MFC r349627:
Remove the CDIOCREADSUBCHANNEL_SYSSPACE ioctl.

admbugs: 768
Reported by: Alex Fortune
Approved by: so
Security: CVE-2019-5602
Security: FreeBSD-SA-19:11.cd_ioctl

MFC r347052:

In order to reduce duplication between MD parts of the Linuxulator
move bits that are MI out into the headers in compat/linux.
For that remove bogus _packed attribute from struct l_sock

MFC r347052:

In order to reduce duplication between MD parts of the Linuxulator
move bits that are MI out into the headers in compat/linux.
For that remove bogus _packed attribute from struct l_sockaddr
and use MI types for struct members.

And continue to move into the linux_common module a code that is
intended for both Linuxulator modules (both instruction set - 32 & 64 bit)
or for external modules like linsysfs or linprocfs.

To avoid header pollution introduce new sys/compat/linux_common.h header.

show more ...

MFC linuxulator stack memory disclosure fixes

r343260 linuxulator: fix stack memory disclosure in linux_ioctl_v4l
r343261 linuxulator: fix stack memory disclosure in linux_ioctl_termio
r343262 linux

MFC linuxulator stack memory disclosure fixes

r343260 linuxulator: fix stack memory disclosure in linux_ioctl_v4l
r343261 linuxulator: fix stack memory disclosure in linux_ioctl_termio
r343262 linuxulator: fix stack memory disclosure in linux_sigaltstack
r343263 linuxulator: fix stack memory disclosure in linux_sigaltstack

admbugs: 765
Reported by: Vlad Tsyrklevich <[email protected]>
Security: Kernel stack memory disclosure
Sponsored by: The FreeBSD Foundation

show more ...

MFC r340181, r340185:

On amd64 both Linux compat modules, linux.ko and linux64.ko, provide
linux_ioctl_(un)register_handler that allows other driver modules to
register ioctl handlers. The ioctl sy

MFC r340181, r340185:

On amd64 both Linux compat modules, linux.ko and linux64.ko, provide
linux_ioctl_(un)register_handler that allows other driver modules to
register ioctl handlers. The ioctl syscall implementation in each Linux
compat module iterates over the list of handlers and forwards the call to
the appropriate driver. Because the registration functions have the same
name in each module it is not possible for a driver to support both 32 and
64 bit linux compatibility.

Move the list of ioctl handlers to linux_common.ko so it is shared by
both Linux modules and all drivers receive both 32 and 64 bit ioctl calls
with one registration. These ioctl handlers normally forward the call
to the FreeBSD ioctl handler which can handle both 32 and 64 bit.

Keep the special COMPAT_LINUX32 ioctl handlers in linux.ko in a separate
list for now and let the ioctl syscall iterate over that list first.
Later, COMPAT_LINUX32 support can be added to the 64 bit ioctl handlers
via a runtime check for ILP32 like is done for COMPAT_FREEBSD32 and then
this separate list would disappear again. That is a much bigger effort
however and this commit is meant to be MFCable.

This enables linux64 support in x11/nvidia-driver*.

PR: 206711
Reviewed by: kib
Approved by: re (gjb)

show more ...

UDP: further performance improvements on tx

Cumulative throughput while running 64
netperf -H $DUT -t UDP_STREAM -- -m 1
on a 2x8x2 SKL went from 1.1Mpps to 2.5Mpps

Single stream throughput incre

UDP: further performance improvements on tx

Cumulative throughput while running 64
netperf -H $DUT -t UDP_STREAM -- -m 1
on a 2x8x2 SKL went from 1.1Mpps to 2.5Mpps

Single stream throughput increases from 910kpps to 1.18Mpps

Baseline:
https://people.freebsd.org/~mmacy/2018.05.11/udpsender2.svg

- Protect read access to global ifnet list with epoch
https://people.freebsd.org/~mmacy/2018.05.11/udpsender3.svg

- Protect short lived ifaddr references with epoch
https://people.freebsd.org/~mmacy/2018.05.11/udpsender4.svg

- Convert if_afdata read lock path to epoch
https://people.freebsd.org/~mmacy/2018.05.11/udpsender5.svg

A fix for the inpcbhash contention is pending sufficient time
on a canary at LLNW.

Reviewed by: gallatin
Sponsored by: Limelight Networks
Differential Revision: https://reviews.freebsd.org/D15409

show more ...

ifnet: Replace if_addr_lock rwlock with epoch + mutex

Run on LLNW canaries and tested by pho@

gallatin:
Using a 14-core, 28-HTT single socket E5-2697 v3 with a 40GbE MLX5
based ConnectX 4-LX NIC, I

ifnet: Replace if_addr_lock rwlock with epoch + mutex

Run on LLNW canaries and tested by pho@

gallatin:
Using a 14-core, 28-HTT single socket E5-2697 v3 with a 40GbE MLX5
based ConnectX 4-LX NIC, I see an almost 12% improvement in received
packet rate, and a larger improvement in bytes delivered all the way
to userspace.

When the host receiving 64 streams of netperf -H $DUT -t UDP_STREAM -- -m 1,
I see, using nstat -I mce0 1 before the patch:

InMpps OMpps InGbs OGbs err TCP Est %CPU syscalls csw irq GBfree
4.98 0.00 4.42 0.00 4235592 33 83.80 4720653 2149771 1235 247.32
4.73 0.00 4.20 0.00 4025260 33 82.99 4724900 2139833 1204 247.32
4.72 0.00 4.20 0.00 4035252 33 82.14 4719162 2132023 1264 247.32
4.71 0.00 4.21 0.00 4073206 33 83.68 4744973 2123317 1347 247.32
4.72 0.00 4.21 0.00 4061118 33 80.82 4713615 2188091 1490 247.32
4.72 0.00 4.21 0.00 4051675 33 85.29 4727399 2109011 1205 247.32
4.73 0.00 4.21 0.00 4039056 33 84.65 4724735 2102603 1053 247.32

After the patch

InMpps OMpps InGbs OGbs err TCP Est %CPU syscalls csw irq GBfree
5.43 0.00 4.20 0.00 3313143 33 84.96 5434214 1900162 2656 245.51
5.43 0.00 4.20 0.00 3308527 33 85.24 5439695 1809382 2521 245.51
5.42 0.00 4.19 0.00 3316778 33 87.54 5416028 1805835 2256 245.51
5.42 0.00 4.19 0.00 3317673 33 90.44 5426044 1763056 2332 245.51
5.42 0.00 4.19 0.00 3314839 33 88.11 5435732 1792218 2499 245.52
5.44 0.00 4.19 0.00 3293228 33 91.84 5426301 1668597 2121 245.52

Similarly, netperf reports 230Mb/s before the patch, and 270Mb/s after the patch

Reviewed by: gallatin
Sponsored by: Limelight Networks
Differential Revision: https://reviews.freebsd.org/D15366

show more ...

Eliminate the overhead of gratuitous repeated reinitialization of cap_rights

- Add macros to allow preinitialization of cap_rights_t.

- Convert most commonly used code paths to use preinitialized c

Eliminate the overhead of gratuitous repeated reinitialization of cap_rights

- Add macros to allow preinitialization of cap_rights_t.

- Convert most commonly used code paths to use preinitialized cap_rights_t.
A 3.6% speedup in fstat was measured with this change.

Reported by: mjg
Reviewed by: oshogbo
Approved by: sbruno
MFC after: 1 month

show more ...

Fix kernel memory disclosure in linux_ioctl_socket

strlcpy is used to copy a string into a buffer to be copied to userland,
previously leaving uninitialized data after the terminating NUL. Zero
the

Fix kernel memory disclosure in linux_ioctl_socket

strlcpy is used to copy a string into a buffer to be copied to userland,
previously leaving uninitialized data after the terminating NUL. Zero
the buffer first to avoid a kernel memory disclosure.

admbugs: 765, 811
MFC after: 1 day
Reported by: Ilja Van Sprundel <[email protected]>
Reported by: Vlad Tsyrklevich
Sponsored by: The FreeBSD Foundation

show more ...

linux_ioctl_hdio: fix kernel memory disclosure

Stack-allocated struct linux_hd_big_geometry has undeclared padding
copied to userland.

admbugs: 765
Reported by: Vlad Tsyrklevich
MFC after: 1 day
Se

linux_ioctl_hdio: fix kernel memory disclosure

Stack-allocated struct linux_hd_big_geometry has undeclared padding
copied to userland.

admbugs: 765
Reported by: Vlad Tsyrklevich
MFC after: 1 day
Security: Kernel memory disclosure
Sponsored by: The FreeBSD Foundation

show more ...

Linuxulator: apply style(9) to return

Sponsored by: Turing Robotic Industries Inc.

Correct proper nouns in the Linuxulator

- Capitalize Linux
- Spell FreeBSD out in full
- Address some style(9) on changed lines

Sponsored by: Turing Robotic Industries Inc.

Rationalize license text on Linuxolator files

Many licenses on Linuxolator files contained small variations from the
standard FreeBSD license text. To avoid license proliferation switch to
the stan

Rationalize license text on Linuxolator files

Many licenses on Linuxolator files contained small variations from the
standard FreeBSD license text. To avoid license proliferation switch to
the standard 2-clause FreeBSD license for those files where I have
permission from each of the listed copyright holders. Additional files
waiting on permission from others are listed in review D14210.

Approved by: kan, marcel, sos, rdivacky
MFC after: 1 week
Sponsored by: The FreeBSD Foundation

show more ...

Linuxolator whitespace cleanup

A version of each of the MD files by necessity exists for each CPU
architecture supported by the Linuxolator. Clean these up so that new
architectures do not inherit

Linuxolator whitespace cleanup

A version of each of the MD files by necessity exists for each CPU
architecture supported by the Linuxolator. Clean these up so that new
architectures do not inherit whitespace issues.

Clean up shared Linuxolator files while here.

Sponsored by: Turing Robotic Industries Inc.

show more ...

sys/compat: further adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - er

sys/compat: further adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

show more ...

Add Evdev ioctl handler to the Linuxulator.

PR: 218627
Submitted by: Jan Kokemüller
Reported by: Jan Kokemüller
MFC after: 1 week

linux_ioctl: Refactor some v4l2 struct converters

According to the C standard, it is invalid to copy beyond the end of an
object, even if that object is obviously a member of a larger object (a
stru

linux_ioctl: Refactor some v4l2 struct converters

According to the C standard, it is invalid to copy beyond the end of an
object, even if that object is obviously a member of a larger object (a
struct, in this case).

Appease the standard and Coverity by refactoring the copy in a
straightforward way. No functional change.

Reported by: Coverity (CWE-120)
CIDs: 1007819, 1007820, 1007821, 1007822, 1009668, 1009669
Security: no (false positive detection)
Sponsored by: Dell EMC Isilon

show more ...

Adding SIOCGIFNAME support in Linuxulator. This should silence the console warning associated
with linux-opera:
linux: pid 23492 (opera): ioctl fd=5, cmd=0x8910 ('\M^I',16) is not implemented
linu

Adding SIOCGIFNAME support in Linuxulator. This should silence the console warning associated
with linux-opera:
linux: pid 23492 (opera): ioctl fd=5, cmd=0x8910 ('\M^I',16) is not implemented
linux: pid 23492 (opera): ioctl fd=28, cmd=0x8910 ('\M^I',16) is not implemented
...

Reviewed by: kib, marcel, dchagin
Tested with: linux-opera-12.16_3
MFC after: 1 month

show more ...

Implement BLKSSZGET ioctl for the Linuxulator.

PR: 212700
Submitted by: Erik Cederstrand
Reported by: Erik Cederstrand
MFC after: 1 week

Fix kernel stack disclosures in the Linux and 4.3BSD compat layers.

Submitted by: CTurt
Security: SA-16:20
Security: SA-16:21

Don't leak fp in case where fo_ioctl() returns an error.

Reported by: C Turt <[email protected]>
MFC after: 1 week

compat/linux: for pointers replace 0 with NULL.

plvc is a pointer, no functional change.

Found with devel/coccinelle.

The latest cp tool is trying to use the btrfs clone operation that is
implemented via ioctl interface. First of all return ENOTSUP for this
operation as a cp fallback to usual method in that case. Se

The latest cp tool is trying to use the btrfs clone operation that is
implemented via ioctl interface. First of all return ENOTSUP for this
operation as a cp fallback to usual method in that case. Secondly, do
not print out the message about unimplemented operation.

show more ...

Convert signal number to native for VT_SETMODE ioctl and remove
strange and invalid ISSIGVALID macro.
The code has not been tested right way but it was originally broken.

Move FEATURE macros for v4l and v4l2 to the common module.

Differential Revision: https://reviews.freebsd.org/D1075
Reviewed by: emaste

Introduce a new module linux_common.ko which is intended for the
following primary purposes:

1. Remove the dependency of linsysfs and linprocfs modules from linux.ko,
which will be architecture spec

Introduce a new module linux_common.ko which is intended for the
following primary purposes:

1. Remove the dependency of linsysfs and linprocfs modules from linux.ko,
which will be architecture specific on amd64.

2. Incorporate into linux_common.ko general code for platforms on which
we'll support two Linuxulator modules (for both instruction set - 32 & 64 bit).

3. Move malloc(9) declaration to linux_common.ko, to enable getting memory
usage statistics properly.

Currently linux_common.ko incorporates a code from linux_mib.c and linux_util.c
and linprocfs, linsysfs and linux kernel modules depend on linux_common.ko.

Temporarily remove dtrace garbage from linux_mib.c and linux_util.c

Differential Revision: https://reviews.freebsd.org/D1072
In collaboration with: Vassilis Laganakos.

Reviewed by: trasz

show more ...