice_ddp \ + dependency "$S/contrib/dev/ice/ice-1.3.16.0.pkg" \ + compile-with "${CP} $S/contrib/dev/ice/ice-1.3.16.0.pkg ice_ddp.fw" \ + no-obj no-implicit-rule \ + clean "ice_ddp.fw" dev/ioat/ioat.c optional ioat pci dev/ioat/ioat_test.c optional ioat pci dev/ipmi/ipmi.c optional ipmi Modified: releng/12.2/sys/conf/files.arm64 ============================================================================== --- releng/12.2/sys/conf/files.arm64 Mon Sep 14 22:15:54 2020 (r365732) +++ releng/12.2/sys/conf/files.arm64 Mon Sep 14 22:42:17 2020 (r365733) @@ -221,6 +221,53 @@ dev/axgbe/xgbe-dev.c optional axgbe dev/axgbe/xgbe-drv.c optional axgbe dev/axgbe/xgbe-mdio.c optional axgbe dev/cpufreq/cpufreq_dt.c optional cpufreq fdt +dev/ice/if_ice_iflib.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_lib.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_osdep.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_resmgr.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_strings.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_iflib_recovery_txrx.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_iflib_txrx.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_common.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_controlq.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_dcb.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_flex_pipe.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_flow.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_nvm.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_sched.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_sriov.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +dev/ice/ice_switch.c optional ice pci \ + compile-with "${NORMAL_C} -I$S/dev/ice" +ice_ddp.c optional ice_ddp \ + compile-with "${AWK} -f $S/tools/fw_stub.awk ice_ddp.fw:ice_ddp:0x01031000 -mice_ddp -c${.TARGET}" \ + no-implicit-rule before-depend local \ + clean "ice_ddp.c" +ice_ddp.fwo optional ice_ddp \ + dependency "ice_ddp.fw" \ + compile-with "${NORMAL_FWO}" \ + no-implicit-rule \ + clean "ice_ddp.fwo" +ice_ddp.fw optional ice_ddp \ + dependency "$S/contrib/dev/ice/ice-1.3.16.0.pkg" \ + compile-with "${CP} $S/contrib/dev/ice/ice-1.3.16.0.pkg ice_ddp.fw" \ + no-obj no-implicit-rule \ + clean "ice_ddp.fw" +dev/iicbus/sy8106a.c optional sy8106a fdt dev/iicbus/twsi/mv_twsi.c optional twsi fdt dev/iicbus/twsi/a10_twsi.c optional twsi fdt dev/iicbus/twsi/twsi.c optional twsi fdt Modified: releng/12.2/sys/contrib/dev/ice/README ============================================================================== --- stable/12/sys/contrib/dev/ice/README Thu Sep 10 20:46:16 2020 (r365612) +++ releng/12.2/sys/contrib/dev/ice/README Mon Sep 14 22:42:17 2020 (r365733) @@ -1,6 +1,6 @@ Dynamic Device Personalization (DDP) Package ============================================ -February 21, 2020 +July 7, 2020 Contents @@ -59,6 +59,7 @@ The OS-default DDP package supports the following: - GRE - NVGRE - RoCEv2 +- MPLS (up to 5 consecutive MPLS labels in the outermost Layer 2 header group) Safe Mode Copied: releng/12.2/sys/contrib/dev/ice/ice-1.3.16.0.pkg (from r365731, stable/12/sys/contrib/dev/ice/ice-1.3.16.0.pkg) ============================================================================== Binary file (source and/or target). No diff available. Modified: releng/12.2/sys/dev/ice/ice_adminq_cmd.h ============================================================================== --- stable/12/sys/dev/ice/ice_adminq_cmd.h Thu Sep 10 20:46:16 2020 (r365612) +++ releng/12.2/sys/dev/ice/ice_adminq_cmd.h Mon Sep 14 22:42:17 2020 (r365733) @@ -156,12 +156,13 @@ struct ice_aqc_list_caps_elem { #define ICE_AQC_CAPS_MSIX 0x0043 #define ICE_AQC_CAPS_MAX_MTU 0x0047 #define ICE_AQC_CAPS_NVM_VER 0x0048 +#define ICE_AQC_CAPS_OROM_VER 0x004A +#define ICE_AQC_CAPS_NET_VER 0x004C #define ICE_AQC_CAPS_CEM 0x00F2 #define ICE_AQC_CAPS_IWARP 0x0051 #define ICE_AQC_CAPS_LED 0x0061 #define ICE_AQC_CAPS_SDP 0x0062 #define ICE_AQC_CAPS_WR_CSR_PROT 0x0064 -#define ICE_AQC_CAPS_NO_DROP_POLICY 0x0065 #define ICE_AQC_CAPS_LOGI_TO_PHYSI_PORT_MAP 0x0073 #define ICE_AQC_CAPS_SKU 0x0074 #define ICE_AQC_CAPS_PORT_MAP 0x0075 @@ -281,13 +282,6 @@ struct ice_aqc_get_sw_cfg_resp_elem { #define ICE_AQC_GET_SW_CONF_RESP_IS_VF BIT(15) }; -/* The response buffer is as follows. Note that the length of the - * elements array varies with the length of the command response. - */ -struct ice_aqc_get_sw_cfg_resp { - struct ice_aqc_get_sw_cfg_resp_elem elements[1]; -}; - /* Set Port parameters, (direct, 0x0203) */ struct ice_aqc_set_port_params { __le16 cmd_flags; @@ -338,8 +332,6 @@ struct ice_aqc_set_port_params { #define ICE_AQC_RES_TYPE_SWITCH_PROF_BLDR_TCAM 0x49 #define ICE_AQC_RES_TYPE_ACL_PROF_BLDR_PROFID 0x50 #define ICE_AQC_RES_TYPE_ACL_PROF_BLDR_TCAM 0x51 -#define ICE_AQC_RES_TYPE_FD_PROF_BLDR_PROFID 0x58 -#define ICE_AQC_RES_TYPE_FD_PROF_BLDR_TCAM 0x59 #define ICE_AQC_RES_TYPE_HASH_PROF_BLDR_PROFID 0x60 #define ICE_AQC_RES_TYPE_HASH_PROF_BLDR_TCAM 0x61 /* Resource types 0x62-67 are reserved for Hash profile builder */ @@ -372,15 +364,6 @@ struct ice_aqc_get_res_resp_elem { __le16 total_free; /* Resources un-allocated/not reserved by any PF */ }; -/* Buffer for Get Resource command */ -struct ice_aqc_get_res_resp { - /* Number of resource entries to be calculated using - * datalen/sizeof(struct ice_aqc_cmd_resp)). - * Value of 'datalen' gets updated as part of response. - */ - struct ice_aqc_get_res_resp_elem elem[1]; -}; - /* Allocate Resources command (indirect 0x0208) * Free Resources command (indirect 0x0209) */ @@ -406,7 +389,7 @@ struct ice_aqc_alloc_free_res_elem { #define ICE_AQC_RES_TYPE_VSI_PRUNE_LIST_M \ (0xF << ICE_AQC_RES_TYPE_VSI_PRUNE_LIST_S) __le16 num_elems; - struct ice_aqc_res_elem elem[1]; + struct ice_aqc_res_elem elem[STRUCT_HACK_VAR_LEN]; }; /* Get Allocated Resource Descriptors Command (indirect 0x020A) */ @@ -428,10 +411,6 @@ struct ice_aqc_get_allocd_res_desc { __le32 addr_low; }; -struct ice_aqc_get_allocd_res_desc_resp { - struct ice_aqc_res_elem elem[1]; -}; - /* Add VSI (indirect 0x0210) * Update VSI (indirect 0x0211) * Get VSI (indirect 0x0212) @@ -758,7 +737,6 @@ struct ice_aqc_sw_rules { __le32 addr_low; }; -#pragma pack(1) /* Add/Update/Get/Remove lookup Rx/Tx command/response entry * This structures describes the lookup rules and associated actions. "index" * is returned as part of a response to a successful Add command, and can be @@ -841,9 +819,8 @@ struct ice_sw_rule_lkup_rx_tx { * lookup-type */ __le16 hdr_len; - u8 hdr[1]; + u8 hdr[STRUCT_HACK_VAR_LEN]; }; -#pragma pack() /* Add/Update/Remove large action command/response entry * "index" is returned as part of a response to a successful Add command, and @@ -852,7 +829,6 @@ struct ice_sw_rule_lkup_rx_tx { struct ice_sw_rule_lg_act { __le16 index; /* Index in large action table */ __le16 size; - __le32 act[1]; /* array of size for actions */ /* Max number of large actions */ #define ICE_MAX_LG_ACT 4 /* Bit 0:1 - Action type */ @@ -903,6 +879,7 @@ struct ice_sw_rule_lg_act { #define ICE_LG_ACT_STAT_COUNT 0x7 #define ICE_LG_ACT_STAT_COUNT_S 3 #define ICE_LG_ACT_STAT_COUNT_M (0x7F << ICE_LG_ACT_STAT_COUNT_S) + __le32 act[STRUCT_HACK_VAR_LEN]; /* array of size for actions */ }; /* Add/Update/Remove VSI list command/response entry @@ -912,7 +889,7 @@ struct ice_sw_rule_lg_act { struct ice_sw_rule_vsi_list { __le16 index; /* Index of VSI/Prune list */ __le16 number_vsi; - __le16 vsi[1]; /* Array of number_vsi VSI numbers */ + __le16 vsi[STRUCT_HACK_VAR_LEN]; /* Array of number_vsi VSI numbers */ }; #pragma pack(1) @@ -977,8 +954,10 @@ struct ice_aqc_set_query_pfc_mode { struct ice_aqc_set_dcb_params { u8 cmd_flags; /* unused in response */ #define ICE_AQC_LINK_UP_DCB_CFG BIT(0) +#define ICE_AQC_PERSIST_DCB_CFG BIT(1) u8 valid_flags; /* unused in response */ #define ICE_AQC_LINK_UP_DCB_CFG_VALID BIT(0) +#define ICE_AQC_PERSIST_DCB_CFG_VALID BIT(1) u8 rsvd[14]; }; @@ -1008,14 +987,6 @@ struct ice_aqc_sched_elem_cmd { __le32 addr_low; }; -/* This is the buffer for: - * Suspend Nodes (indirect 0x0409) - * Resume Nodes (indirect 0x040A) - */ -struct ice_aqc_suspend_resume_elem { - __le32 teid[1]; -}; - struct ice_aqc_txsched_move_grp_info_hdr { __le32 src_parent_teid; __le32 dest_parent_teid; @@ -1025,7 +996,7 @@ struct ice_aqc_txsched_move_grp_info_hdr { struct ice_aqc_move_elem { struct ice_aqc_txsched_move_grp_info_hdr hdr; - __le32 teid[1]; + __le32 teid[STRUCT_HACK_VAR_LEN]; }; struct ice_aqc_elem_info_bw { @@ -1078,17 +1049,9 @@ struct ice_aqc_txsched_topo_grp_info_hdr { struct ice_aqc_add_elem { struct ice_aqc_txsched_topo_grp_info_hdr hdr; - struct ice_aqc_txsched_elem_data generic[1]; + struct ice_aqc_txsched_elem_data generic[STRUCT_HACK_VAR_LEN]; }; -struct ice_aqc_conf_elem { - struct ice_aqc_txsched_elem_data generic[1]; -}; - -struct ice_aqc_get_elem { - struct ice_aqc_txsched_elem_data generic[1]; -}; - struct ice_aqc_get_topo_elem { struct ice_aqc_txsched_topo_grp_info_hdr hdr; struct ice_aqc_txsched_elem_data @@ -1097,7 +1060,7 @@ struct ice_aqc_get_topo_elem { struct ice_aqc_delete_elem { struct ice_aqc_txsched_topo_grp_info_hdr hdr; - __le32 teid[1]; + __le32 teid[STRUCT_HACK_VAR_LEN]; }; /* Query Port ETS (indirect 0x040E) @@ -1160,10 +1123,6 @@ struct ice_aqc_rl_profile_elem { __le16 rl_encode; }; -struct ice_aqc_rl_profile_generic_elem { - struct ice_aqc_rl_profile_elem generic[1]; -}; - /* Configure L2 Node CGD (indirect 0x0414) * This indirect command allows configuring a congestion domain for given L2 * node TEIDs in the scheduler topology. @@ -1181,10 +1140,6 @@ struct ice_aqc_cfg_l2_node_cgd_elem { u8 reserved[3]; }; -struct ice_aqc_cfg_l2_node_cgd_data { - struct ice_aqc_cfg_l2_node_cgd_elem elem[1]; -}; - /* Query Scheduler Resource Allocation (indirect 0x0412) * This indirect command retrieves the scheduler resources allocated by * EMP Firmware to the given PF. @@ -1330,7 +1285,7 @@ struct ice_aqc_get_phy_caps { #define ICE_PHY_TYPE_HIGH_100G_CAUI2 BIT_ULL(2) #define ICE_PHY_TYPE_HIGH_100G_AUI2_AOC_ACC BIT_ULL(3) #define ICE_PHY_TYPE_HIGH_100G_AUI2 BIT_ULL(4) -#define ICE_PHY_TYPE_HIGH_MAX_INDEX 19 +#define ICE_PHY_TYPE_HIGH_MAX_INDEX 5 struct ice_aqc_get_phy_caps_data { __le64 phy_type_low; /* Use values from ICE_PHY_TYPE_LOW_* */ @@ -1381,6 +1336,7 @@ struct ice_aqc_get_phy_caps_data { u8 module_type[ICE_MODULE_TYPE_TOTAL_BYTE]; #define ICE_AQC_MOD_TYPE_BYTE0_SFP_PLUS 0xA0 #define ICE_AQC_MOD_TYPE_BYTE0_QSFP_PLUS 0x80 +#define ICE_AQC_MOD_TYPE_IDENT 1 #define ICE_AQC_MOD_TYPE_BYTE1_SFP_PLUS_CU_PASSIVE BIT(0) #define ICE_AQC_MOD_TYPE_BYTE1_SFP_PLUS_CU_ACTIVE BIT(1) #define ICE_AQC_MOD_TYPE_BYTE1_10G_BASE_SR BIT(4) @@ -1490,6 +1446,9 @@ struct ice_aqc_get_link_status_data { #define ICE_AQ_LINK_TOPO_UNSUPP_MEDIA BIT(7) u8 link_cfg_err; #define ICE_AQ_LINK_CFG_ERR BIT(0) +#define ICE_AQ_LINK_ACT_PORT_OPT_INVAL BIT(2) +#define ICE_AQ_LINK_FEAT_ID_OR_CONFIG_ID_INVAL BIT(3) +#define ICE_AQ_LINK_TOPO_CRITICAL_SDP_ERR BIT(4) u8 link_info; #define ICE_AQ_LINK_UP BIT(0) /* Link Status */ #define ICE_AQ_LINK_FAULT BIT(1) @@ -1607,7 +1566,7 @@ struct ice_aqc_set_mac_lb { u8 reserved[15]; }; -/* DNL Get Status command (indirect 0x680) +/* DNL Get Status command (indirect 0x0680) * Structure used for the response, the command uses the generic * ice_aqc_generic struct to pass a buffer address to the FW. */ @@ -1667,7 +1626,7 @@ struct ice_aqc_dnl_get_status_data { u32 sb_iosf_clk_cntr; }; -/* DNL run command (direct 0x681) */ +/* DNL run command (direct 0x0681) */ struct ice_aqc_dnl_run_command { u8 reserved0; u8 command; @@ -1686,7 +1645,7 @@ struct ice_aqc_dnl_run_command { u8 reserved1[12]; }; -/* DNL call command (indirect 0x682) +/* DNL call command (indirect 0x0682) * Struct is used for both command and response */ struct ice_aqc_dnl_call_command { @@ -1698,14 +1657,14 @@ struct ice_aqc_dnl_call_command { __le32 addr_low; }; -/* DNL call command/response buffer (indirect 0x682) */ +/* DNL call command/response buffer (indirect 0x0682) */ struct ice_aqc_dnl_call { __le32 stores[4]; }; /* Used for both commands: - * DNL read sto command (indirect 0x683) - * DNL write sto command (indirect 0x684) + * DNL read sto command (indirect 0x0683) + * DNL write sto command (indirect 0x0684) */ struct ice_aqc_dnl_read_write_command { u8 ctx; @@ -1720,8 +1679,8 @@ struct ice_aqc_dnl_read_write_command { }; /* Used for both command responses: - * DNL read sto response (indirect 0x683) - * DNL write sto response (indirect 0x684) + * DNL read sto response (indirect 0x0683) + * DNL write sto response (indirect 0x0684) */ struct ice_aqc_dnl_read_write_response { u8 reserved; @@ -1732,14 +1691,14 @@ struct ice_aqc_dnl_read_write_response { __le32 addr_low; /* Reserved for write command */ }; -/* DNL set breakpoints command (indirect 0x686) */ +/* DNL set breakpoints command (indirect 0x0686) */ struct ice_aqc_dnl_set_breakpoints_command { __le32 reserved[2]; __le32 addr_high; __le32 addr_low; }; -/* DNL set breakpoints data buffer structure (indirect 0x686) */ +/* DNL set breakpoints data buffer structure (indirect 0x0686) */ struct ice_aqc_dnl_set_breakpoints { u8 ctx; u8 ena; /* 0- disabled, 1- enabled */ @@ -1747,7 +1706,7 @@ struct ice_aqc_dnl_set_breakpoints { __le16 activity_id; }; -/* DNL read log data command(indirect 0x687) */ +/* DNL read log data command(indirect 0x0687) */ struct ice_aqc_dnl_read_log_command { __le16 reserved0; __le16 offset; @@ -1757,7 +1716,7 @@ struct ice_aqc_dnl_read_log_command { }; -/* DNL read log data response(indirect 0x687) */ +/* DNL read log data response(indirect 0x0687) */ struct ice_aqc_dnl_read_log_response { __le16 reserved; __le16 size; @@ -1976,6 +1935,7 @@ struct ice_aqc_get_port_options { struct ice_aqc_get_port_options_elem { u8 pmd; +#define ICE_AQC_PORT_INV_PORT_OPT 4 #define ICE_AQC_PORT_OPT_PMD_COUNT_S 0 #define ICE_AQC_PORT_OPT_PMD_COUNT_M (0xF << ICE_AQC_PORT_OPT_PMD_COUNT_S) #define ICE_AQC_PORT_OPT_PMD_WIDTH_S 4 @@ -1995,13 +1955,6 @@ struct ice_aqc_get_port_options_elem { u8 phy_scid[2]; }; -/* The buffer for command 0x06EA contains port_options_count of options - * in the option array. - */ -struct ice_aqc_get_port_options_data { - struct ice_aqc_get_port_options_elem option[1]; -}; - /* Set Port Option (direct, 0x06EB) */ struct ice_aqc_set_port_option { u8 lport_num; @@ -2114,6 +2067,7 @@ struct ice_aqc_nvm { #define ICE_AQC_NVM_LINK_TOPO_NETLIST_LEN 2 /* In bytes */ #define ICE_AQC_NVM_NETLIST_NODE_COUNT_OFFSET 2 #define ICE_AQC_NVM_NETLIST_NODE_COUNT_LEN 2 /* In bytes */ +#define ICE_AQC_NVM_NETLIST_NODE_COUNT_M MAKEMASK(0x3FF, 0) #define ICE_AQC_NVM_NETLIST_ID_BLK_START_OFFSET 5 #define ICE_AQC_NVM_NETLIST_ID_BLK_LEN 0x30 /* In words */ @@ -2353,6 +2307,18 @@ struct ice_aqc_lldp_stop_start_specific_agent { u8 reserved[15]; }; +/* LLDP Filter Control (direct 0x0A0A) */ +struct ice_aqc_lldp_filter_ctrl { + u8 cmd_flags; +#define ICE_AQC_LLDP_FILTER_ACTION_M MAKEMASK(3, 0) +#define ICE_AQC_LLDP_FILTER_ACTION_ADD 0x0 +#define ICE_AQC_LLDP_FILTER_ACTION_DELETE 0x1 +#define ICE_AQC_LLDP_FILTER_ACTION_UPDATE 0x2 + u8 reserved1; + __le16 vsi_num; + u8 reserved2[12]; +}; + /* Get/Set RSS key (indirect 0x0B04/0x0B02) */ struct ice_aqc_get_set_rss_key { #define ICE_AQC_GSET_RSS_KEY_VSI_VALID BIT(15) @@ -2389,7 +2355,7 @@ struct ice_aqc_get_set_rss_keys { struct ice_aqc_get_set_rss_lut { #define ICE_AQC_GSET_RSS_LUT_VSI_VALID BIT(15) #define ICE_AQC_GSET_RSS_LUT_VSI_ID_S 0 -#define ICE_AQC_GSET_RSS_LUT_VSI_ID_M (0x1FF << ICE_AQC_GSET_RSS_LUT_VSI_ID_S) +#define ICE_AQC_GSET_RSS_LUT_VSI_ID_M (0x3FF << ICE_AQC_GSET_RSS_LUT_VSI_ID_S) __le16 vsi_id; #define ICE_AQC_GSET_RSS_LUT_TABLE_TYPE_S 0 #define ICE_AQC_GSET_RSS_LUT_TABLE_TYPE_M \ @@ -2450,7 +2416,7 @@ struct ice_aqc_add_tx_qgrp { __le32 parent_teid; u8 num_txqs; u8 rsvd[3]; - struct ice_aqc_add_txqs_perq txqs[1]; + struct ice_aqc_add_txqs_perq txqs[STRUCT_HACK_VAR_LEN]; }; /* Disable Tx LAN Queues (indirect 0x0C31) */ @@ -2483,24 +2449,21 @@ struct ice_aqc_dis_txqs { * added before the start of the next group, to allow correct * alignment of the parent_teid field. */ +#pragma pack(1) struct ice_aqc_dis_txq_item { __le32 parent_teid; u8 num_qs; u8 rsvd; /* The length of the q_id array varies according to num_qs */ - __le16 q_id[1]; - /* This only applies from F8 onward */ #define ICE_AQC_Q_DIS_BUF_ELEM_TYPE_S 15 #define ICE_AQC_Q_DIS_BUF_ELEM_TYPE_LAN_Q \ (0 << ICE_AQC_Q_DIS_BUF_ELEM_TYPE_S) #define ICE_AQC_Q_DIS_BUF_ELEM_TYPE_RDMA_QSET \ (1 << ICE_AQC_Q_DIS_BUF_ELEM_TYPE_S) + __le16 q_id[STRUCT_HACK_VAR_LEN]; }; +#pragma pack() -struct ice_aqc_dis_txq { - struct ice_aqc_dis_txq_item qgrps[1]; -}; - /* Tx LAN Queues Cleanup Event (0x0C31) */ struct ice_aqc_txqs_cleanup { __le16 caller_opc; @@ -2540,11 +2503,11 @@ struct ice_aqc_move_txqs_elem { struct ice_aqc_move_txqs_data { __le32 src_teid; __le32 dest_teid; - struct ice_aqc_move_txqs_elem txqs[1]; + struct ice_aqc_move_txqs_elem txqs[STRUCT_HACK_VAR_LEN]; }; /* Download Package (indirect 0x0C40) */ -/* Also used for Update Package (indirect 0x0C42) */ +/* Also used for Update Package (indirect 0x0C42 and 0x0C41) */ struct ice_aqc_download_pkg { u8 flags; #define ICE_AQC_DOWNLOAD_PKG_LAST_BUF 0x01 @@ -2593,7 +2556,7 @@ struct ice_aqc_get_pkg_info { /* Get Package Info List response buffer format (0x0C43) */ struct ice_aqc_get_pkg_info_resp { __le32 count; - struct ice_aqc_get_pkg_info pkg_info[1]; + struct ice_aqc_get_pkg_info pkg_info[STRUCT_HACK_VAR_LEN]; }; /* Driver Shared Parameters (direct, 0x0C90) */ @@ -2617,6 +2580,50 @@ struct ice_aqc_event_lan_overflow { u8 reserved[8]; }; +/* Set Health Status (direct 0xFF20) */ +struct ice_aqc_set_health_status_config { + u8 event_source; +#define ICE_AQC_HEALTH_STATUS_SET_PF_SPECIFIC_MASK BIT(0) +#define ICE_AQC_HEALTH_STATUS_SET_ALL_PF_MASK BIT(1) +#define ICE_AQC_HEALTH_STATUS_SET_GLOBAL_MASK BIT(2) + u8 reserved[15]; +}; + +/* Get Health Status codes (indirect 0xFF21) */ +struct ice_aqc_get_supported_health_status_codes { + __le16 health_code_count; + u8 reserved[6]; + __le32 addr_high; + __le32 addr_low; +}; + +/* Get Health Status (indirect 0xFF22) */ +struct ice_aqc_get_health_status { + __le16 health_status_count; + u8 reserved[6]; + __le32 addr_high; + __le32 addr_low; +}; + +/* Get Health Status event buffer entry, (0xFF22) + * repeated per reported health status + */ +struct ice_aqc_health_status_elem { + __le16 health_status_code; + __le16 event_source; +#define ICE_AQC_HEALTH_STATUS_PF (0x1) +#define ICE_AQC_HEALTH_STATUS_PORT (0x2) +#define ICE_AQC_HEALTH_STATUS_GLOBAL (0x3) + __le32 internal_data1; +#define ICE_AQC_HEALTH_STATUS_UNDEFINED_DATA (0xDEADBEEF) + __le32 internal_data2; +}; + +/* Clear Health Status (direct 0xFF23) */ +struct ice_aqc_clear_health_status { + __le32 reserved[4]; +}; + /** * struct ice_aq_desc - Admin Queue (AQ) descriptor * @flags: ICE_AQ_FLAG_* flags @@ -2706,6 +2713,7 @@ struct ice_aq_desc { struct ice_aqc_lldp_start lldp_start; struct ice_aqc_lldp_set_local_mib lldp_set_mib; struct ice_aqc_lldp_stop_start_specific_agent lldp_agent_ctrl; + struct ice_aqc_lldp_filter_ctrl lldp_filter_ctrl; struct ice_aqc_get_set_rss_lut get_set_rss_lut; struct ice_aqc_get_set_rss_key get_set_rss_key; struct ice_aqc_add_txqs add_txqs; @@ -2727,6 +2735,12 @@ struct ice_aq_desc { struct ice_aqc_get_link_status get_link_status; struct ice_aqc_event_lan_overflow lan_overflow; struct ice_aqc_get_link_topo get_link_topo; + struct ice_aqc_set_health_status_config + set_health_status_config; + struct ice_aqc_get_supported_health_status_codes + get_supported_health_status_codes; + struct ice_aqc_get_health_status get_health_status; + struct ice_aqc_clear_health_status clear_health_status; } params; }; @@ -2918,6 +2932,8 @@ enum ice_adminq_opc { ice_aqc_opc_nvm_sr_dump = 0x0707, ice_aqc_opc_nvm_save_factory_settings = 0x0708, ice_aqc_opc_nvm_update_empr = 0x0709, + ice_aqc_opc_nvm_pkg_data = 0x070A, + ice_aqc_opc_nvm_pass_component_tbl = 0x070B, /* PF/VF mailbox commands */ ice_mbx_opc_send_msg_to_pf = 0x0801, @@ -2940,6 +2956,7 @@ enum ice_adminq_opc { ice_aqc_opc_get_cee_dcb_cfg = 0x0A07, ice_aqc_opc_lldp_set_local_mib = 0x0A08, ice_aqc_opc_lldp_stop_start_specific_agent = 0x0A09, + ice_aqc_opc_lldp_filter_ctrl = 0x0A0A, /* RSS commands */ ice_aqc_opc_set_rss_key = 0x0B02, @@ -2963,6 +2980,12 @@ enum ice_adminq_opc { /* Standalone Commands/Events */ ice_aqc_opc_event_lan_overflow = 0x1001, + + /* SystemDiagnostic commands */ + ice_aqc_opc_set_health_status_config = 0xFF20, + ice_aqc_opc_get_supported_health_status_codes = 0xFF21, + ice_aqc_opc_get_health_status = 0xFF22, + ice_aqc_opc_clear_health_status = 0xFF23 }; #endif /* _ICE_ADMINQ_CMD_H_ */ Modified: releng/12.2/sys/dev/ice/ice_bitops.h ============================================================================== --- stable/12/sys/dev/ice/ice_bitops.h Thu Sep 10 20:46:16 2020 (r365612) +++ releng/12.2/sys/dev/ice/ice_bitops.h Mon Sep 14 22:42:17 2020 (r365733) @@ -242,7 +242,7 @@ ice_or_bitmap(ice_bitmap_t *dst, const ice_bitmap_t *b ice_bitmap_t mask; u16 i; - /* Handle all but last chunk*/ + /* Handle all but last chunk */ for (i = 0; i < BITS_TO_CHUNKS(size) - 1; i++) dst[i] = bmp1[i] | bmp2[i]; @@ -273,7 +273,7 @@ ice_xor_bitmap(ice_bitmap_t *dst, const ice_bitmap_t * ice_bitmap_t mask; u16 i; - /* Handle all but last chunk*/ + /* Handle all but last chunk */ for (i = 0; i < BITS_TO_CHUNKS(size) - 1; i++) dst[i] = bmp1[i] ^ bmp2[i]; @@ -287,6 +287,37 @@ ice_xor_bitmap(ice_bitmap_t *dst, const ice_bitmap_t * } /** + * ice_andnot_bitmap - bitwise ANDNOT 2 bitmaps and result in dst bitmap + * @dst: Destination bitmap that receive the result of the operation + * @bmp1: The first bitmap of ANDNOT operation + * @bmp2: The second bitmap to ANDNOT operation + * @size: Size of the bitmaps in bits + * + * This function performs a bitwise ANDNOT on two "source" bitmaps of the same + * size, and stores the result to "dst" bitmap. The "dst" bitmap must be of the + * same size as the "source" bitmaps to avoid buffer overflows. + */ +static inline void +ice_andnot_bitmap(ice_bitmap_t *dst, const ice_bitmap_t *bmp1, + const ice_bitmap_t *bmp2, u16 size) +{ + ice_bitmap_t mask; + u16 i; + + /* Handle all but last chunk */ + for (i = 0; i < BITS_TO_CHUNKS(size) - 1; i++) + dst[i] = bmp1[i] & ~bmp2[i]; + + /* We want to only clear bits within the size. Furthermore, we also do + * not want to modify destination bits which are beyond the specified + * size. Use a bitmask to ensure that we only modify the bits that are + * within the specified size. + */ + mask = LAST_CHUNK_MASK(size); + dst[i] = (dst[i] & ~mask) | ((bmp1[i] & ~bmp2[i]) & mask); +} + +/** * ice_find_next_bit - Find the index of the next set bit of a bitmap * @bitmap: the bitmap to scan * @size: the size in bits of the bitmap @@ -343,6 +374,11 @@ static inline u16 ice_find_first_bit(const ice_bitmap_ return ice_find_next_bit(bitmap, size, 0); } +#define ice_for_each_set_bit(_bitpos, _addr, _maxlen) \ + for ((_bitpos) = ice_find_first_bit((_addr), (_maxlen)); \ + (_bitpos) < (_maxlen); \ + (_bitpos) = ice_find_next_bit((_addr), (_maxlen), (_bitpos) + 1)) + /** * ice_is_any_bit_set - Return true of any bit in the bitmap is set * @bitmap: the bitmap to check @@ -373,6 +409,48 @@ static inline void ice_cp_bitmap(ice_bitmap_t *dst, ic } /** + * ice_bitmap_set - set a number of bits in bitmap from a starting position + * @dst: bitmap destination + * @pos: first bit position to set + * @num_bits: number of bits to set + * + * This function sets bits in a bitmap from pos to (pos + num_bits) - 1. + * Note that this function assumes it is operating on a bitmap declared using + * ice_declare_bitmap. + */ +static inline void +ice_bitmap_set(ice_bitmap_t *dst, u16 pos, u16 num_bits) +{ + u16 i; + + for (i = pos; i < num_bits; i++) + ice_set_bit(i, dst); +} + +/** + * ice_bitmap_hweight - hamming weight of bitmap + * @bm: bitmap pointer + * @size: size of bitmap (in bits) + * + * This function determines the number of set bits in a bitmap. + * Note that this function assumes it is operating on a bitmap declared using + * ice_declare_bitmap. + */ +static inline int +ice_bitmap_hweight(ice_bitmap_t *bm, u16 size) +{ + int count = 0; + u16 bit = 0; + + while (size > (bit = ice_find_next_bit(bm, size, bit))) { + count++; + bit++; + } + + return count; +} + +/** * ice_cmp_bitmaps - compares two bitmaps. * @bmp1: the bitmap to compare * @bmp2: the bitmap to compare with bmp1 @@ -386,12 +464,12 @@ ice_cmp_bitmap(ice_bitmap_t *bmp1, ice_bitmap_t *bmp2, ice_bitmap_t mask; u16 i; - /* Handle all but last chunk*/ + /* Handle all but last chunk */ for (i = 0; i < BITS_TO_CHUNKS(size) - 1; i++) if (bmp1[i] != bmp2[i]) return false; - /* We want to only compare bits within the size.*/ + /* We want to only compare bits within the size */ mask = LAST_CHUNK_MASK(size); if ((bmp1[i] & mask) != (bmp2[i] & mask)) return false; Modified: releng/12.2/sys/dev/ice/ice_common.c ============================================================================== --- stable/12/sys/dev/ice/ice_common.c Thu Sep 10 20:46:16 2020 (r365612) +++ releng/12.2/sys/dev/ice/ice_common.c Mon Sep 14 22:42:17 2020 (r365733) @@ -115,7 +115,8 @@ enum ice_status ice_clear_pf_cfg(struct ice_hw *hw) * is returned in user specified buffer. Please interpret user specified * buffer as "manage_mac_read" response. * Response such as various MAC addresses are stored in HW struct (port.mac) - * ice_aq_discover_caps is expected to be called before this function is called. + * ice_discover_dev_caps is expected to be called before this function is + * called. */ enum ice_status ice_aq_manage_mac_read(struct ice_hw *hw, void *buf, u16 buf_size, @@ -180,11 +181,13 @@ ice_aq_get_phy_caps(struct ice_port_info *pi, bool qua u16 pcaps_size = sizeof(*pcaps); struct ice_aq_desc desc; enum ice_status status; + struct ice_hw *hw; cmd = &desc.params.get_phy; if (!pcaps || (report_mode & ~ICE_AQC_REPORT_MODE_M) || !pi) return ICE_ERR_PARAM; + hw = pi->hw; ice_fill_dflt_direct_cmd_desc(&desc, ice_aqc_opc_get_phy_caps); @@ -192,11 +195,39 @@ ice_aq_get_phy_caps(struct ice_port_info *pi, bool qua cmd->param0 |= CPU_TO_LE16(ICE_AQC_GET_PHY_RQM); cmd->param0 |= CPU_TO_LE16(report_mode); - status = ice_aq_send_cmd(pi->hw, &desc, pcaps, pcaps_size, cd); + status = ice_aq_send_cmd(hw, &desc, pcaps, pcaps_size, cd); + ice_debug(hw, ICE_DBG_LINK, "get phy caps - report_mode = 0x%x\n", + report_mode); + ice_debug(hw, ICE_DBG_LINK, " phy_type_low = 0x%llx\n", + (unsigned long long)LE64_TO_CPU(pcaps->phy_type_low)); + ice_debug(hw, ICE_DBG_LINK, " phy_type_high = 0x%llx\n", + (unsigned long long)LE64_TO_CPU(pcaps->phy_type_high)); + ice_debug(hw, ICE_DBG_LINK, " caps = 0x%x\n", pcaps->caps); + ice_debug(hw, ICE_DBG_LINK, " low_power_ctrl_an = 0x%x\n", + pcaps->low_power_ctrl_an); + ice_debug(hw, ICE_DBG_LINK, " eee_cap = 0x%x\n", pcaps->eee_cap); + ice_debug(hw, ICE_DBG_LINK, " eeer_value = 0x%x\n", + pcaps->eeer_value); + ice_debug(hw, ICE_DBG_LINK, " link_fec_options = 0x%x\n", + pcaps->link_fec_options); + ice_debug(hw, ICE_DBG_LINK, " module_compliance_enforcement = 0x%x\n", + pcaps->module_compliance_enforcement); + ice_debug(hw, ICE_DBG_LINK, " extended_compliance_code = 0x%x\n", + pcaps->extended_compliance_code); + ice_debug(hw, ICE_DBG_LINK, " module_type[0] = 0x%x\n", + pcaps->module_type[0]); + ice_debug(hw, ICE_DBG_LINK, " module_type[1] = 0x%x\n", + pcaps->module_type[1]); + ice_debug(hw, ICE_DBG_LINK, " module_type[2] = 0x%x\n", + pcaps->module_type[2]); + if (status == ICE_SUCCESS && report_mode == ICE_AQC_REPORT_TOPO_CAP) { pi->phy.phy_type_low = LE64_TO_CPU(pcaps->phy_type_low); pi->phy.phy_type_high = LE64_TO_CPU(pcaps->phy_type_high); + ice_memcpy(pi->phy.link_info.module_type, &pcaps->module_type, + sizeof(pi->phy.link_info.module_type), + ICE_NONDMA_TO_NONDMA); } return status; @@ -269,6 +300,18 @@ static enum ice_media_type ice_get_media_type(struct i return ICE_MEDIA_UNKNOWN; if (hw_link_info->phy_type_low) { + /* 1G SGMII is a special case where some DA cable PHYs + * may show this as an option when it really shouldn't + * be since SGMII is meant to be between a MAC and a PHY + * in a backplane. Try to detect this case and handle it + */ + if (hw_link_info->phy_type_low == ICE_PHY_TYPE_LOW_1G_SGMII && + (hw_link_info->module_type[ICE_AQC_MOD_TYPE_IDENT] == + ICE_AQC_MOD_TYPE_BYTE1_SFP_PLUS_CU_ACTIVE || + hw_link_info->module_type[ICE_AQC_MOD_TYPE_IDENT] == + ICE_AQC_MOD_TYPE_BYTE1_SFP_PLUS_CU_PASSIVE)) + return ICE_MEDIA_DA; + switch (hw_link_info->phy_type_low) { case ICE_PHY_TYPE_LOW_1000BASE_SX: case ICE_PHY_TYPE_LOW_1000BASE_LX: @@ -289,6 +332,15 @@ static enum ice_media_type ice_get_media_type(struct i case ICE_PHY_TYPE_LOW_100GBASE_SR2: case ICE_PHY_TYPE_LOW_100GBASE_DR: return ICE_MEDIA_FIBER; + case ICE_PHY_TYPE_LOW_10G_SFI_AOC_ACC: + case ICE_PHY_TYPE_LOW_25G_AUI_AOC_ACC: + case ICE_PHY_TYPE_LOW_40G_XLAUI_AOC_ACC: + case ICE_PHY_TYPE_LOW_50G_LAUI2_AOC_ACC: + case ICE_PHY_TYPE_LOW_50G_AUI2_AOC_ACC: + case ICE_PHY_TYPE_LOW_50G_AUI1_AOC_ACC: + case ICE_PHY_TYPE_LOW_100G_CAUI4_AOC_ACC: + case ICE_PHY_TYPE_LOW_100G_AUI4_AOC_ACC: + return ICE_MEDIA_FIBER; case ICE_PHY_TYPE_LOW_100BASE_TX: case ICE_PHY_TYPE_LOW_1000BASE_T: case ICE_PHY_TYPE_LOW_2500BASE_T: @@ -315,7 +367,7 @@ static enum ice_media_type ice_get_media_type(struct i case ICE_PHY_TYPE_LOW_100G_AUI4: case ICE_PHY_TYPE_LOW_100G_CAUI4: if (ice_is_media_cage_present(pi)) - return ICE_MEDIA_DA; + return ICE_MEDIA_AUI; /* fall-through */ case ICE_PHY_TYPE_LOW_1000BASE_KX: case ICE_PHY_TYPE_LOW_2500BASE_KX: @@ -335,11 +387,15 @@ static enum ice_media_type ice_get_media_type(struct i } else { switch (hw_link_info->phy_type_high) { case ICE_PHY_TYPE_HIGH_100G_AUI2: + case ICE_PHY_TYPE_HIGH_100G_CAUI2: if (ice_is_media_cage_present(pi)) - return ICE_MEDIA_DA; + return ICE_MEDIA_AUI; /* fall-through */ case ICE_PHY_TYPE_HIGH_100GBASE_KR2_PAM4: return ICE_MEDIA_BACKPLANE; + case ICE_PHY_TYPE_HIGH_100G_CAUI2_AOC_ACC: + case ICE_PHY_TYPE_HIGH_100G_AUI2_AOC_ACC: + return ICE_MEDIA_FIBER; } } return ICE_MEDIA_UNKNOWN; @@ -420,18 +476,21 @@ ice_aq_get_link_info(struct ice_port_info *pi, bool en li->lse_ena = !!(resp->cmd_flags & CPU_TO_LE16(ICE_AQ_LSE_IS_ENABLED)); - ice_debug(hw, ICE_DBG_LINK, "link_speed = 0x%x\n", li->link_speed); - ice_debug(hw, ICE_DBG_LINK, "phy_type_low = 0x%llx\n", + ice_debug(hw, ICE_DBG_LINK, "get link info\n"); + ice_debug(hw, ICE_DBG_LINK, " link_speed = 0x%x\n", li->link_speed); + ice_debug(hw, ICE_DBG_LINK, " phy_type_low = 0x%llx\n", (unsigned long long)li->phy_type_low); - ice_debug(hw, ICE_DBG_LINK, "phy_type_high = 0x%llx\n", + ice_debug(hw, ICE_DBG_LINK, " phy_type_high = 0x%llx\n", (unsigned long long)li->phy_type_high); - ice_debug(hw, ICE_DBG_LINK, "media_type = 0x%x\n", *hw_media_type); - ice_debug(hw, ICE_DBG_LINK, "link_info = 0x%x\n", li->link_info); - ice_debug(hw, ICE_DBG_LINK, "an_info = 0x%x\n", li->an_info); - ice_debug(hw, ICE_DBG_LINK, "ext_info = 0x%x\n", li->ext_info); - ice_debug(hw, ICE_DBG_LINK, "lse_ena = 0x%x\n", li->lse_ena); - ice_debug(hw, ICE_DBG_LINK, "max_frame = 0x%x\n", li->max_frame_size); - ice_debug(hw, ICE_DBG_LINK, "pacing = 0x%x\n", li->pacing); + ice_debug(hw, ICE_DBG_LINK, " media_type = 0x%x\n", *hw_media_type); + ice_debug(hw, ICE_DBG_LINK, " link_info = 0x%x\n", li->link_info); *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-releng@freebsd.org Mon Sep 14 23:49:18 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 362F13E5985; Mon, 14 Sep 2020 23:49:18 +0000 (UTC) (envelope-from erj@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Br33y0cyVz4TpK; Mon, 14 Sep 2020 23:49:18 +0000 (UTC) (envelope-from erj@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EC4D11EBDB; Mon, 14 Sep 2020 23:49:17 +0000 (UTC) (envelope-from erj@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08ENnHDZ032930; Mon, 14 Sep 2020 23:49:17 GMT (envelope-from erj@FreeBSD.org) Received: (from erj@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08ENnHTc032928; Mon, 14 Sep 2020 23:49:17 GMT (envelope-from erj@FreeBSD.org) Message-Id: <202009142349.08ENnHTc032928@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: erj set sender to erj@FreeBSD.org using -f From: Eric Joyner Date: Mon, 14 Sep 2020 23:49:17 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365736 - releng/12.2/sys/dev/ixl X-SVN-Group: releng X-SVN-Commit-Author: erj X-SVN-Commit-Paths: releng/12.2/sys/dev/ixl X-SVN-Commit-Revision: 365736 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Sep 2020 23:49:18 -0000 Author: erj Date: Mon Sep 14 23:49:17 2020 New Revision: 365736 URL: https://svnweb.freebsd.org/changeset/base/365736 Log: MFS r365647: ixl powerpc64 fixes PR: 249254 Approved by: re (gjb@) Modified: releng/12.2/sys/dev/ixl/i40e_prototype.h releng/12.2/sys/dev/ixl/ixl_pf_main.c Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/sys/dev/ixl/i40e_prototype.h ============================================================================== --- releng/12.2/sys/dev/ixl/i40e_prototype.h Mon Sep 14 23:30:04 2020 (r365735) +++ releng/12.2/sys/dev/ixl/i40e_prototype.h Mon Sep 14 23:49:17 2020 (r365736) @@ -627,6 +627,4 @@ enum i40e_status_code i40e_read_phy_register(struct i4 enum i40e_status_code i40e_write_phy_register(struct i40e_hw *hw, u8 page, u16 reg, u8 phy_addr, u16 value); u8 i40e_get_phy_address(struct i40e_hw *hw, u8 dev_num); -enum i40e_status_code i40e_blink_phy_link_led(struct i40e_hw *hw, - u32 time, u32 interval); #endif /* _I40E_PROTOTYPE_H_ */ Modified: releng/12.2/sys/dev/ixl/ixl_pf_main.c ============================================================================== --- releng/12.2/sys/dev/ixl/ixl_pf_main.c Mon Sep 14 23:30:04 2020 (r365735) +++ releng/12.2/sys/dev/ixl/ixl_pf_main.c Mon Sep 14 23:49:17 2020 (r365736) @@ -729,20 +729,22 @@ ixl_switch_config(struct ixl_pf *pf) if (pf->dbg_mask & IXL_DBG_SWITCH_INFO) { device_printf(dev, "Switch config: header reported: %d in structure, %d total\n", - sw_config->header.num_reported, sw_config->header.num_total); - for (int i = 0; i < sw_config->header.num_reported; i++) { + LE16_TO_CPU(sw_config->header.num_reported), + LE16_TO_CPU(sw_config->header.num_total)); + for (int i = 0; + i < LE16_TO_CPU(sw_config->header.num_reported); i++) { device_printf(dev, "-> %d: type=%d seid=%d uplink=%d downlink=%d\n", i, sw_config->element[i].element_type, - sw_config->element[i].seid, - sw_config->element[i].uplink_seid, - sw_config->element[i].downlink_seid); + LE16_TO_CPU(sw_config->element[i].seid), + LE16_TO_CPU(sw_config->element[i].uplink_seid), + LE16_TO_CPU(sw_config->element[i].downlink_seid)); } } /* Simplified due to a single VSI */ - vsi->uplink_seid = sw_config->element[0].uplink_seid; - vsi->downlink_seid = sw_config->element[0].downlink_seid; - vsi->seid = sw_config->element[0].seid; + vsi->uplink_seid = LE16_TO_CPU(sw_config->element[0].uplink_seid); + vsi->downlink_seid = LE16_TO_CPU(sw_config->element[0].downlink_seid); + vsi->seid = LE16_TO_CPU(sw_config->element[0].seid); return (ret); } @@ -1219,12 +1221,14 @@ ixl_add_hw_filters(struct ixl_vsi *vsi, int flags, int bcopy(f->macaddr, b->mac_addr, ETHER_ADDR_LEN); if (f->vlan == IXL_VLAN_ANY) { b->vlan_tag = 0; - b->flags = I40E_AQC_MACVLAN_ADD_IGNORE_VLAN; + b->flags = CPU_TO_LE16( + I40E_AQC_MACVLAN_ADD_IGNORE_VLAN); } else { - b->vlan_tag = f->vlan; + b->vlan_tag = CPU_TO_LE16(f->vlan); b->flags = 0; } - b->flags |= I40E_AQC_MACVLAN_ADD_PERFECT_MATCH; + b->flags |= CPU_TO_LE16( + I40E_AQC_MACVLAN_ADD_PERFECT_MATCH); f->flags &= ~IXL_FILTER_ADD; j++; From owner-svn-src-releng@freebsd.org Tue Sep 15 12:34:02 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7429E3D13FB; Tue, 15 Sep 2020 12:34:02 +0000 (UTC) (envelope-from lwhsu@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BrN2L2D7Xz42Wj; Tue, 15 Sep 2020 12:34:02 +0000 (UTC) (envelope-from lwhsu@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2F0258701; Tue, 15 Sep 2020 12:34:02 +0000 (UTC) (envelope-from lwhsu@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08FCY2Rb007362; Tue, 15 Sep 2020 12:34:02 GMT (envelope-from lwhsu@FreeBSD.org) Received: (from lwhsu@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08FCY29r007361; Tue, 15 Sep 2020 12:34:02 GMT (envelope-from lwhsu@FreeBSD.org) Message-Id: <202009151234.08FCY29r007361@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: lwhsu set sender to lwhsu@FreeBSD.org using -f From: Li-Wen Hsu Date: Tue, 15 Sep 2020 12:34:02 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365748 - releng/12.2/sys/dev/usb/net X-SVN-Group: releng X-SVN-Commit-Author: lwhsu X-SVN-Commit-Paths: releng/12.2/sys/dev/usb/net X-SVN-Commit-Revision: 365748 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Sep 2020 12:34:02 -0000 Author: lwhsu Date: Tue Sep 15 12:34:01 2020 New Revision: 365748 URL: https://svnweb.freebsd.org/changeset/base/365748 Log: MFC r365606 and MF12 r365744: urndis(4): Add support of Inseego/Novatel Wireless MiFi 8800/8000 PR: 245152 Submitted by: rootless@gmail.com Reviewed by: hselasky Approved by: re (gjb) Modified: releng/12.2/sys/dev/usb/net/if_urndis.c Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/sys/dev/usb/net/if_urndis.c ============================================================================== --- releng/12.2/sys/dev/usb/net/if_urndis.c Tue Sep 15 09:27:01 2020 (r365747) +++ releng/12.2/sys/dev/usb/net/if_urndis.c Tue Sep 15 12:34:01 2020 (r365748) @@ -178,6 +178,9 @@ static const STRUCT_USB_HOST_ID urndis_host_devs[] = { /* Nokia 7 plus */ {USB_IFACE_CLASS(UICLASS_IAD), USB_IFACE_SUBCLASS(0x4), USB_IFACE_PROTOCOL(UIPROTO_ACTIVESYNC)}, + /* Novatel Wireless 8800/8000/etc */ + {USB_IFACE_CLASS(UICLASS_IAD), USB_IFACE_SUBCLASS(0xef), + USB_IFACE_PROTOCOL(UIPROTO_RNDIS)}, }; DRIVER_MODULE(urndis, uhub, urndis_driver, urndis_devclass, NULL, NULL); From owner-svn-src-releng@freebsd.org Tue Sep 15 21:42:07 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 21CBE3E0E74; Tue, 15 Sep 2020 21:42:07 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BrcBk6Pzvz3SX0; Tue, 15 Sep 2020 21:42:06 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BF16BECBA; Tue, 15 Sep 2020 21:42:06 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08FLg6P6046150; Tue, 15 Sep 2020 21:42:06 GMT (envelope-from gordon@FreeBSD.org) Received: (from gordon@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08FLg5Gn046146; Tue, 15 Sep 2020 21:42:05 GMT (envelope-from gordon@FreeBSD.org) Message-Id: <202009152142.08FLg5Gn046146@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gordon set sender to gordon@FreeBSD.org using -f From: Gordon Tetlow Date: Tue, 15 Sep 2020 21:42:05 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365778 - in releng: 11.3/sys/dev/usb/net 11.4/sys/dev/usb/net 12.1/sys/dev/usb/net 12.2/sys/dev/usb/net X-SVN-Group: releng X-SVN-Commit-Author: gordon X-SVN-Commit-Paths: in releng: 11.3/sys/dev/usb/net 11.4/sys/dev/usb/net 12.1/sys/dev/usb/net 12.2/sys/dev/usb/net X-SVN-Commit-Revision: 365778 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Sep 2020 21:42:07 -0000 Author: gordon Date: Tue Sep 15 21:42:05 2020 New Revision: 365778 URL: https://svnweb.freebsd.org/changeset/base/365778 Log: Fix ure device driver susceptible to packet-in-packet attack. Approved by: so Approved by: re (implicit for releng/12.2) Security: FreeBSD-SA-20:27.ure Security: CVE-2020-7464 Modified: releng/11.3/sys/dev/usb/net/if_ure.c releng/11.4/sys/dev/usb/net/if_ure.c releng/12.1/sys/dev/usb/net/if_ure.c releng/12.2/sys/dev/usb/net/if_ure.c Modified: releng/11.3/sys/dev/usb/net/if_ure.c ============================================================================== --- releng/11.3/sys/dev/usb/net/if_ure.c Tue Sep 15 21:28:47 2020 (r365777) +++ releng/11.3/sys/dev/usb/net/if_ure.c Tue Sep 15 21:42:05 2020 (r365778) @@ -710,7 +710,9 @@ ure_init(struct usb_ether *ue) ~URE_RXDY_GATED_EN); /* Set Rx mode. */ - rxmode = URE_RCR_APM; + rxmode = ure_read_4(sc, URE_PLA_RCR, URE_MCU_TYPE_PLA); + rxmode &= ~URE_RCR_ACPT_ALL; + rxmode |= URE_RCR_APM; /* If we want promiscuous mode, set the allframes bit. */ if (ifp->if_flags & IFF_PROMISC) Modified: releng/11.4/sys/dev/usb/net/if_ure.c ============================================================================== --- releng/11.4/sys/dev/usb/net/if_ure.c Tue Sep 15 21:28:47 2020 (r365777) +++ releng/11.4/sys/dev/usb/net/if_ure.c Tue Sep 15 21:42:05 2020 (r365778) @@ -710,7 +710,9 @@ ure_init(struct usb_ether *ue) ~URE_RXDY_GATED_EN); /* Set Rx mode. */ - rxmode = URE_RCR_APM; + rxmode = ure_read_4(sc, URE_PLA_RCR, URE_MCU_TYPE_PLA); + rxmode &= ~URE_RCR_ACPT_ALL; + rxmode |= URE_RCR_APM; /* If we want promiscuous mode, set the allframes bit. */ if (ifp->if_flags & IFF_PROMISC) Modified: releng/12.1/sys/dev/usb/net/if_ure.c ============================================================================== --- releng/12.1/sys/dev/usb/net/if_ure.c Tue Sep 15 21:28:47 2020 (r365777) +++ releng/12.1/sys/dev/usb/net/if_ure.c Tue Sep 15 21:42:05 2020 (r365778) @@ -784,9 +784,10 @@ ure_rxfilter(struct usb_ether *ue) URE_LOCK_ASSERT(sc, MA_OWNED); - rxmode = URE_RCR_APM; - if (ifp->if_flags & IFF_BROADCAST) - rxmode |= URE_RCR_AB; + rxmode = ure_read_4(sc, URE_PLA_RCR, URE_MCU_TYPE_PLA); + rxmode &= ~(URE_RCR_AAP | URE_RCR_AM); + rxmode |= URE_RCR_APM; /* accept physical match packets */ + rxmode |= URE_RCR_AB; /* always accept broadcasts */ if (ifp->if_flags & (IFF_ALLMULTI | IFF_PROMISC)) { if (ifp->if_flags & IFF_PROMISC) rxmode |= URE_RCR_AAP; Modified: releng/12.2/sys/dev/usb/net/if_ure.c ============================================================================== --- releng/12.2/sys/dev/usb/net/if_ure.c Tue Sep 15 21:28:47 2020 (r365777) +++ releng/12.2/sys/dev/usb/net/if_ure.c Tue Sep 15 21:42:05 2020 (r365778) @@ -784,9 +784,10 @@ ure_rxfilter(struct usb_ether *ue) URE_LOCK_ASSERT(sc, MA_OWNED); - rxmode = URE_RCR_APM; - if (ifp->if_flags & IFF_BROADCAST) - rxmode |= URE_RCR_AB; + rxmode = ure_read_4(sc, URE_PLA_RCR, URE_MCU_TYPE_PLA); + rxmode &= ~(URE_RCR_AAP | URE_RCR_AM); + rxmode |= URE_RCR_APM; /* accept physical match packets */ + rxmode |= URE_RCR_AB; /* always accept broadcasts */ if (ifp->if_flags & (IFF_ALLMULTI | IFF_PROMISC)) { if (ifp->if_flags & IFF_PROMISC) rxmode |= URE_RCR_AAP; From owner-svn-src-releng@freebsd.org Tue Sep 15 21:43:43 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 266DE3E1158; Tue, 15 Sep 2020 21:43:43 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BrcDb0Z8Rz3SZk; Tue, 15 Sep 2020 21:43:43 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EBED1EABE; Tue, 15 Sep 2020 21:43:42 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08FLhgVR046283; Tue, 15 Sep 2020 21:43:42 GMT (envelope-from gordon@FreeBSD.org) Received: (from gordon@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08FLhfOm046275; Tue, 15 Sep 2020 21:43:41 GMT (envelope-from gordon@FreeBSD.org) Message-Id: <202009152143.08FLhfOm046275@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gordon set sender to gordon@FreeBSD.org using -f From: Gordon Tetlow Date: Tue, 15 Sep 2020 21:43:41 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365779 - in releng: 11.3/sys/amd64/vmm/amd 11.3/sys/amd64/vmm/intel 11.4/sys/amd64/vmm/amd 11.4/sys/amd64/vmm/intel 12.1/sys/amd64/vmm/amd 12.1/sys/amd64/vmm/intel 12.2/sys/amd64/vmm/a... X-SVN-Group: releng X-SVN-Commit-Author: gordon X-SVN-Commit-Paths: in releng: 11.3/sys/amd64/vmm/amd 11.3/sys/amd64/vmm/intel 11.4/sys/amd64/vmm/amd 11.4/sys/amd64/vmm/intel 12.1/sys/amd64/vmm/amd 12.1/sys/amd64/vmm/intel 12.2/sys/amd64/vmm/amd 12.2/sys/amd64/vmm/int... X-SVN-Commit-Revision: 365779 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Sep 2020 21:43:43 -0000 Author: gordon Date: Tue Sep 15 21:43:41 2020 New Revision: 365779 URL: https://svnweb.freebsd.org/changeset/base/365779 Log: Fix bhyve privilege escalation via VMCS access. Approved by: so Approved by: re (implicit for releng/12.2) Security: FreeBSD-SA-20:28.bhyve_vmcs Security: CVE-2020-24718 Modified: releng/11.3/sys/amd64/vmm/amd/svm.c releng/11.3/sys/amd64/vmm/intel/vmx.c releng/11.4/sys/amd64/vmm/amd/svm.c releng/11.4/sys/amd64/vmm/intel/vmx.c releng/12.1/sys/amd64/vmm/amd/svm.c releng/12.1/sys/amd64/vmm/intel/vmx.c releng/12.2/sys/amd64/vmm/amd/svm.c releng/12.2/sys/amd64/vmm/intel/vmx.c Modified: releng/11.3/sys/amd64/vmm/amd/svm.c ============================================================================== --- releng/11.3/sys/amd64/vmm/amd/svm.c Tue Sep 15 21:42:05 2020 (r365778) +++ releng/11.3/sys/amd64/vmm/amd/svm.c Tue Sep 15 21:43:41 2020 (r365779) @@ -469,11 +469,24 @@ vmcb_init(struct svm_softc *sc, int vcpu, uint64_t iop svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_SHUTDOWN); svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_FERR_FREEZE); + svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_INVD); + svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_INVLPGA); svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_MONITOR); svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_MWAIT); /* + * Intercept SVM instructions since AMD enables them in guests otherwise. + * Non-intercepted VMMCALL causes #UD, skip it. + */ + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_VMLOAD); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_VMSAVE); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_STGI); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_CLGI); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_SKINIT); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_ICEBP); + + /* * From section "Canonicalization and Consistency Checks" in APMv2 * the VMRUN intercept bit must be set to pass the consistency check. */ @@ -1217,43 +1230,45 @@ emulate_rdmsr(struct svm_softc *sc, int vcpu, u_int nu static const char * exit_reason_to_str(uint64_t reason) { + int i; static char reasonbuf[32]; + static const struct { + int reason; + const char *str; + } reasons[] = { + { .reason = VMCB_EXIT_INVALID, .str = "invalvmcb" }, + { .reason = VMCB_EXIT_SHUTDOWN, .str = "shutdown" }, + { .reason = VMCB_EXIT_NPF, .str = "nptfault" }, + { .reason = VMCB_EXIT_PAUSE, .str = "pause" }, + { .reason = VMCB_EXIT_HLT, .str = "hlt" }, + { .reason = VMCB_EXIT_CPUID, .str = "cpuid" }, + { .reason = VMCB_EXIT_IO, .str = "inout" }, + { .reason = VMCB_EXIT_MC, .str = "mchk" }, + { .reason = VMCB_EXIT_INTR, .str = "extintr" }, + { .reason = VMCB_EXIT_NMI, .str = "nmi" }, + { .reason = VMCB_EXIT_VINTR, .str = "vintr" }, + { .reason = VMCB_EXIT_MSR, .str = "msr" }, + { .reason = VMCB_EXIT_IRET, .str = "iret" }, + { .reason = VMCB_EXIT_MONITOR, .str = "monitor" }, + { .reason = VMCB_EXIT_MWAIT, .str = "mwait" }, + { .reason = VMCB_EXIT_VMRUN, .str = "vmrun" }, + { .reason = VMCB_EXIT_VMMCALL, .str = "vmmcall" }, + { .reason = VMCB_EXIT_VMLOAD, .str = "vmload" }, + { .reason = VMCB_EXIT_VMSAVE, .str = "vmsave" }, + { .reason = VMCB_EXIT_STGI, .str = "stgi" }, + { .reason = VMCB_EXIT_CLGI, .str = "clgi" }, + { .reason = VMCB_EXIT_SKINIT, .str = "skinit" }, + { .reason = VMCB_EXIT_ICEBP, .str = "icebp" }, + { .reason = VMCB_EXIT_INVD, .str = "invd" }, + { .reason = VMCB_EXIT_INVLPGA, .str = "invlpga" }, + }; - switch (reason) { - case VMCB_EXIT_INVALID: - return ("invalvmcb"); - case VMCB_EXIT_SHUTDOWN: - return ("shutdown"); - case VMCB_EXIT_NPF: - return ("nptfault"); - case VMCB_EXIT_PAUSE: - return ("pause"); - case VMCB_EXIT_HLT: - return ("hlt"); - case VMCB_EXIT_CPUID: - return ("cpuid"); - case VMCB_EXIT_IO: - return ("inout"); - case VMCB_EXIT_MC: - return ("mchk"); - case VMCB_EXIT_INTR: - return ("extintr"); - case VMCB_EXIT_NMI: - return ("nmi"); - case VMCB_EXIT_VINTR: - return ("vintr"); - case VMCB_EXIT_MSR: - return ("msr"); - case VMCB_EXIT_IRET: - return ("iret"); - case VMCB_EXIT_MONITOR: - return ("monitor"); - case VMCB_EXIT_MWAIT: - return ("mwait"); - default: - snprintf(reasonbuf, sizeof(reasonbuf), "%#lx", reason); - return (reasonbuf); + for (i = 0; i < nitems(reasons); i++) { + if (reasons[i].reason == reason) + return (reasons[i].str); } + snprintf(reasonbuf, sizeof(reasonbuf), "%#lx", reason); + return (reasonbuf); } #endif /* KTR */ @@ -1505,6 +1520,20 @@ svm_vmexit(struct svm_softc *svm_sc, int vcpu, struct case VMCB_EXIT_MWAIT: vmexit->exitcode = VM_EXITCODE_MWAIT; break; + case VMCB_EXIT_SHUTDOWN: + case VMCB_EXIT_VMRUN: + case VMCB_EXIT_VMMCALL: + case VMCB_EXIT_VMLOAD: + case VMCB_EXIT_VMSAVE: + case VMCB_EXIT_STGI: + case VMCB_EXIT_CLGI: + case VMCB_EXIT_SKINIT: + case VMCB_EXIT_ICEBP: + case VMCB_EXIT_INVD: + case VMCB_EXIT_INVLPGA: + vm_inject_ud(svm_sc->vm, vcpu); + handled = 1; + break; default: vmm_stat_incr(svm_sc->vm, vcpu, VMEXIT_UNKNOWN, 1); break; @@ -2173,8 +2202,11 @@ svm_setreg(void *arg, int vcpu, int ident, uint64_t va return (svm_modify_intr_shadow(svm_sc, vcpu, val)); } - if (vmcb_write(svm_sc, vcpu, ident, val) == 0) { - return (0); + /* Do not permit user write access to VMCB fields by offset. */ + if (!VMCB_ACCESS_OK(ident)) { + if (vmcb_write(svm_sc, vcpu, ident, val) == 0) { + return (0); + } } reg = swctx_regptr(svm_get_guest_regctx(svm_sc, vcpu), ident); Modified: releng/11.3/sys/amd64/vmm/intel/vmx.c ============================================================================== --- releng/11.3/sys/amd64/vmm/intel/vmx.c Tue Sep 15 21:42:05 2020 (r365778) +++ releng/11.3/sys/amd64/vmm/intel/vmx.c Tue Sep 15 21:43:41 2020 (r365779) @@ -3185,6 +3185,10 @@ vmx_setreg(void *arg, int vcpu, int reg, uint64_t val) if (vmxctx_setreg(&vmx->ctx[vcpu], reg, val) == 0) return (0); + /* Do not permit user write access to VMCS fields by offset. */ + if (reg < 0) + return (EINVAL); + error = vmcs_setreg(&vmx->vmcs[vcpu], running, reg, val); if (error == 0) { Modified: releng/11.4/sys/amd64/vmm/amd/svm.c ============================================================================== --- releng/11.4/sys/amd64/vmm/amd/svm.c Tue Sep 15 21:42:05 2020 (r365778) +++ releng/11.4/sys/amd64/vmm/amd/svm.c Tue Sep 15 21:43:41 2020 (r365779) @@ -469,11 +469,24 @@ vmcb_init(struct svm_softc *sc, int vcpu, uint64_t iop svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_SHUTDOWN); svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_FERR_FREEZE); + svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_INVD); + svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_INVLPGA); svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_MONITOR); svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_MWAIT); /* + * Intercept SVM instructions since AMD enables them in guests otherwise. + * Non-intercepted VMMCALL causes #UD, skip it. + */ + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_VMLOAD); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_VMSAVE); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_STGI); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_CLGI); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_SKINIT); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_ICEBP); + + /* * From section "Canonicalization and Consistency Checks" in APMv2 * the VMRUN intercept bit must be set to pass the consistency check. */ @@ -1217,43 +1230,45 @@ emulate_rdmsr(struct svm_softc *sc, int vcpu, u_int nu static const char * exit_reason_to_str(uint64_t reason) { + int i; static char reasonbuf[32]; + static const struct { + int reason; + const char *str; + } reasons[] = { + { .reason = VMCB_EXIT_INVALID, .str = "invalvmcb" }, + { .reason = VMCB_EXIT_SHUTDOWN, .str = "shutdown" }, + { .reason = VMCB_EXIT_NPF, .str = "nptfault" }, + { .reason = VMCB_EXIT_PAUSE, .str = "pause" }, + { .reason = VMCB_EXIT_HLT, .str = "hlt" }, + { .reason = VMCB_EXIT_CPUID, .str = "cpuid" }, + { .reason = VMCB_EXIT_IO, .str = "inout" }, + { .reason = VMCB_EXIT_MC, .str = "mchk" }, + { .reason = VMCB_EXIT_INTR, .str = "extintr" }, + { .reason = VMCB_EXIT_NMI, .str = "nmi" }, + { .reason = VMCB_EXIT_VINTR, .str = "vintr" }, + { .reason = VMCB_EXIT_MSR, .str = "msr" }, + { .reason = VMCB_EXIT_IRET, .str = "iret" }, + { .reason = VMCB_EXIT_MONITOR, .str = "monitor" }, + { .reason = VMCB_EXIT_MWAIT, .str = "mwait" }, + { .reason = VMCB_EXIT_VMRUN, .str = "vmrun" }, + { .reason = VMCB_EXIT_VMMCALL, .str = "vmmcall" }, + { .reason = VMCB_EXIT_VMLOAD, .str = "vmload" }, + { .reason = VMCB_EXIT_VMSAVE, .str = "vmsave" }, + { .reason = VMCB_EXIT_STGI, .str = "stgi" }, + { .reason = VMCB_EXIT_CLGI, .str = "clgi" }, + { .reason = VMCB_EXIT_SKINIT, .str = "skinit" }, + { .reason = VMCB_EXIT_ICEBP, .str = "icebp" }, + { .reason = VMCB_EXIT_INVD, .str = "invd" }, + { .reason = VMCB_EXIT_INVLPGA, .str = "invlpga" }, + }; - switch (reason) { - case VMCB_EXIT_INVALID: - return ("invalvmcb"); - case VMCB_EXIT_SHUTDOWN: - return ("shutdown"); - case VMCB_EXIT_NPF: - return ("nptfault"); - case VMCB_EXIT_PAUSE: - return ("pause"); - case VMCB_EXIT_HLT: - return ("hlt"); - case VMCB_EXIT_CPUID: - return ("cpuid"); - case VMCB_EXIT_IO: - return ("inout"); - case VMCB_EXIT_MC: - return ("mchk"); - case VMCB_EXIT_INTR: - return ("extintr"); - case VMCB_EXIT_NMI: - return ("nmi"); - case VMCB_EXIT_VINTR: - return ("vintr"); - case VMCB_EXIT_MSR: - return ("msr"); - case VMCB_EXIT_IRET: - return ("iret"); - case VMCB_EXIT_MONITOR: - return ("monitor"); - case VMCB_EXIT_MWAIT: - return ("mwait"); - default: - snprintf(reasonbuf, sizeof(reasonbuf), "%#lx", reason); - return (reasonbuf); + for (i = 0; i < nitems(reasons); i++) { + if (reasons[i].reason == reason) + return (reasons[i].str); } + snprintf(reasonbuf, sizeof(reasonbuf), "%#lx", reason); + return (reasonbuf); } #endif /* KTR */ @@ -1505,6 +1520,20 @@ svm_vmexit(struct svm_softc *svm_sc, int vcpu, struct case VMCB_EXIT_MWAIT: vmexit->exitcode = VM_EXITCODE_MWAIT; break; + case VMCB_EXIT_SHUTDOWN: + case VMCB_EXIT_VMRUN: + case VMCB_EXIT_VMMCALL: + case VMCB_EXIT_VMLOAD: + case VMCB_EXIT_VMSAVE: + case VMCB_EXIT_STGI: + case VMCB_EXIT_CLGI: + case VMCB_EXIT_SKINIT: + case VMCB_EXIT_ICEBP: + case VMCB_EXIT_INVD: + case VMCB_EXIT_INVLPGA: + vm_inject_ud(svm_sc->vm, vcpu); + handled = 1; + break; default: vmm_stat_incr(svm_sc->vm, vcpu, VMEXIT_UNKNOWN, 1); break; @@ -2173,8 +2202,11 @@ svm_setreg(void *arg, int vcpu, int ident, uint64_t va return (svm_modify_intr_shadow(svm_sc, vcpu, val)); } - if (vmcb_write(svm_sc, vcpu, ident, val) == 0) { - return (0); + /* Do not permit user write access to VMCB fields by offset. */ + if (!VMCB_ACCESS_OK(ident)) { + if (vmcb_write(svm_sc, vcpu, ident, val) == 0) { + return (0); + } } reg = swctx_regptr(svm_get_guest_regctx(svm_sc, vcpu), ident); Modified: releng/11.4/sys/amd64/vmm/intel/vmx.c ============================================================================== --- releng/11.4/sys/amd64/vmm/intel/vmx.c Tue Sep 15 21:42:05 2020 (r365778) +++ releng/11.4/sys/amd64/vmm/intel/vmx.c Tue Sep 15 21:43:41 2020 (r365779) @@ -3215,6 +3215,10 @@ vmx_setreg(void *arg, int vcpu, int reg, uint64_t val) if (vmxctx_setreg(&vmx->ctx[vcpu], reg, val) == 0) return (0); + /* Do not permit user write access to VMCS fields by offset. */ + if (reg < 0) + return (EINVAL); + error = vmcs_setreg(&vmx->vmcs[vcpu], running, reg, val); if (error == 0) { Modified: releng/12.1/sys/amd64/vmm/amd/svm.c ============================================================================== --- releng/12.1/sys/amd64/vmm/amd/svm.c Tue Sep 15 21:42:05 2020 (r365778) +++ releng/12.1/sys/amd64/vmm/amd/svm.c Tue Sep 15 21:43:41 2020 (r365779) @@ -469,11 +469,24 @@ vmcb_init(struct svm_softc *sc, int vcpu, uint64_t iop svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_SHUTDOWN); svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_FERR_FREEZE); + svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_INVD); + svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_INVLPGA); svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_MONITOR); svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_MWAIT); /* + * Intercept SVM instructions since AMD enables them in guests otherwise. + * Non-intercepted VMMCALL causes #UD, skip it. + */ + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_VMLOAD); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_VMSAVE); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_STGI); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_CLGI); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_SKINIT); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_ICEBP); + + /* * From section "Canonicalization and Consistency Checks" in APMv2 * the VMRUN intercept bit must be set to pass the consistency check. */ @@ -1217,43 +1230,45 @@ emulate_rdmsr(struct svm_softc *sc, int vcpu, u_int nu static const char * exit_reason_to_str(uint64_t reason) { + int i; static char reasonbuf[32]; + static const struct { + int reason; + const char *str; + } reasons[] = { + { .reason = VMCB_EXIT_INVALID, .str = "invalvmcb" }, + { .reason = VMCB_EXIT_SHUTDOWN, .str = "shutdown" }, + { .reason = VMCB_EXIT_NPF, .str = "nptfault" }, + { .reason = VMCB_EXIT_PAUSE, .str = "pause" }, + { .reason = VMCB_EXIT_HLT, .str = "hlt" }, + { .reason = VMCB_EXIT_CPUID, .str = "cpuid" }, + { .reason = VMCB_EXIT_IO, .str = "inout" }, + { .reason = VMCB_EXIT_MC, .str = "mchk" }, + { .reason = VMCB_EXIT_INTR, .str = "extintr" }, + { .reason = VMCB_EXIT_NMI, .str = "nmi" }, + { .reason = VMCB_EXIT_VINTR, .str = "vintr" }, + { .reason = VMCB_EXIT_MSR, .str = "msr" }, + { .reason = VMCB_EXIT_IRET, .str = "iret" }, + { .reason = VMCB_EXIT_MONITOR, .str = "monitor" }, + { .reason = VMCB_EXIT_MWAIT, .str = "mwait" }, + { .reason = VMCB_EXIT_VMRUN, .str = "vmrun" }, + { .reason = VMCB_EXIT_VMMCALL, .str = "vmmcall" }, + { .reason = VMCB_EXIT_VMLOAD, .str = "vmload" }, + { .reason = VMCB_EXIT_VMSAVE, .str = "vmsave" }, + { .reason = VMCB_EXIT_STGI, .str = "stgi" }, + { .reason = VMCB_EXIT_CLGI, .str = "clgi" }, + { .reason = VMCB_EXIT_SKINIT, .str = "skinit" }, + { .reason = VMCB_EXIT_ICEBP, .str = "icebp" }, + { .reason = VMCB_EXIT_INVD, .str = "invd" }, + { .reason = VMCB_EXIT_INVLPGA, .str = "invlpga" }, + }; - switch (reason) { - case VMCB_EXIT_INVALID: - return ("invalvmcb"); - case VMCB_EXIT_SHUTDOWN: - return ("shutdown"); - case VMCB_EXIT_NPF: - return ("nptfault"); - case VMCB_EXIT_PAUSE: - return ("pause"); - case VMCB_EXIT_HLT: - return ("hlt"); - case VMCB_EXIT_CPUID: - return ("cpuid"); - case VMCB_EXIT_IO: - return ("inout"); - case VMCB_EXIT_MC: - return ("mchk"); - case VMCB_EXIT_INTR: - return ("extintr"); - case VMCB_EXIT_NMI: - return ("nmi"); - case VMCB_EXIT_VINTR: - return ("vintr"); - case VMCB_EXIT_MSR: - return ("msr"); - case VMCB_EXIT_IRET: - return ("iret"); - case VMCB_EXIT_MONITOR: - return ("monitor"); - case VMCB_EXIT_MWAIT: - return ("mwait"); - default: - snprintf(reasonbuf, sizeof(reasonbuf), "%#lx", reason); - return (reasonbuf); + for (i = 0; i < nitems(reasons); i++) { + if (reasons[i].reason == reason) + return (reasons[i].str); } + snprintf(reasonbuf, sizeof(reasonbuf), "%#lx", reason); + return (reasonbuf); } #endif /* KTR */ @@ -1505,6 +1520,20 @@ svm_vmexit(struct svm_softc *svm_sc, int vcpu, struct case VMCB_EXIT_MWAIT: vmexit->exitcode = VM_EXITCODE_MWAIT; break; + case VMCB_EXIT_SHUTDOWN: + case VMCB_EXIT_VMRUN: + case VMCB_EXIT_VMMCALL: + case VMCB_EXIT_VMLOAD: + case VMCB_EXIT_VMSAVE: + case VMCB_EXIT_STGI: + case VMCB_EXIT_CLGI: + case VMCB_EXIT_SKINIT: + case VMCB_EXIT_ICEBP: + case VMCB_EXIT_INVD: + case VMCB_EXIT_INVLPGA: + vm_inject_ud(svm_sc->vm, vcpu); + handled = 1; + break; default: vmm_stat_incr(svm_sc->vm, vcpu, VMEXIT_UNKNOWN, 1); break; @@ -2179,8 +2208,11 @@ svm_setreg(void *arg, int vcpu, int ident, uint64_t va return (svm_modify_intr_shadow(svm_sc, vcpu, val)); } - if (vmcb_write(svm_sc, vcpu, ident, val) == 0) { - return (0); + /* Do not permit user write access to VMCB fields by offset. */ + if (!VMCB_ACCESS_OK(ident)) { + if (vmcb_write(svm_sc, vcpu, ident, val) == 0) { + return (0); + } } reg = swctx_regptr(svm_get_guest_regctx(svm_sc, vcpu), ident); Modified: releng/12.1/sys/amd64/vmm/intel/vmx.c ============================================================================== --- releng/12.1/sys/amd64/vmm/intel/vmx.c Tue Sep 15 21:42:05 2020 (r365778) +++ releng/12.1/sys/amd64/vmm/intel/vmx.c Tue Sep 15 21:43:41 2020 (r365779) @@ -3193,6 +3193,10 @@ vmx_setreg(void *arg, int vcpu, int reg, uint64_t val) if (vmxctx_setreg(&vmx->ctx[vcpu], reg, val) == 0) return (0); + /* Do not permit user write access to VMCS fields by offset. */ + if (reg < 0) + return (EINVAL); + error = vmcs_setreg(&vmx->vmcs[vcpu], running, reg, val); if (error == 0) { Modified: releng/12.2/sys/amd64/vmm/amd/svm.c ============================================================================== --- releng/12.2/sys/amd64/vmm/amd/svm.c Tue Sep 15 21:42:05 2020 (r365778) +++ releng/12.2/sys/amd64/vmm/amd/svm.c Tue Sep 15 21:43:41 2020 (r365779) @@ -466,11 +466,24 @@ vmcb_init(struct svm_softc *sc, int vcpu, uint64_t iop svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_SHUTDOWN); svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_FERR_FREEZE); + svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_INVD); + svm_enable_intercept(sc, vcpu, VMCB_CTRL1_INTCPT, VMCB_INTCPT_INVLPGA); svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_MONITOR); svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_MWAIT); /* + * Intercept SVM instructions since AMD enables them in guests otherwise. + * Non-intercepted VMMCALL causes #UD, skip it. + */ + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_VMLOAD); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_VMSAVE); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_STGI); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_CLGI); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_SKINIT); + svm_enable_intercept(sc, vcpu, VMCB_CTRL2_INTCPT, VMCB_INTCPT_ICEBP); + + /* * From section "Canonicalization and Consistency Checks" in APMv2 * the VMRUN intercept bit must be set to pass the consistency check. */ @@ -1214,43 +1227,45 @@ emulate_rdmsr(struct svm_softc *sc, int vcpu, u_int nu static const char * exit_reason_to_str(uint64_t reason) { + int i; static char reasonbuf[32]; + static const struct { + int reason; + const char *str; + } reasons[] = { + { .reason = VMCB_EXIT_INVALID, .str = "invalvmcb" }, + { .reason = VMCB_EXIT_SHUTDOWN, .str = "shutdown" }, + { .reason = VMCB_EXIT_NPF, .str = "nptfault" }, + { .reason = VMCB_EXIT_PAUSE, .str = "pause" }, + { .reason = VMCB_EXIT_HLT, .str = "hlt" }, + { .reason = VMCB_EXIT_CPUID, .str = "cpuid" }, + { .reason = VMCB_EXIT_IO, .str = "inout" }, + { .reason = VMCB_EXIT_MC, .str = "mchk" }, + { .reason = VMCB_EXIT_INTR, .str = "extintr" }, + { .reason = VMCB_EXIT_NMI, .str = "nmi" }, + { .reason = VMCB_EXIT_VINTR, .str = "vintr" }, + { .reason = VMCB_EXIT_MSR, .str = "msr" }, + { .reason = VMCB_EXIT_IRET, .str = "iret" }, + { .reason = VMCB_EXIT_MONITOR, .str = "monitor" }, + { .reason = VMCB_EXIT_MWAIT, .str = "mwait" }, + { .reason = VMCB_EXIT_VMRUN, .str = "vmrun" }, + { .reason = VMCB_EXIT_VMMCALL, .str = "vmmcall" }, + { .reason = VMCB_EXIT_VMLOAD, .str = "vmload" }, + { .reason = VMCB_EXIT_VMSAVE, .str = "vmsave" }, + { .reason = VMCB_EXIT_STGI, .str = "stgi" }, + { .reason = VMCB_EXIT_CLGI, .str = "clgi" }, + { .reason = VMCB_EXIT_SKINIT, .str = "skinit" }, + { .reason = VMCB_EXIT_ICEBP, .str = "icebp" }, + { .reason = VMCB_EXIT_INVD, .str = "invd" }, + { .reason = VMCB_EXIT_INVLPGA, .str = "invlpga" }, + }; - switch (reason) { - case VMCB_EXIT_INVALID: - return ("invalvmcb"); - case VMCB_EXIT_SHUTDOWN: - return ("shutdown"); - case VMCB_EXIT_NPF: - return ("nptfault"); - case VMCB_EXIT_PAUSE: - return ("pause"); - case VMCB_EXIT_HLT: - return ("hlt"); - case VMCB_EXIT_CPUID: - return ("cpuid"); - case VMCB_EXIT_IO: - return ("inout"); - case VMCB_EXIT_MC: - return ("mchk"); - case VMCB_EXIT_INTR: - return ("extintr"); - case VMCB_EXIT_NMI: - return ("nmi"); - case VMCB_EXIT_VINTR: - return ("vintr"); - case VMCB_EXIT_MSR: - return ("msr"); - case VMCB_EXIT_IRET: - return ("iret"); - case VMCB_EXIT_MONITOR: - return ("monitor"); - case VMCB_EXIT_MWAIT: - return ("mwait"); - default: - snprintf(reasonbuf, sizeof(reasonbuf), "%#lx", reason); - return (reasonbuf); + for (i = 0; i < nitems(reasons); i++) { + if (reasons[i].reason == reason) + return (reasons[i].str); } + snprintf(reasonbuf, sizeof(reasonbuf), "%#lx", reason); + return (reasonbuf); } #endif /* KTR */ @@ -1502,6 +1517,20 @@ svm_vmexit(struct svm_softc *svm_sc, int vcpu, struct case VMCB_EXIT_MWAIT: vmexit->exitcode = VM_EXITCODE_MWAIT; break; + case VMCB_EXIT_SHUTDOWN: + case VMCB_EXIT_VMRUN: + case VMCB_EXIT_VMMCALL: + case VMCB_EXIT_VMLOAD: + case VMCB_EXIT_VMSAVE: + case VMCB_EXIT_STGI: + case VMCB_EXIT_CLGI: + case VMCB_EXIT_SKINIT: + case VMCB_EXIT_ICEBP: + case VMCB_EXIT_INVD: + case VMCB_EXIT_INVLPGA: + vm_inject_ud(svm_sc->vm, vcpu); + handled = 1; + break; default: vmm_stat_incr(svm_sc->vm, vcpu, VMEXIT_UNKNOWN, 1); break; @@ -2176,8 +2205,11 @@ svm_setreg(void *arg, int vcpu, int ident, uint64_t va return (svm_modify_intr_shadow(svm_sc, vcpu, val)); } - if (vmcb_write(svm_sc, vcpu, ident, val) == 0) { - return (0); + /* Do not permit user write access to VMCB fields by offset. */ + if (!VMCB_ACCESS_OK(ident)) { + if (vmcb_write(svm_sc, vcpu, ident, val) == 0) { + return (0); + } } reg = swctx_regptr(svm_get_guest_regctx(svm_sc, vcpu), ident); Modified: releng/12.2/sys/amd64/vmm/intel/vmx.c ============================================================================== --- releng/12.2/sys/amd64/vmm/intel/vmx.c Tue Sep 15 21:42:05 2020 (r365778) +++ releng/12.2/sys/amd64/vmm/intel/vmx.c Tue Sep 15 21:43:41 2020 (r365779) @@ -3236,6 +3236,10 @@ vmx_setreg(void *arg, int vcpu, int reg, uint64_t val) if (vmxctx_setreg(&vmx->ctx[vcpu], reg, val) == 0) return (0); + /* Do not permit user write access to VMCS fields by offset. */ + if (reg < 0) + return (EINVAL); + error = vmcs_setreg(&vmx->vmcs[vcpu], running, reg, val); if (error == 0) { From owner-svn-src-releng@freebsd.org Tue Sep 15 21:46:40 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EC41A3E1719; Tue, 15 Sep 2020 21:46:40 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BrcJ063Khz3SyW; Tue, 15 Sep 2020 21:46:40 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B30D8EBD8; Tue, 15 Sep 2020 21:46:40 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08FLkelx046480; Tue, 15 Sep 2020 21:46:40 GMT (envelope-from gordon@FreeBSD.org) Received: (from gordon@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08FLkdb5046476; Tue, 15 Sep 2020 21:46:39 GMT (envelope-from gordon@FreeBSD.org) Message-Id: <202009152146.08FLkdb5046476@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gordon set sender to gordon@FreeBSD.org using -f From: Gordon Tetlow Date: Tue, 15 Sep 2020 21:46:39 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365780 - in releng: 11.3/sys/amd64/vmm/amd 11.4/sys/amd64/vmm/amd 12.1/sys/amd64/vmm/amd 12.2/sys/amd64/vmm/amd X-SVN-Group: releng X-SVN-Commit-Author: gordon X-SVN-Commit-Paths: in releng: 11.3/sys/amd64/vmm/amd 11.4/sys/amd64/vmm/amd 12.1/sys/amd64/vmm/amd 12.2/sys/amd64/vmm/amd X-SVN-Commit-Revision: 365780 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Sep 2020 21:46:41 -0000 Author: gordon Date: Tue Sep 15 21:46:39 2020 New Revision: 365780 URL: https://svnweb.freebsd.org/changeset/base/365780 Log: Fix bhyve SVM guest escape. This actually has a patch to sys/amd64/vmm/amd/svm.c that was accidentally committed as part of r365779. Approved by: so Approved by: re (implicit for releng/12.2) Security: FreeBSD-SA-20:29.bhyve_svm Security: CVE-2020-7467 Modified: releng/11.3/sys/amd64/vmm/amd/vmcb.h releng/11.4/sys/amd64/vmm/amd/vmcb.h releng/12.1/sys/amd64/vmm/amd/vmcb.h releng/12.2/sys/amd64/vmm/amd/vmcb.h Modified: releng/11.3/sys/amd64/vmm/amd/vmcb.h ============================================================================== --- releng/11.3/sys/amd64/vmm/amd/vmcb.h Tue Sep 15 21:43:41 2020 (r365779) +++ releng/11.3/sys/amd64/vmm/amd/vmcb.h Tue Sep 15 21:46:39 2020 (r365780) @@ -73,8 +73,8 @@ struct svm_softc; #define VMCB_INTCPT_INVD BIT(22) #define VMCB_INTCPT_PAUSE BIT(23) #define VMCB_INTCPT_HLT BIT(24) -#define VMCB_INTCPT_INVPG BIT(25) -#define VMCB_INTCPT_INVPGA BIT(26) +#define VMCB_INTCPT_INVLPG BIT(25) +#define VMCB_INTCPT_INVLPGA BIT(26) #define VMCB_INTCPT_IO BIT(27) #define VMCB_INTCPT_MSR BIT(28) #define VMCB_INTCPT_TASK_SWITCH BIT(29) @@ -136,12 +136,21 @@ struct svm_softc; #define VMCB_EXIT_POPF 0x71 #define VMCB_EXIT_CPUID 0x72 #define VMCB_EXIT_IRET 0x74 +#define VMCB_EXIT_INVD 0x76 #define VMCB_EXIT_PAUSE 0x77 #define VMCB_EXIT_HLT 0x78 +#define VMCB_EXIT_INVLPGA 0x7A #define VMCB_EXIT_IO 0x7B #define VMCB_EXIT_MSR 0x7C #define VMCB_EXIT_SHUTDOWN 0x7F +#define VMCB_EXIT_VMRUN 0x80 +#define VMCB_EXIT_VMMCALL 0x81 +#define VMCB_EXIT_VMLOAD 0x82 #define VMCB_EXIT_VMSAVE 0x83 +#define VMCB_EXIT_STGI 0x84 +#define VMCB_EXIT_CLGI 0x85 +#define VMCB_EXIT_SKINIT 0x86 +#define VMCB_EXIT_ICEBP 0x88 #define VMCB_EXIT_MONITOR 0x8A #define VMCB_EXIT_MWAIT 0x8B #define VMCB_EXIT_NPF 0x400 Modified: releng/11.4/sys/amd64/vmm/amd/vmcb.h ============================================================================== --- releng/11.4/sys/amd64/vmm/amd/vmcb.h Tue Sep 15 21:43:41 2020 (r365779) +++ releng/11.4/sys/amd64/vmm/amd/vmcb.h Tue Sep 15 21:46:39 2020 (r365780) @@ -73,8 +73,8 @@ struct svm_softc; #define VMCB_INTCPT_INVD BIT(22) #define VMCB_INTCPT_PAUSE BIT(23) #define VMCB_INTCPT_HLT BIT(24) -#define VMCB_INTCPT_INVPG BIT(25) -#define VMCB_INTCPT_INVPGA BIT(26) +#define VMCB_INTCPT_INVLPG BIT(25) +#define VMCB_INTCPT_INVLPGA BIT(26) #define VMCB_INTCPT_IO BIT(27) #define VMCB_INTCPT_MSR BIT(28) #define VMCB_INTCPT_TASK_SWITCH BIT(29) @@ -136,12 +136,21 @@ struct svm_softc; #define VMCB_EXIT_POPF 0x71 #define VMCB_EXIT_CPUID 0x72 #define VMCB_EXIT_IRET 0x74 +#define VMCB_EXIT_INVD 0x76 #define VMCB_EXIT_PAUSE 0x77 #define VMCB_EXIT_HLT 0x78 +#define VMCB_EXIT_INVLPGA 0x7A #define VMCB_EXIT_IO 0x7B #define VMCB_EXIT_MSR 0x7C #define VMCB_EXIT_SHUTDOWN 0x7F +#define VMCB_EXIT_VMRUN 0x80 +#define VMCB_EXIT_VMMCALL 0x81 +#define VMCB_EXIT_VMLOAD 0x82 #define VMCB_EXIT_VMSAVE 0x83 +#define VMCB_EXIT_STGI 0x84 +#define VMCB_EXIT_CLGI 0x85 +#define VMCB_EXIT_SKINIT 0x86 +#define VMCB_EXIT_ICEBP 0x88 #define VMCB_EXIT_MONITOR 0x8A #define VMCB_EXIT_MWAIT 0x8B #define VMCB_EXIT_NPF 0x400 Modified: releng/12.1/sys/amd64/vmm/amd/vmcb.h ============================================================================== --- releng/12.1/sys/amd64/vmm/amd/vmcb.h Tue Sep 15 21:43:41 2020 (r365779) +++ releng/12.1/sys/amd64/vmm/amd/vmcb.h Tue Sep 15 21:46:39 2020 (r365780) @@ -73,8 +73,8 @@ struct svm_softc; #define VMCB_INTCPT_INVD BIT(22) #define VMCB_INTCPT_PAUSE BIT(23) #define VMCB_INTCPT_HLT BIT(24) -#define VMCB_INTCPT_INVPG BIT(25) -#define VMCB_INTCPT_INVPGA BIT(26) +#define VMCB_INTCPT_INVLPG BIT(25) +#define VMCB_INTCPT_INVLPGA BIT(26) #define VMCB_INTCPT_IO BIT(27) #define VMCB_INTCPT_MSR BIT(28) #define VMCB_INTCPT_TASK_SWITCH BIT(29) @@ -136,12 +136,21 @@ struct svm_softc; #define VMCB_EXIT_POPF 0x71 #define VMCB_EXIT_CPUID 0x72 #define VMCB_EXIT_IRET 0x74 +#define VMCB_EXIT_INVD 0x76 #define VMCB_EXIT_PAUSE 0x77 #define VMCB_EXIT_HLT 0x78 +#define VMCB_EXIT_INVLPGA 0x7A #define VMCB_EXIT_IO 0x7B #define VMCB_EXIT_MSR 0x7C #define VMCB_EXIT_SHUTDOWN 0x7F +#define VMCB_EXIT_VMRUN 0x80 +#define VMCB_EXIT_VMMCALL 0x81 +#define VMCB_EXIT_VMLOAD 0x82 #define VMCB_EXIT_VMSAVE 0x83 +#define VMCB_EXIT_STGI 0x84 +#define VMCB_EXIT_CLGI 0x85 +#define VMCB_EXIT_SKINIT 0x86 +#define VMCB_EXIT_ICEBP 0x88 #define VMCB_EXIT_MONITOR 0x8A #define VMCB_EXIT_MWAIT 0x8B #define VMCB_EXIT_NPF 0x400 Modified: releng/12.2/sys/amd64/vmm/amd/vmcb.h ============================================================================== --- releng/12.2/sys/amd64/vmm/amd/vmcb.h Tue Sep 15 21:43:41 2020 (r365779) +++ releng/12.2/sys/amd64/vmm/amd/vmcb.h Tue Sep 15 21:46:39 2020 (r365780) @@ -73,8 +73,8 @@ struct svm_softc; #define VMCB_INTCPT_INVD BIT(22) #define VMCB_INTCPT_PAUSE BIT(23) #define VMCB_INTCPT_HLT BIT(24) -#define VMCB_INTCPT_INVPG BIT(25) -#define VMCB_INTCPT_INVPGA BIT(26) +#define VMCB_INTCPT_INVLPG BIT(25) +#define VMCB_INTCPT_INVLPGA BIT(26) #define VMCB_INTCPT_IO BIT(27) #define VMCB_INTCPT_MSR BIT(28) #define VMCB_INTCPT_TASK_SWITCH BIT(29) @@ -136,12 +136,21 @@ struct svm_softc; #define VMCB_EXIT_POPF 0x71 #define VMCB_EXIT_CPUID 0x72 #define VMCB_EXIT_IRET 0x74 +#define VMCB_EXIT_INVD 0x76 #define VMCB_EXIT_PAUSE 0x77 #define VMCB_EXIT_HLT 0x78 +#define VMCB_EXIT_INVLPGA 0x7A #define VMCB_EXIT_IO 0x7B #define VMCB_EXIT_MSR 0x7C #define VMCB_EXIT_SHUTDOWN 0x7F +#define VMCB_EXIT_VMRUN 0x80 +#define VMCB_EXIT_VMMCALL 0x81 +#define VMCB_EXIT_VMLOAD 0x82 #define VMCB_EXIT_VMSAVE 0x83 +#define VMCB_EXIT_STGI 0x84 +#define VMCB_EXIT_CLGI 0x85 +#define VMCB_EXIT_SKINIT 0x86 +#define VMCB_EXIT_ICEBP 0x88 #define VMCB_EXIT_MONITOR 0x8A #define VMCB_EXIT_MWAIT 0x8B #define VMCB_EXIT_NPF 0x400 From owner-svn-src-releng@freebsd.org Tue Sep 15 21:47:45 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A47863E156C; Tue, 15 Sep 2020 21:47:45 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BrcKF3tFlz3TFB; Tue, 15 Sep 2020 21:47:45 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 68F12ED29; Tue, 15 Sep 2020 21:47:45 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08FLljtr046578; Tue, 15 Sep 2020 21:47:45 GMT (envelope-from gordon@FreeBSD.org) Received: (from gordon@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08FLliAg046574; Tue, 15 Sep 2020 21:47:44 GMT (envelope-from gordon@FreeBSD.org) Message-Id: <202009152147.08FLliAg046574@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gordon set sender to gordon@FreeBSD.org using -f From: Gordon Tetlow Date: Tue, 15 Sep 2020 21:47:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365781 - in releng: 11.3/libexec/ftpd 11.4/libexec/ftpd 12.1/libexec/ftpd 12.2/libexec/ftpd X-SVN-Group: releng X-SVN-Commit-Author: gordon X-SVN-Commit-Paths: in releng: 11.3/libexec/ftpd 11.4/libexec/ftpd 12.1/libexec/ftpd 12.2/libexec/ftpd X-SVN-Commit-Revision: 365781 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Sep 2020 21:47:45 -0000 Author: gordon Date: Tue Sep 15 21:47:44 2020 New Revision: 365781 URL: https://svnweb.freebsd.org/changeset/base/365781 Log: Fix ftpd privilege escalation via ftpchroot. Approved by: so Approved by: re (implicit for releng/12.2) Security: FreeBSD-SA-20:30.ftpd Security: CVE-2020-7468 Modified: releng/11.3/libexec/ftpd/ftpd.c releng/11.4/libexec/ftpd/ftpd.c releng/12.1/libexec/ftpd/ftpd.c releng/12.2/libexec/ftpd/ftpd.c Modified: releng/11.3/libexec/ftpd/ftpd.c ============================================================================== --- releng/11.3/libexec/ftpd/ftpd.c Tue Sep 15 21:46:39 2020 (r365780) +++ releng/11.3/libexec/ftpd/ftpd.c Tue Sep 15 21:47:44 2020 (r365781) @@ -1593,13 +1593,20 @@ skip: * (uid 0 has no root power over NFS if not mapped explicitly.) */ if (seteuid(pw->pw_uid) < 0) { - reply(550, "Can't set uid."); - goto bad; + if (guest || dochroot) { + fatalerror("Can't set uid."); + } else { + reply(550, "Can't set uid."); + goto bad; + } } + /* + * Do not allow the session to live if we're chroot()'ed and chdir() + * fails. Otherwise the chroot jail can be escaped. + */ if (chdir(homedir) < 0) { if (guest || dochroot) { - reply(550, "Can't change to base directory."); - goto bad; + fatalerror("Can't change to base directory."); } else { if (chdir("/") < 0) { reply(550, "Root is inaccessible."); Modified: releng/11.4/libexec/ftpd/ftpd.c ============================================================================== --- releng/11.4/libexec/ftpd/ftpd.c Tue Sep 15 21:46:39 2020 (r365780) +++ releng/11.4/libexec/ftpd/ftpd.c Tue Sep 15 21:47:44 2020 (r365781) @@ -1593,13 +1593,20 @@ skip: * (uid 0 has no root power over NFS if not mapped explicitly.) */ if (seteuid(pw->pw_uid) < 0) { - reply(550, "Can't set uid."); - goto bad; + if (guest || dochroot) { + fatalerror("Can't set uid."); + } else { + reply(550, "Can't set uid."); + goto bad; + } } + /* + * Do not allow the session to live if we're chroot()'ed and chdir() + * fails. Otherwise the chroot jail can be escaped. + */ if (chdir(homedir) < 0) { if (guest || dochroot) { - reply(550, "Can't change to base directory."); - goto bad; + fatalerror("Can't change to base directory."); } else { if (chdir("/") < 0) { reply(550, "Root is inaccessible."); Modified: releng/12.1/libexec/ftpd/ftpd.c ============================================================================== --- releng/12.1/libexec/ftpd/ftpd.c Tue Sep 15 21:46:39 2020 (r365780) +++ releng/12.1/libexec/ftpd/ftpd.c Tue Sep 15 21:47:44 2020 (r365781) @@ -1595,13 +1595,20 @@ skip: * (uid 0 has no root power over NFS if not mapped explicitly.) */ if (seteuid(pw->pw_uid) < 0) { - reply(550, "Can't set uid."); - goto bad; + if (guest || dochroot) { + fatalerror("Can't set uid."); + } else { + reply(550, "Can't set uid."); + goto bad; + } } + /* + * Do not allow the session to live if we're chroot()'ed and chdir() + * fails. Otherwise the chroot jail can be escaped. + */ if (chdir(homedir) < 0) { if (guest || dochroot) { - reply(550, "Can't change to base directory."); - goto bad; + fatalerror("Can't change to base directory."); } else { if (chdir("/") < 0) { reply(550, "Root is inaccessible."); Modified: releng/12.2/libexec/ftpd/ftpd.c ============================================================================== --- releng/12.2/libexec/ftpd/ftpd.c Tue Sep 15 21:46:39 2020 (r365780) +++ releng/12.2/libexec/ftpd/ftpd.c Tue Sep 15 21:47:44 2020 (r365781) @@ -1595,13 +1595,20 @@ skip: * (uid 0 has no root power over NFS if not mapped explicitly.) */ if (seteuid(pw->pw_uid) < 0) { - reply(550, "Can't set uid."); - goto bad; + if (guest || dochroot) { + fatalerror("Can't set uid."); + } else { + reply(550, "Can't set uid."); + goto bad; + } } + /* + * Do not allow the session to live if we're chroot()'ed and chdir() + * fails. Otherwise the chroot jail can be escaped. + */ if (chdir(homedir) < 0) { if (guest || dochroot) { - reply(550, "Can't change to base directory."); - goto bad; + fatalerror("Can't change to base directory."); } else { if (chdir("/") < 0) { reply(550, "Root is inaccessible."); From owner-svn-src-releng@freebsd.org Tue Sep 15 21:48:26 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 75F793E1732; Tue, 15 Sep 2020 21:48:26 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BrcL22YFTz3TR4; Tue, 15 Sep 2020 21:48:26 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3B001EF39; Tue, 15 Sep 2020 21:48:26 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08FLmQEa046661; Tue, 15 Sep 2020 21:48:26 GMT (envelope-from gordon@FreeBSD.org) Received: (from gordon@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08FLmOYA046653; Tue, 15 Sep 2020 21:48:24 GMT (envelope-from gordon@FreeBSD.org) Message-Id: <202009152148.08FLmOYA046653@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gordon set sender to gordon@FreeBSD.org using -f From: Gordon Tetlow Date: Tue, 15 Sep 2020 21:48:24 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365782 - in releng: 11.3 11.3/sys/conf 11.4 11.4/sys/conf 12.1 12.1/sys/conf 12.2 12.2/sys/conf X-SVN-Group: releng X-SVN-Commit-Author: gordon X-SVN-Commit-Paths: in releng: 11.3 11.3/sys/conf 11.4 11.4/sys/conf 12.1 12.1/sys/conf 12.2 12.2/sys/conf X-SVN-Commit-Revision: 365782 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Sep 2020 21:48:26 -0000 Author: gordon Date: Tue Sep 15 21:48:24 2020 New Revision: 365782 URL: https://svnweb.freebsd.org/changeset/base/365782 Log: Add UPDATING entries and bump version. Approved by: so Approved by: re (implicit for releng/12.2) Modified: releng/11.3/UPDATING releng/11.3/sys/conf/newvers.sh releng/11.4/UPDATING releng/11.4/sys/conf/newvers.sh releng/12.1/UPDATING releng/12.1/sys/conf/newvers.sh releng/12.2/UPDATING releng/12.2/sys/conf/newvers.sh Modified: releng/11.3/UPDATING ============================================================================== --- releng/11.3/UPDATING Tue Sep 15 21:47:44 2020 (r365781) +++ releng/11.3/UPDATING Tue Sep 15 21:48:24 2020 (r365782) @@ -16,6 +16,20 @@ from older versions of FreeBSD, try WITHOUT_CLANG and the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20200915 p14 FreeBSD-SA-20:27.ure + FreeBSD-SA-20:28.bhyve_vmcs + FreeBSD-SA-20:29.bhyve_svm + FreeBSD-SA-20:30.ftpd + + Fix ure device driver susceptible to packet-in-packet attack. + [SA-20:27.ure] + + Fix bhyve privilege escalation via VMCS access. [SA-20:28.bhyve_vmcs] + + Fix bhyve SVM guest escape. [SA-20:29.bhyve_svm] + + Fix ftpd privilege escalation via ftpchroot. [SA-20:30.ftpd] + 20200902 p13 FreeBSD-EN-20:17.linuxthread FreeBSD-EN-20:18.getfsstat FreeBSD-SA-20:24.ipv6 Modified: releng/11.3/sys/conf/newvers.sh ============================================================================== --- releng/11.3/sys/conf/newvers.sh Tue Sep 15 21:47:44 2020 (r365781) +++ releng/11.3/sys/conf/newvers.sh Tue Sep 15 21:48:24 2020 (r365782) @@ -44,7 +44,7 @@ TYPE="FreeBSD" REVISION="11.3" -BRANCH="RELEASE-p13" +BRANCH="RELEASE-p14" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/11.4/UPDATING ============================================================================== --- releng/11.4/UPDATING Tue Sep 15 21:47:44 2020 (r365781) +++ releng/11.4/UPDATING Tue Sep 15 21:48:24 2020 (r365782) @@ -16,6 +16,20 @@ from older versions of FreeBSD, try WITHOUT_CLANG and the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20200915 p4 FreeBSD-SA-20:27.ure + FreeBSD-SA-20:28.bhyve_vmcs + FreeBSD-SA-20:29.bhyve_svm + FreeBSD-SA-20:30.ftpd + + Fix ure device driver susceptible to packet-in-packet attack. + [SA-20:27.ure] + + Fix bhyve privilege escalation via VMCS access. [SA-20:28.bhyve_vmcs] + + Fix bhyve SVM guest escape. [SA-20:29.bhyve_svm] + + Fix ftpd privilege escalation via ftpchroot. [SA-20:30.ftpd] + 20200902 p3 FreeBSD-EN-20:17.linuxthread FreeBSD-EN-20:18.getfsstat FreeBSD-SA-20:25.sctp Modified: releng/11.4/sys/conf/newvers.sh ============================================================================== --- releng/11.4/sys/conf/newvers.sh Tue Sep 15 21:47:44 2020 (r365781) +++ releng/11.4/sys/conf/newvers.sh Tue Sep 15 21:48:24 2020 (r365782) @@ -44,7 +44,7 @@ TYPE="FreeBSD" REVISION="11.4" -BRANCH="RELEASE-p3" +BRANCH="RELEASE-p4" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/12.1/UPDATING ============================================================================== --- releng/12.1/UPDATING Tue Sep 15 21:47:44 2020 (r365781) +++ releng/12.1/UPDATING Tue Sep 15 21:48:24 2020 (r365782) @@ -16,6 +16,20 @@ from older versions of FreeBSD, try WITHOUT_CLANG and the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20200915 p10 FreeBSD-SA-20:27.ure + FreeBSD-SA-20:28.bhyve_vmcs + FreeBSD-SA-20:29.bhyve_svm + FreeBSD-SA-20:30.ftpd + + Fix ure device driver susceptible to packet-in-packet attack. + [SA-20:27.ure] + + Fix bhyve privilege escalation via VMCS access. [SA-20:28.bhyve_vmcs] + + Fix bhyve SVM guest escape. [SA-20:29.bhyve_svm] + + Fix ftpd privilege escalation via ftpchroot. [SA-20:30.ftpd] + 20200902 p9 FreeBSD-EN-20:17.linuxthread FreeBSD-SA-20:25.sctp FreeBSD-SA-20:26.dhclient Modified: releng/12.1/sys/conf/newvers.sh ============================================================================== --- releng/12.1/sys/conf/newvers.sh Tue Sep 15 21:47:44 2020 (r365781) +++ releng/12.1/sys/conf/newvers.sh Tue Sep 15 21:48:24 2020 (r365782) @@ -46,7 +46,7 @@ TYPE="FreeBSD" REVISION="12.1" -BRANCH="RELEASE-p9" +BRANCH="RELEASE-p10" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/12.2/UPDATING ============================================================================== --- releng/12.2/UPDATING Tue Sep 15 21:47:44 2020 (r365781) +++ releng/12.2/UPDATING Tue Sep 15 21:48:24 2020 (r365782) @@ -16,6 +16,20 @@ from older versions of FreeBSD, try WITHOUT_CLANG and the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20200915 p1 FreeBSD-SA-20:27.ure + FreeBSD-SA-20:28.bhyve_vmcs + FreeBSD-SA-20:29.bhyve_svm + FreeBSD-SA-20:30.ftpd + + Fix ure device driver susceptible to packet-in-packet attack. + [SA-20:27.ure] + + Fix bhyve privilege escalation via VMCS access. [SA-20:28.bhyve_vmcs] + + Fix bhyve SVM guest escape. [SA-20:29.bhyve_svm] + + Fix ftpd privilege escalation via ftpchroot. [SA-20:30.ftpd] + 20200912: The make.conf(5) MALLOC_PRODUCTION variable, used for disabling and enabling assertions and statistics gathering in malloc(3), has been Modified: releng/12.2/sys/conf/newvers.sh ============================================================================== --- releng/12.2/sys/conf/newvers.sh Tue Sep 15 21:47:44 2020 (r365781) +++ releng/12.2/sys/conf/newvers.sh Tue Sep 15 21:48:24 2020 (r365782) @@ -49,7 +49,7 @@ TYPE="FreeBSD" REVISION="12.2" -BRANCH=${BRANCH_OVERRIDE:-BETA1} +BRANCH=${BRANCH_OVERRIDE:-BETA1-p1} RELEASE="${REVISION}-${BRANCH}" VERSION="${TYPE} ${RELEASE}" From owner-svn-src-releng@freebsd.org Thu Sep 17 16:31:19 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DA41D3E63A6; Thu, 17 Sep 2020 16:31:19 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BsjCC5TKFz4G5S; Thu, 17 Sep 2020 16:31:19 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9F75CCEDA; Thu, 17 Sep 2020 16:31:19 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08HGVJ5u034249; Thu, 17 Sep 2020 16:31:19 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08HGVJqE034248; Thu, 17 Sep 2020 16:31:19 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <202009171631.08HGVJqE034248@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Thu, 17 Sep 2020 16:31:19 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365839 - releng/12.2/sys/conf X-SVN-Group: releng X-SVN-Commit-Author: gjb X-SVN-Commit-Paths: releng/12.2/sys/conf X-SVN-Commit-Revision: 365839 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Sep 2020 16:31:19 -0000 Author: gjb Date: Thu Sep 17 16:31:19 2020 New Revision: 365839 URL: https://svnweb.freebsd.org/changeset/base/365839 Log: MFS12 r365838: MFC r365646, r365720: r365646: Enclose BRANCH_OVERRIDE in quotes in order to fix an issue with freebsd-update(8) builds, where BRANCH is suffixed with -p0 for builds. r365720 (gordon): Partially revert r346018 and use the if/then construct instead of shell. Approved by: re (kib) Sponsored by: Rubicon Communications, LLC (netgate.com) Modified: releng/12.2/sys/conf/newvers.sh Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/sys/conf/newvers.sh ============================================================================== --- releng/12.2/sys/conf/newvers.sh Thu Sep 17 16:09:38 2020 (r365838) +++ releng/12.2/sys/conf/newvers.sh Thu Sep 17 16:31:19 2020 (r365839) @@ -49,7 +49,10 @@ TYPE="FreeBSD" REVISION="12.2" -BRANCH=${BRANCH_OVERRIDE:-BETA1-p1} +BRANCH="BETA1-p1" +if [ -n "${BRANCH_OVERRIDE}" ]; then + BRANCH=${BRANCH_OVERRIDE} +fi RELEASE="${REVISION}-${BRANCH}" VERSION="${TYPE} ${RELEASE}" From owner-svn-src-releng@freebsd.org Fri Sep 18 00:02:59 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0E0933F1BF9; Fri, 18 Sep 2020 00:02:59 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BsvDL6fD6z3Zm9; Fri, 18 Sep 2020 00:02:58 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C871A124FA; Fri, 18 Sep 2020 00:02:58 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08I02wP8013829; Fri, 18 Sep 2020 00:02:58 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08I02w9P013828; Fri, 18 Sep 2020 00:02:58 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <202009180002.08I02w9P013828@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Fri, 18 Sep 2020 00:02:58 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365865 - releng/12.2/sys/conf X-SVN-Group: releng X-SVN-Commit-Author: gjb X-SVN-Commit-Paths: releng/12.2/sys/conf X-SVN-Commit-Revision: 365865 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2020 00:02:59 -0000 Author: gjb Date: Fri Sep 18 00:02:58 2020 New Revision: 365865 URL: https://svnweb.freebsd.org/changeset/base/365865 Log: Rename releng/12.2 to BETA2 as part of the 12.2-RELEASE cycle. Approved by: re (implicit) Sponsored by: Rubicon Communications, LLC (netgate.com) Modified: releng/12.2/sys/conf/newvers.sh Modified: releng/12.2/sys/conf/newvers.sh ============================================================================== --- releng/12.2/sys/conf/newvers.sh Thu Sep 17 23:14:17 2020 (r365864) +++ releng/12.2/sys/conf/newvers.sh Fri Sep 18 00:02:58 2020 (r365865) @@ -49,7 +49,7 @@ TYPE="FreeBSD" REVISION="12.2" -BRANCH="BETA1-p1" +BRANCH="BETA2" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From owner-svn-src-releng@freebsd.org Sat Sep 19 02:12:04 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B41FA3F7EC6; Sat, 19 Sep 2020 02:12:04 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BtZ2r4QGwz4RyS; Sat, 19 Sep 2020 02:12:04 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7AFF7249BD; Sat, 19 Sep 2020 02:12:04 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08J2C4Jc081533; Sat, 19 Sep 2020 02:12:04 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08J2C41C081532; Sat, 19 Sep 2020 02:12:04 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <202009190212.08J2C41C081532@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Sat, 19 Sep 2020 02:12:04 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365897 - releng/12.2/usr.sbin/certctl X-SVN-Group: releng X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: releng/12.2/usr.sbin/certctl X-SVN-Commit-Revision: 365897 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Sep 2020 02:12:04 -0000 Author: kevans Date: Sat Sep 19 02:12:04 2020 New Revision: 365897 URL: https://svnweb.freebsd.org/changeset/base/365897 Log: MFS r365891: certctl: fix unprivileged mode The first issue was lack of quoting around INSTALLFLAGS, which set it incorrectly and produced an error on -M. The second issue was that we weren't actually doing the install in unprivileged mode, making it effectively useless. This was designed to pass through the proper metalog/unpriv flags to install(1), so just let it happen. Approved by: re (gjb) Modified: releng/12.2/usr.sbin/certctl/certctl.sh Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/usr.sbin/certctl/certctl.sh ============================================================================== --- releng/12.2/usr.sbin/certctl/certctl.sh Sat Sep 19 01:59:17 2020 (r365896) +++ releng/12.2/usr.sbin/certctl/certctl.sh Sat Sep 19 02:12:04 2020 (r365897) @@ -129,7 +129,7 @@ do_scan() [ -d "$CPATH" ] || continue echo "Scanning $CPATH for certificates..." for CFILE in $(ls -1 "${CPATH}" | grep -Ee "${FILEPAT}"); do - [ -e "$CPATH/$CFILE" -a $UNPRIV -eq 0 ] || continue + [ -e "$CPATH/$CFILE" ] || continue [ $VERBOSE -gt 0 ] && echo "Reading $CFILE" "$CFUNC" "$CPATH/$CFILE" done @@ -263,7 +263,7 @@ shift $(( $OPTIND - 1 )) : ${METALOG:=${DESTDIR}/METALOG} INSTALLFLAGS= -[ $UNPRIV -eq 1 ] && INSTALLFLAGS=-U -M ${METALOG} -D ${DESTDIR} +[ $UNPRIV -eq 1 ] && INSTALLFLAGS="-U -M ${METALOG} -D ${DESTDIR}" : ${TRUSTPATH:=${DESTDIR}/usr/share/certs/trusted:${DESTDIR}/usr/local/share/certs:${DESTDIR}/usr/local/etc/ssl/certs} : ${BLACKLISTPATH:=${DESTDIR}/usr/share/certs/blacklisted:${DESTDIR}/usr/local/etc/ssl/blacklisted} : ${CERTDESTDIR:=${DESTDIR}/etc/ssl/certs} From owner-svn-src-releng@freebsd.org Sat Sep 19 20:47:00 2020 Return-Path: Delivered-To: svn-src-releng@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 788E43EF303; Sat, 19 Sep 2020 20:47:00 +0000 (UTC) (envelope-from allanjude@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Bv2nJ2vfBz4Tjg; Sat, 19 Sep 2020 20:47:00 +0000 (UTC) (envelope-from allanjude@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2E33B11F22; Sat, 19 Sep 2020 20:47:00 +0000 (UTC) (envelope-from allanjude@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08JKl0di080263; Sat, 19 Sep 2020 20:47:00 GMT (envelope-from allanjude@FreeBSD.org) Received: (from allanjude@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08JKkuBn080241; Sat, 19 Sep 2020 20:46:56 GMT (envelope-from allanjude@FreeBSD.org) Message-Id: <202009192046.08JKkuBn080241@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: allanjude set sender to allanjude@FreeBSD.org using -f From: Allan Jude Date: Sat, 19 Sep 2020 20:46:56 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r365917 - in releng/12.2: cddl/contrib/opensolaris/cmd/zfs cddl/contrib/opensolaris/cmd/zpool sys/cddl/compat/opensolaris/kern sys/cddl/compat/opensolaris/sys sys/cddl/contrib/opensolar... X-SVN-Group: releng X-SVN-Commit-Author: allanjude X-SVN-Commit-Paths: in releng/12.2: cddl/contrib/opensolaris/cmd/zfs cddl/contrib/opensolaris/cmd/zpool sys/cddl/compat/opensolaris/kern sys/cddl/compat/opensolaris/sys sys/cddl/contrib/opensolaris/common/zfs sys/cddl/co... X-SVN-Commit-Revision: 365917 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Sep 2020 20:47:00 -0000 Author: allanjude Date: Sat Sep 19 20:46:56 2020 New Revision: 365917 URL: https://svnweb.freebsd.org/changeset/base/365917 Log: MFS r365689,r365808,r365860 MFOpenZFS: Introduce read/write kstats per dataset The following patch introduces a few statistics on reads and writes grouped by dataset. These statistics are implemented as kstats (backed by aggregate sums for performance) and can be retrieved by using the dataset objset ID number. The motivation for this change is to provide some preliminary analytics on dataset usage/performance. Reviewed-by: Richard Elling Reviewed-by: Brian Behlendorf Reviewed by: Matthew Ahrens Signed-off-by: Serapheim Dimitropoulos openzfs/zfs@a448a2557ec4938ed6944c7766fe0b8e6e5f6456 Also contains parts of: MFOpenZFS: Connect dataset_kstats for FreeBSD Example output: kstat.zfs.mypool.dataset.objset-0x10b.nread: 150528 kstat.zfs.mypool.dataset.objset-0x10b.reads: 48 kstat.zfs.mypool.dataset.objset-0x10b.nwritten: 134217728 kstat.zfs.mypool.dataset.objset-0x10b.writes: 1024 kstat.zfs.mypool.dataset.objset-0x10b.dataset_name: mypool/datasetname Reviewed-by: Ryan Moeller Reviewed by: Sean Eric Fagan Reviewed-by: Serapheim Dimitropoulos Reviewed-by: Brian Behlendorf Signed-off-by: Allan Jude openzfs/zfs@4547fc4e071ceb1818b3a46c3035b923e06e5390 Approved by: re (gjb) Relnotes: yes Sponsored by: Klara Inc. Added: releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dataset_kstats.c - copied unchanged from r365689, stable/12/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dataset_kstats.c releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/dataset_kstats.h - copied unchanged from r365689, stable/12/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/dataset_kstats.h Modified: releng/12.2/cddl/contrib/opensolaris/cmd/zfs/zfs.8 releng/12.2/cddl/contrib/opensolaris/cmd/zpool/zpool.8 releng/12.2/sys/cddl/compat/opensolaris/kern/opensolaris_kstat.c releng/12.2/sys/cddl/compat/opensolaris/sys/kstat.h releng/12.2/sys/cddl/contrib/opensolaris/common/zfs/zfs_prop.c releng/12.2/sys/cddl/contrib/opensolaris/common/zfs/zpool_prop.c releng/12.2/sys/cddl/contrib/opensolaris/uts/common/Makefile.files releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa.c releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/zfs_vfsops.h releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zvol.c releng/12.2/sys/cddl/contrib/opensolaris/uts/common/sys/fs/zfs.h releng/12.2/sys/conf/files releng/12.2/tests/sys/cddl/zfs/tests/cli_root/zpool_get/zpool_get.cfg Directory Properties: releng/12.2/ (props changed) Modified: releng/12.2/cddl/contrib/opensolaris/cmd/zfs/zfs.8 ============================================================================== --- releng/12.2/cddl/contrib/opensolaris/cmd/zfs/zfs.8 Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/cddl/contrib/opensolaris/cmd/zfs/zfs.8 Sat Sep 19 20:46:56 2020 (r365917) @@ -32,7 +32,7 @@ .\" .\" $FreeBSD$ .\" -.Dd October 16, 2019 +.Dd September 12, 2020 .Dt ZFS 8 .Os .Sh NAME @@ -635,6 +635,16 @@ property can be either .Cm yes or .Cm no . +.It Sy objsetid +A unique identifier for this dataset within the pool. Unlike the dataset's +.Sy guid +, the +.Sy objsetid +of a dataset is not transferred to other pools when the snapshot is copied +with a send/receive operation. +The +.Sy objsetid +can be reused (for a new datatset) after the dataset is deleted. .It Sy origin For cloned file systems or volumes, the snapshot from which the clone was created. See also the Modified: releng/12.2/cddl/contrib/opensolaris/cmd/zpool/zpool.8 ============================================================================== --- releng/12.2/cddl/contrib/opensolaris/cmd/zpool/zpool.8 Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/cddl/contrib/opensolaris/cmd/zpool/zpool.8 Sat Sep 19 20:46:56 2020 (r365917) @@ -687,6 +687,15 @@ will decrease while increases. .It Sy guid A unique identifier for the pool. +.It Sy load_guid +A unique identifier for the pool. +Unlike the +.Sy guid +property, this identifier is generated every time we load the pool (e.g. does +not persist across imports/exports) and never changes while the pool is loaded +(even if a +.Sy reguid +operation takes place). .It Sy health The current health of the pool. Health can be .Qq Sy ONLINE , Modified: releng/12.2/sys/cddl/compat/opensolaris/kern/opensolaris_kstat.c ============================================================================== --- releng/12.2/sys/cddl/compat/opensolaris/kern/opensolaris_kstat.c Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/cddl/compat/opensolaris/kern/opensolaris_kstat.c Sat Sep 19 20:46:56 2020 (r365917) @@ -38,12 +38,24 @@ static MALLOC_DEFINE(M_KSTAT, "kstat_data", "Kernel st SYSCTL_ROOT_NODE(OID_AUTO, kstat, CTLFLAG_RW, 0, "Kernel statistics"); +static int +kstat_default_update(kstat_t *ksp, int rw) +{ + KASSERT(ksp != NULL, ("kstat=%p", ksp)); + + if (rw == KSTAT_WRITE) + return (EACCES); + + return (0); +} + kstat_t * kstat_create(char *module, int instance, char *name, char *class, uchar_t type, ulong_t ndata, uchar_t flags) { struct sysctl_oid *root; kstat_t *ksp; + char *pool; KASSERT(instance == 0, ("instance=%d", instance)); KASSERT(type == KSTAT_TYPE_NAMED, ("type=%hhu", type)); @@ -56,11 +68,21 @@ kstat_create(char *module, int instance, char *name, c */ ksp = malloc(sizeof(*ksp), M_KSTAT, M_WAITOK); ksp->ks_ndata = ndata; + ksp->ks_update = kstat_default_update; /* + * Some kstats use a module name like "zfs/poolname" to distinguish a + * set of kstats belonging to a specific pool. Split on '/' to add an + * extra node for the pool name if needed. + */ + pool = strchr(module, '/'); + if (pool != NULL) + *pool++ = '\0'; + + /* * Create sysctl tree for those statistics: * - * kstat.... + * kstat.[.].. */ sysctl_ctx_init(&ksp->ks_sysctl_ctx); root = SYSCTL_ADD_NODE(&ksp->ks_sysctl_ctx, @@ -72,11 +94,26 @@ kstat_create(char *module, int instance, char *name, c free(ksp, M_KSTAT); return (NULL); } + if (pool != NULL) { + root = SYSCTL_ADD_NODE(&ksp->ks_sysctl_ctx, + SYSCTL_CHILDREN(root), OID_AUTO, pool, CTLFLAG_RW, 0, ""); + if (root == NULL) { + printf("%s: Cannot create kstat.%s.%s tree!\n", + __func__, module, pool); + sysctl_ctx_free(&ksp->ks_sysctl_ctx); + free(ksp, M_KSTAT); + return (NULL); + } + } root = SYSCTL_ADD_NODE(&ksp->ks_sysctl_ctx, SYSCTL_CHILDREN(root), OID_AUTO, class, CTLFLAG_RW, 0, ""); if (root == NULL) { - printf("%s: Cannot create kstat.%s.%s tree!\n", __func__, - module, class); + if (pool != NULL) + printf("%s: Cannot create kstat.%s.%s.%s tree!\n", + __func__, module, pool, class); + else + printf("%s: Cannot create kstat.%s.%s tree!\n", + __func__, module, class); sysctl_ctx_free(&ksp->ks_sysctl_ctx); free(ksp, M_KSTAT); return (NULL); @@ -84,8 +121,13 @@ kstat_create(char *module, int instance, char *name, c root = SYSCTL_ADD_NODE(&ksp->ks_sysctl_ctx, SYSCTL_CHILDREN(root), OID_AUTO, name, CTLFLAG_RW, 0, ""); if (root == NULL) { - printf("%s: Cannot create kstat.%s.%s.%s tree!\n", __func__, - module, class, name); + if (pool != NULL) + printf("%s: Cannot create kstat.%s.%s.%s.%s " + "tree!\n", __func__, module, pool, class, + name); + else + printf("%s: Cannot create kstat.%s.%s.%s " + "tree!\n", __func__, module, class, name); sysctl_ctx_free(&ksp->ks_sysctl_ctx); free(ksp, M_KSTAT); return (NULL); @@ -98,13 +140,38 @@ kstat_create(char *module, int instance, char *name, c static int kstat_sysctl(SYSCTL_HANDLER_ARGS) { - kstat_named_t *ksent = arg1; + kstat_t *ksp = arg1; + kstat_named_t *ksent = ksp->ks_data; uint64_t val; + /* Select the correct element */ + ksent += arg2; + /* Update the aggsums before reading */ + (void) ksp->ks_update(ksp, KSTAT_READ); val = ksent->value.ui64; + return sysctl_handle_64(oidp, &val, 0, req); } +static int +kstat_sysctl_string(SYSCTL_HANDLER_ARGS) +{ + kstat_t *ksp = arg1; + kstat_named_t *ksent = ksp->ks_data; + char *val; + uint32_t len = 0; + + /* Select the correct element */ + ksent += arg2; + /* Update the aggsums before reading */ + (void) ksp->ks_update(ksp, KSTAT_READ); + val = KSTAT_NAMED_STR_PTR(ksent); + len = KSTAT_NAMED_STR_BUFLEN(ksent); + val[len-1] = '\0'; + + return (sysctl_handle_string(oidp, val, len, req)); +} + void kstat_install(kstat_t *ksp) { @@ -113,11 +180,19 @@ kstat_install(kstat_t *ksp) ksent = ksp->ks_data; for (i = 0; i < ksp->ks_ndata; i++, ksent++) { + if (ksent->data_type == KSTAT_DATA_STRING) { + SYSCTL_ADD_PROC(&ksp->ks_sysctl_ctx, + SYSCTL_CHILDREN(ksp->ks_sysctl_root), + OID_AUTO, ksent->name, + CTLTYPE_STRING | CTLFLAG_RD, ksp, i, + kstat_sysctl_string, "A", ksent->desc); + continue; + } KASSERT(ksent->data_type == KSTAT_DATA_UINT64, ("data_type=%d", ksent->data_type)); SYSCTL_ADD_PROC(&ksp->ks_sysctl_ctx, SYSCTL_CHILDREN(ksp->ks_sysctl_root), OID_AUTO, ksent->name, - CTLTYPE_U64 | CTLFLAG_RD, ksent, sizeof(*ksent), + CTLTYPE_U64 | CTLFLAG_RD, ksp, i, kstat_sysctl, "QU", ksent->desc); } } Modified: releng/12.2/sys/cddl/compat/opensolaris/sys/kstat.h ============================================================================== --- releng/12.2/sys/cddl/compat/opensolaris/sys/kstat.h Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/cddl/compat/opensolaris/sys/kstat.h Sat Sep 19 20:46:56 2020 (r365917) @@ -68,13 +68,24 @@ typedef struct kstat_named { #define KSTAT_DATA_UINT32 2 #define KSTAT_DATA_INT64 3 #define KSTAT_DATA_UINT64 4 +#define KSTAT_DATA_STRING 7 uchar_t data_type; #define KSTAT_DESCLEN 128 char desc[KSTAT_DESCLEN]; union { uint64_t ui64; + struct { + union { + char *ptr; /* NULL-term string */ + char __pad[8]; /* 64-bit padding */ + } addr; + uint32_t len; /* # bytes for strlen + '\0' */ + } string; } value; } kstat_named_t; + +#define KSTAT_NAMED_STR_PTR(knptr) ((knptr)->value.string.addr.ptr) +#define KSTAT_NAMED_STR_BUFLEN(knptr) ((knptr)->value.string.len) kstat_t *kstat_create(char *module, int instance, char *name, char *cls, uchar_t type, ulong_t ndata, uchar_t flags); Modified: releng/12.2/sys/cddl/contrib/opensolaris/common/zfs/zfs_prop.c ============================================================================== --- releng/12.2/sys/cddl/contrib/opensolaris/common/zfs/zfs_prop.c Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/cddl/contrib/opensolaris/common/zfs/zfs_prop.c Sat Sep 19 20:46:56 2020 (r365917) @@ -446,6 +446,8 @@ zfs_prop_init(void) ZFS_TYPE_DATASET | ZFS_TYPE_BOOKMARK, "", "GUID"); zprop_register_number(ZFS_PROP_CREATETXG, "createtxg", 0, PROP_READONLY, ZFS_TYPE_DATASET | ZFS_TYPE_BOOKMARK, "", "CREATETXG"); + zprop_register_number(ZFS_PROP_OBJSETID, "objsetid", 0, + PROP_READONLY, ZFS_TYPE_DATASET, "", "OBJSETID"); /* inherit number properties */ zprop_register_number(ZFS_PROP_RECORDSIZE, "recordsize", @@ -472,8 +474,6 @@ zfs_prop_init(void) "USERACCOUNTING"); zprop_register_hidden(ZFS_PROP_UNIQUE, "unique", PROP_TYPE_NUMBER, PROP_READONLY, ZFS_TYPE_DATASET, "UNIQUE"); - zprop_register_hidden(ZFS_PROP_OBJSETID, "objsetid", PROP_TYPE_NUMBER, - PROP_READONLY, ZFS_TYPE_DATASET, "OBJSETID"); zprop_register_hidden(ZFS_PROP_INCONSISTENT, "inconsistent", PROP_TYPE_NUMBER, PROP_READONLY, ZFS_TYPE_DATASET, "INCONSISTENT"); zprop_register_hidden(ZFS_PROP_PREV_SNAP, "prevsnap", PROP_TYPE_STRING, Modified: releng/12.2/sys/cddl/contrib/opensolaris/common/zfs/zpool_prop.c ============================================================================== --- releng/12.2/sys/cddl/contrib/opensolaris/common/zfs/zpool_prop.c Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/cddl/contrib/opensolaris/common/zfs/zpool_prop.c Sat Sep 19 20:46:56 2020 (r365917) @@ -21,7 +21,7 @@ /* * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. * Copyright 2011 Nexenta Systems, Inc. All rights reserved. - * Copyright (c) 2012, 2017 by Delphix. All rights reserved. + * Copyright (c) 2012, 2017, 2018 by Delphix. All rights reserved. * Copyright (c) 2014 Integros [integros.com] */ @@ -96,6 +96,8 @@ zpool_prop_init(void) ZFS_TYPE_POOL, "", "CAP"); zprop_register_number(ZPOOL_PROP_GUID, "guid", 0, PROP_READONLY, ZFS_TYPE_POOL, "", "GUID"); + zprop_register_number(ZPOOL_PROP_LOAD_GUID, "load_guid", 0, + PROP_READONLY, ZFS_TYPE_POOL, "", "LOAD_GUID"); zprop_register_number(ZPOOL_PROP_HEALTH, "health", 0, PROP_READONLY, ZFS_TYPE_POOL, "", "HEALTH"); zprop_register_number(ZPOOL_PROP_DEDUPRATIO, "dedupratio", 0, Modified: releng/12.2/sys/cddl/contrib/opensolaris/uts/common/Makefile.files ============================================================================== --- releng/12.2/sys/cddl/contrib/opensolaris/uts/common/Makefile.files Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/cddl/contrib/opensolaris/uts/common/Makefile.files Sat Sep 19 20:46:56 2020 (r365917) @@ -71,6 +71,7 @@ ZFS_COMMON_OBJS += \ bptree.o \ bqueue.o \ cityhash.o \ + dataset_kstats.c \ dbuf.o \ dbuf_stats.o \ ddt.o \ Copied: releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dataset_kstats.c (from r365689, stable/12/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dataset_kstats.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dataset_kstats.c Sat Sep 19 20:46:56 2020 (r365917, copy of r365689, stable/12/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dataset_kstats.c) @@ -0,0 +1,185 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ + +/* + * Copyright (c) 2018 by Delphix. All rights reserved. + */ + +#include +#include +#include +#include + +static dataset_kstat_values_t empty_dataset_kstats = { + { "dataset_name", KSTAT_DATA_STRING }, + { "writes", KSTAT_DATA_UINT64 }, + { "nwritten", KSTAT_DATA_UINT64 }, + { "reads", KSTAT_DATA_UINT64 }, + { "nread", KSTAT_DATA_UINT64 }, +}; + +static int +dataset_kstats_update(kstat_t *ksp, int rw) +{ + dataset_kstats_t *dk = ksp->ks_private; + ASSERT3P(dk->dk_kstats->ks_data, ==, ksp->ks_data); + + if (rw == KSTAT_WRITE) + return (EACCES); + + dataset_kstat_values_t *dkv = dk->dk_kstats->ks_data; + dkv->dkv_writes.value.ui64 = + aggsum_value(&dk->dk_aggsums.das_writes); + dkv->dkv_nwritten.value.ui64 = + aggsum_value(&dk->dk_aggsums.das_nwritten); + dkv->dkv_reads.value.ui64 = + aggsum_value(&dk->dk_aggsums.das_reads); + dkv->dkv_nread.value.ui64 = + aggsum_value(&dk->dk_aggsums.das_nread); + + return (0); +} + +void +dataset_kstats_create(dataset_kstats_t *dk, objset_t *objset) +{ + /* + * There should not be anything wrong with having kstats for + * snapshots. Since we are not sure how useful they would be + * though nor how much their memory overhead would matter in + * a filesystem with many snapshots, we skip them for now. + */ + if (dmu_objset_is_snapshot(objset)) + return; + + /* + * At the time of this writing, KSTAT_STRLEN is 255 in Linux, + * and the spa_name can theoretically be up to 256 characters. + * In reality though the spa_name can be 240 characters max + * [see origin directory name check in pool_namecheck()]. Thus, + * the naming scheme for the module name below should not cause + * any truncations. In the event that a truncation does happen + * though, due to some future change, we silently skip creating + * the kstat and log the event. + */ + char kstat_module_name[KSTAT_STRLEN]; + int n = snprintf(kstat_module_name, sizeof (kstat_module_name), + "zfs/%s", spa_name(dmu_objset_spa(objset))); + if (n < 0) { + zfs_dbgmsg("failed to create dataset kstat for objset %lld: " + " snprintf() for kstat module name returned %d", + (unsigned long long)dmu_objset_id(objset), n); + return; + } else if (n >= KSTAT_STRLEN) { + zfs_dbgmsg("failed to create dataset kstat for objset %lld: " + "kstat module name length (%d) exceeds limit (%d)", + (unsigned long long)dmu_objset_id(objset), + n, KSTAT_STRLEN); + return; + } + + char kstat_name[KSTAT_STRLEN]; + n = snprintf(kstat_name, sizeof (kstat_name), "objset-0x%llx", + (unsigned long long)dmu_objset_id(objset)); + if (n < 0) { + zfs_dbgmsg("failed to create dataset kstat for objset %lld: " + " snprintf() for kstat name returned %d", + (unsigned long long)dmu_objset_id(objset), n); + return; + } + ASSERT3U(n, <, KSTAT_STRLEN); + + kstat_t *kstat = kstat_create(kstat_module_name, 0, kstat_name, + "dataset", KSTAT_TYPE_NAMED, + sizeof (empty_dataset_kstats) / sizeof (kstat_named_t), + KSTAT_FLAG_VIRTUAL); + if (kstat == NULL) + return; + + dataset_kstat_values_t *dk_kstats = + kmem_alloc(sizeof (empty_dataset_kstats), KM_SLEEP); + bcopy(&empty_dataset_kstats, dk_kstats, + sizeof (empty_dataset_kstats)); + + char *ds_name = kmem_zalloc(ZFS_MAX_DATASET_NAME_LEN, KM_SLEEP); + dsl_dataset_name(objset->os_dsl_dataset, ds_name); + KSTAT_NAMED_STR_PTR(&dk_kstats->dkv_ds_name) = ds_name; + KSTAT_NAMED_STR_BUFLEN(&dk_kstats->dkv_ds_name) = + ZFS_MAX_DATASET_NAME_LEN; + + kstat->ks_data = dk_kstats; + kstat->ks_update = dataset_kstats_update; + kstat->ks_private = dk; + + kstat_install(kstat); + dk->dk_kstats = kstat; + + aggsum_init(&dk->dk_aggsums.das_writes, 0); + aggsum_init(&dk->dk_aggsums.das_nwritten, 0); + aggsum_init(&dk->dk_aggsums.das_reads, 0); + aggsum_init(&dk->dk_aggsums.das_nread, 0); +} + +void +dataset_kstats_destroy(dataset_kstats_t *dk) +{ + if (dk->dk_kstats == NULL) + return; + + dataset_kstat_values_t *dkv = dk->dk_kstats->ks_data; + kmem_free(KSTAT_NAMED_STR_PTR(&dkv->dkv_ds_name), + KSTAT_NAMED_STR_BUFLEN(&dkv->dkv_ds_name)); + kmem_free(dkv, sizeof (empty_dataset_kstats)); + + kstat_delete(dk->dk_kstats); + dk->dk_kstats = NULL; + + aggsum_fini(&dk->dk_aggsums.das_writes); + aggsum_fini(&dk->dk_aggsums.das_nwritten); + aggsum_fini(&dk->dk_aggsums.das_reads); + aggsum_fini(&dk->dk_aggsums.das_nread); +} + +void +dataset_kstats_update_write_kstats(dataset_kstats_t *dk, + int64_t nwritten) +{ + ASSERT3S(nwritten, >=, 0); + + if (dk->dk_kstats == NULL) + return; + + aggsum_add(&dk->dk_aggsums.das_writes, 1); + aggsum_add(&dk->dk_aggsums.das_nwritten, nwritten); +} + +void +dataset_kstats_update_read_kstats(dataset_kstats_t *dk, + int64_t nread) +{ + ASSERT3S(nread, >=, 0); + + if (dk->dk_kstats == NULL) + return; + + aggsum_add(&dk->dk_aggsums.das_reads, 1); + aggsum_add(&dk->dk_aggsums.das_nread, nread); +} Modified: releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa.c ============================================================================== --- releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa.c Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa.c Sat Sep 19 20:46:56 2020 (r365917) @@ -352,6 +352,9 @@ spa_prop_get_config(spa_t *spa, nvlist_t **nvp) else src = ZPROP_SRC_LOCAL; spa_prop_add_list(*nvp, ZPOOL_PROP_VERSION, NULL, version, src); + + spa_prop_add_list(*nvp, ZPOOL_PROP_LOAD_GUID, + NULL, spa_load_guid(spa), src); } if (pool != NULL) { Copied: releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/dataset_kstats.h (from r365689, stable/12/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/dataset_kstats.h) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/dataset_kstats.h Sat Sep 19 20:46:56 2020 (r365917, copy of r365689, stable/12/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/dataset_kstats.h) @@ -0,0 +1,59 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ + +/* + * Copyright (c) 2018 by Delphix. All rights reserved. + */ + +#ifndef _SYS_DATASET_KSTATS_H +#define _SYS_DATASET_KSTATS_H + +#include +#include +#include + +typedef struct dataset_aggsum_stats_t { + aggsum_t das_writes; + aggsum_t das_nwritten; + aggsum_t das_reads; + aggsum_t das_nread; +} dataset_aggsum_stats_t; + +typedef struct dataset_kstat_values { + kstat_named_t dkv_ds_name; + kstat_named_t dkv_writes; + kstat_named_t dkv_nwritten; + kstat_named_t dkv_reads; + kstat_named_t dkv_nread; +} dataset_kstat_values_t; + +typedef struct dataset_kstats { + dataset_aggsum_stats_t dk_aggsums; + kstat_t *dk_kstats; +} dataset_kstats_t; + +void dataset_kstats_create(dataset_kstats_t *, objset_t *); +void dataset_kstats_destroy(dataset_kstats_t *); + +void dataset_kstats_update_write_kstats(dataset_kstats_t *, int64_t); +void dataset_kstats_update_read_kstats(dataset_kstats_t *, int64_t); + +#endif /* _SYS_DATASET_KSTATS_H */ Modified: releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/zfs_vfsops.h ============================================================================== --- releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/zfs_vfsops.h Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/zfs_vfsops.h Sat Sep 19 20:46:56 2020 (r365917) @@ -20,6 +20,7 @@ */ /* * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2018 by Delphix. All rights reserved. * Copyright (c) 2011 Pawel Jakub Dawidek . * All rights reserved. */ @@ -27,6 +28,7 @@ #ifndef _SYS_FS_ZFS_VFSOPS_H #define _SYS_FS_ZFS_VFSOPS_H +#include #include #include #include @@ -80,6 +82,7 @@ struct zfsvfs { boolean_t z_use_namecache;/* make use of FreeBSD name cache */ uint64_t z_version; /* ZPL version */ uint64_t z_shares_dir; /* hidden shares dir */ + dataset_kstats_t z_kstat; /* fs kstats */ kmutex_t z_lock; uint64_t z_userquota_obj; uint64_t z_groupquota_obj; Modified: releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c ============================================================================== --- releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c Sat Sep 19 20:46:56 2020 (r365917) @@ -1245,6 +1245,9 @@ zfsvfs_setup(zfsvfs_t *zfsvfs, boolean_t mounting) if (mounting) { boolean_t readonly; + ASSERT3P(zfsvfs->z_kstat.dk_kstats, ==, NULL); + dataset_kstats_create(&zfsvfs->z_kstat, zfsvfs->z_os); + /* * During replay we remove the read only flag to * allow replays to succeed. @@ -1333,6 +1336,7 @@ zfsvfs_free(zfsvfs_t *zfsvfs) rw_destroy(&zfsvfs->z_fuid_lock); for (i = 0; i != ZFS_OBJ_MTX_SZ; i++) mutex_destroy(&zfsvfs->z_hold_mtx[i]); + dataset_kstats_destroy(&zfsvfs->z_kstat); kmem_free(zfsvfs, sizeof (zfsvfs_t)); } Modified: releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c ============================================================================== --- releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c Sat Sep 19 20:46:56 2020 (r365917) @@ -77,6 +77,7 @@ #include #include #include +#include /* * Programming rules. @@ -701,9 +702,10 @@ zfs_read(vnode_t *vp, uio_t *uio, int ioflag, cred_t * { znode_t *zp = VTOZ(vp); zfsvfs_t *zfsvfs = zp->z_zfsvfs; - ssize_t n, nbytes; + ssize_t n, nbytes, start_resid; int error = 0; xuio_t *xuio = NULL; + int64_t nread; ZFS_ENTER(zfsvfs); ZFS_VERIFY_ZP(zp); @@ -764,6 +766,7 @@ zfs_read(vnode_t *vp, uio_t *uio, int ioflag, cred_t * ASSERT(uio->uio_loffset < zp->z_size); n = MIN(uio->uio_resid, zp->z_size - uio->uio_loffset); + start_resid = n; #ifdef illumos if ((uio->uio_extflg == UIO_XUIO) && @@ -820,6 +823,10 @@ zfs_read(vnode_t *vp, uio_t *uio, int ioflag, cred_t * n -= nbytes; } + + nread = start_resid - n; + dataset_kstats_update_read_kstats(&zfsvfs->z_kstat, nread); + out: rangelock_exit(lr); @@ -873,6 +880,7 @@ zfs_write(vnode_t *vp, uio_t *uio, int ioflag, cred_t int count = 0; sa_bulk_attr_t bulk[4]; uint64_t mtime[2], ctime[2]; + int64_t nwritten; /* * Fasttrack empty write @@ -1239,6 +1247,9 @@ zfs_write(vnode_t *vp, uio_t *uio, int ioflag, cred_t if (ioflag & (FSYNC | FDSYNC) || zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS) zil_commit(zilog, zp->z_id); + + nwritten = start_resid - uio->uio_resid; + dataset_kstats_update_write_kstats(&zfsvfs->z_kstat, nwritten); ZFS_EXIT(zfsvfs); return (0); Modified: releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zvol.c ============================================================================== --- releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zvol.c Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zvol.c Sat Sep 19 20:46:56 2020 (r365917) @@ -96,6 +96,7 @@ #include #include #include +#include #include @@ -177,6 +178,7 @@ typedef struct zvol_state { list_t zv_extents; /* List of extents for dump */ rangelock_t zv_rangelock; dnode_t *zv_dn; /* dnode hold */ + dataset_kstats_t zv_kstat; /* zvol kstats */ #ifndef illumos int zv_state; int zv_volmode; /* Provide GEOM or cdev */ @@ -768,6 +770,10 @@ zvol_create_minor(const char *name) else zil_replay(os, zv, zvol_replay_vector); } + + ASSERT3P(zv->zv_kstat.dk_kstats, ==, NULL); + dataset_kstats_create(&zv->zv_kstat, zv->zv_objset); + dmu_objset_disown(os, FTAG); zv->zv_objset = NULL; @@ -823,6 +829,7 @@ zvol_remove_zv(zvol_state_t *zv) rangelock_fini(&zv->zv_rangelock); + dataset_kstats_destroy(&zv->zv_kstat); kmem_free(zv, sizeof (zvol_state_t)); #ifdef illumos ddi_soft_state_free(zfsdev_state, minor); @@ -1752,6 +1759,23 @@ unlock: bp->bio_completed = bp->bio_length - resid; if (bp->bio_completed < bp->bio_length && off > volsize) error = EINVAL; + + switch (bp->bio_cmd) { + case BIO_FLUSH: + break; + case BIO_READ: + dataset_kstats_update_read_kstats(&zv->zv_kstat, + bp->bio_completed); + break; + case BIO_WRITE: + dataset_kstats_update_write_kstats(&zv->zv_kstat, + bp->bio_completed); + break; + case BIO_DELETE: + break; + default: + break; + } if (sync) { sync: Modified: releng/12.2/sys/cddl/contrib/opensolaris/uts/common/sys/fs/zfs.h ============================================================================== --- releng/12.2/sys/cddl/contrib/opensolaris/uts/common/sys/fs/zfs.h Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/cddl/contrib/opensolaris/uts/common/sys/fs/zfs.h Sat Sep 19 20:46:56 2020 (r365917) @@ -148,7 +148,7 @@ typedef enum { ZFS_PROP_USERREFS, ZFS_PROP_LOGBIAS, ZFS_PROP_UNIQUE, /* not exposed to the user */ - ZFS_PROP_OBJSETID, /* not exposed to the user */ + ZFS_PROP_OBJSETID, ZFS_PROP_DEDUP, ZFS_PROP_MLSLABEL, ZFS_PROP_SYNC, @@ -220,6 +220,7 @@ typedef enum { ZPOOL_PROP_TNAME, ZPOOL_PROP_MAXDNODESIZE, ZPOOL_PROP_MULTIHOST, + ZPOOL_PROP_LOAD_GUID, ZPOOL_NUM_PROPS } zpool_prop_t; Modified: releng/12.2/sys/conf/files ============================================================================== --- releng/12.2/sys/conf/files Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/sys/conf/files Sat Sep 19 20:46:56 2020 (r365917) @@ -163,6 +163,7 @@ cddl/contrib/opensolaris/uts/common/fs/zfs/bpobj.c o cddl/contrib/opensolaris/uts/common/fs/zfs/bptree.c optional zfs compile-with "${ZFS_C}" cddl/contrib/opensolaris/uts/common/fs/zfs/bqueue.c optional zfs compile-with "${ZFS_C}" cddl/contrib/opensolaris/uts/common/fs/zfs/cityhash.c optional zfs compile-with "${ZFS_C}" +cddl/contrib/opensolaris/uts/common/fs/zfs/dataset_kstats.c optional zfs compile-with "${ZFS_C}" cddl/contrib/opensolaris/uts/common/fs/zfs/dbuf.c optional zfs compile-with "${ZFS_C}" cddl/contrib/opensolaris/uts/common/fs/zfs/dbuf_stats.c optional zfs compile-with "${ZFS_C}" cddl/contrib/opensolaris/uts/common/fs/zfs/ddt.c optional zfs compile-with "${ZFS_C}" Modified: releng/12.2/tests/sys/cddl/zfs/tests/cli_root/zpool_get/zpool_get.cfg ============================================================================== --- releng/12.2/tests/sys/cddl/zfs/tests/cli_root/zpool_get/zpool_get.cfg Sat Sep 19 20:18:14 2020 (r365916) +++ releng/12.2/tests/sys/cddl/zfs/tests/cli_root/zpool_get/zpool_get.cfg Sat Sep 19 20:46:56 2020 (r365917) @@ -35,6 +35,7 @@ typeset -a properties=( "altroot" "health" "guid" + "load_guid" "version" "bootfs" "delegation"