OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. This
change makes sure the FIPS module matches build instructions used for
libcrypto.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. This
change adds mandatory source files to every provider.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. One
such provider, "fips", ships with OpenSSL 3 directly, and groups
algorithms that can be FIPS 140-2 validated.
The import of OpenSSL 3.0.9 was building this provider incorrectly,
missing symbols required for proper operation.
In addition, without the change in OpenSSL's crypto/bn/bn_const.c, the
FIPS module fails loading: `Undefined symbol "ossl_bignum_modp_1536_p"`.
This change is consistent with crypto/bn/bn_dh.c though.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. One
such provider, "legacy", ships with OpenSSL 3 directly, and groups
obsoleted algorithms that can still optionally be used anyway.
The import of OpenSSL 3.0.9 was building this provider incorrectly,
missing symbols required for proper operation.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
Although we care more about the CN of a certificate than its status
(for purpose of reporting), we should skip if we have errors decoding.
Reviewed by: stevek
Sponsored by: Juniper Networks, Inc.
To that end add __enum_uint8_decl and __enum_uint8.
By default enums take 4 bytes, but vast majority of them have values
which would fit in a byte.
One can try to workaround the problem by using bitfields, like so:
enum some_small_enum foo:8;
but that's ugly and runs into trouble when using atomic_load (you can't
take an address of a bitfield, even if it is sized to a multiply of a
byte).
Both gcc 13 and clang support specifying the size, and for older
variants one can fallback to the "packed" attribute.
Names are mangled in order to avoid mix use with plain enum.
Reviewed by:
Differential Revision: https://reviews.freebsd.org/D39031
Argument unused since commit 93a0ba8f49.
Rename it to enforce_lkflags(), which seems to more aptly describe what it does.
[mjg: massaged the commit message a little]
Reviewed by: kib, markj
Differential Revision: https://reviews.freebsd.org/D40848
This will be used by bhyve and will allow the size to change, e.g. for SVE.
Reviewed by: markj
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D40131
In get_kernel_reg_masked we use update_lower_register to get the lower
value of two registers for a given field. It will return the entire
register value with just the single field updated.
Because of this get_kernel_reg_masked needs to use the returned value
directly rather than ORing each field together. Fix this by updating
the mask and returning that from get_kernel_reg_masked.
Reviewed by: markj
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D40846
They break the !amd64 builds due to an underspecified include path and
will be re-applied once that's fixed.
Reported by: Ronald Klop <ronald-lists@klop.ws>
Add support for LAN port found on Thinkpad Hybrid USB-C with USB-A dock.
While here fix a small typo
- s/UBS/USB/
Sponsored by: Technical University of Munich
Reviewed by: markj
MFC after: 2 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/791
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. This
change makes sure the FIPS module matches build instructions used for
libcrypto.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. This
change adds mandatory source files to every provider.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. One
such provider, "fips", ships with OpenSSL 3 directly, and groups
algorithms that can be FIPS 140-2 validated.
The import of OpenSSL 3.0.9 was building this provider incorrectly,
missing symbols required for proper operation.
In addition, without the change in OpenSSL's crypto/bn/bn_const.c, the
FIPS module fails loading: `Undefined symbol "ossl_bignum_modp_1536_p"`.
This change is consistent with crypto/bn/bn_dh.c though.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
OpenSSL 3 supports a modular architecture, allowing different providers
to bring specific implementations of cryptographical algorithms. One
such provider, "legacy", ships with OpenSSL 3 directly, and groups
obsoleted algorithms that can still optionally be used anyway.
The import of OpenSSL 3.0.9 was building this provider incorrectly,
missing symbols required for proper operation.
Sponsored by: The FreeBSD Foundation
Pull Request: https://github.com/freebsd/freebsd-src/pull/787
before calling vn_fullpath_hardlink(). Otherwise we get random failures
when the len is automatically clipped.
Reported and tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Search for and print kernel symbols in case a register's value is a
kernel address. Also improve column alignment.
Reviewed by: mhorne, jhb
Approved by: markj (mentor)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40829
Needed by the forthcoming RISC-V and ARM64 ports.
Reviewed by: markj
Approved by: markj (mentor)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40872
Bug Fixes:
* Initialize statistics before the interface is available
* Fix driver unload crash
Minor Changes:
* Mechanically convert ena(4) to DrvAPI
* Remove usage of IFF_KNOWSEPOCH
MFC after: 2 weeks
Sponsored by: Amazon, Inc.
When ena_detach is called, we first call ether_ifdetach(),
which destroys internal addresses of ifp. One such address
is ifp->if_addr->ifa_addr. Then during ena_destroy_device(),
if_link_state_change() is called, eventually trying to access
ifp->if_addr->ifa_addr->sa_family. This causes an access
to garbage memory and crashes the kernel.
Ticket [1] was opened to the FreeBSD community to add null
check in the code of if_link_state_change().
A fix was submitted in commit [2], however it was noted
that it is our driver's responsibilty to not call
if_link_state_change() after calling ether_ifdetach().
This commit makes sure if_link_state_change() is not called
after ether_ifdetach().
[1]: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270813
[2]: https://reviews.freebsd.org/D39614
Fixes: 32f63fa7f9 ("Split ENA reset routine into restore and destroy stages")
MFC after: 2 weeks
Sponsored by: Amazon, Inc.
In [1], the FBSD community exposed a bug in the fbsd/ena driver.
Bug description:
----------------
Current function call order is as follows:
1. ena_attach()
1.1. ena_setup_ifnet()
1.1.1. Registration of ena_get_counter()
1.1.2. ether_ifattach(ifp, adapter->mac_addr);
1.2. Statistics allocation and initialization.
At point 1.1.2, when ether_ifattach() returns, the interface is available,
and stats can be read before they are allocated, leading to kernel panic.
Also fixed a potential memory leak by freeing the stats since they were
not freed in case the following calls failed.
Fix:
----
This commit moves the statistics allocation and initialization to happen
before ena_setup_ifnet()
[1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268934
Fixes: 9b8d05b8ac ("Add support for Amazon Elastic Network Adapter (ENA) NIC")
Fixes: 30217e2dff ("Rework counting of hardware statistics in ENA driver")
MFC after: 2 weeks
Sponsored by: Amazon, Inc.
When we are sending terminating signal to the group, killpg() needs to
guarantee that all group members are to be terminated (it does not need
to ensure that they are terminated on return from killpg()). The
pg_killsx change eliminates the largest window there, but still, if a
multithreaded process is signalled, the following could happen:
- thread 1 is selected for the signal delivery and gets descheduled
- thread 2 waits for pg_killsx lock, obtains it and forks
- thread 1 continue executing and terminates the process
This scenario allows the child to escape still.
To fix it, count the number of signals sent to the process with
killpg(2), in p_killpg_cnt variable, which is incremented in killpg()
and decremented after signal handler frame is created or in exit1()
after single-threading. This way we avoid forking if the termination is
due.
Noted and reviewed by: markj (previous version)
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D40493
If the process group member performs fork(), the child could escape
signalling from killpg(). Prevent it by introducing an sx process group
lock pg_killsx which is taken interruptibly shared around fork. If there
is a pending signal, do the trip through userspace with ERESTART to
handle signal ASTs. The lock is taken exclusively during killpg().
The lock is also locked exclusive when the process changes group
membership, to avoid escaping a signal by this means, by ensuring that
the process group is stable during fork.
Note that the new lock is before proctree lock, so in some situations we
could only do trylocking to obtain it.
This relatively simple approach cannot work for REAP_KILL, because
process potentially belongs to more than one reaper tree by having
sub-reapers.
Reported by: dchagin
Tested by: dchagin, pho
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D40493
Use long instead of int for numerous calculations, fixing a number of
date calculation overflow issues.
Obtained from: DragonflyBSD
Git log: 4238ce6f0c6df33ce677ae298b245c62cd60fb43 (only partial)
Most architectures we support (except for riscv64) have instructions
to compute these functions very quickly. Replace old code with the
ffs and clz builtin functions, allowing clang to generate good code
for all architectures.
As a consequence, toss out arm and i386 ffs() implementations.
Sponsored by: FreeBSD Foundation
Approved by: mhorne
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D40730
Also supply CFLAGS+=-fno-builtin to ensure our unit tests
actually test libc functions and not clang's builtins.
Sponsored by: FreeBSD Foundation
Approved by: kevans
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D40729
Build a setup where a given packet will be passed through the codel code
twice. This used to trigger issues with double-free on mtags.
Sponsored by: Rubicon Communications, LLC ("Netgate")
If we're called on an mbuf that's passed through codel before it may
already contain the MTAG_CODEL tag. The code accounts for this and does
not allocate a new mtag. However, it inserts the mtag unconditionally.
That is, it inserts the existing mtag a second time.
When the mbuf later gets freed we iterate over the list of mtags to fee
them one by one, and we'll end up freeing an mtag that's already been
freed.
Only insert the mtag if we've allocated a new one. If we found one
there's no need to insert it again.
See also: https://redmine.pfsense.org/issues/14497
Sponsored by: Rubicon Communications, LLC ("Netgate")
