As a consequence now ice_alloc_vsi_qmap() does not fail. Remove unneeded
error checks.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45852
(cherry picked from commit 5f97656fa334b494d70866cb1bfff406d3efd92d)
As a consequence lkpi_ieee80211_ifalloc() now does not fail. Remove
unneeded NULL check.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45852
(cherry picked from commit 7bcb1228558b4325fab39616e2e3b2573a9e7da6)
`fp_malloc` is defined as a macro that redirects to `malloc`.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45852
(cherry picked from commit 6a2a385507c79abaa9db9eabfdd827362f3dc7ed)
Commit ff39d74aa9 ignored AT_NO_AUTOMOUNT for statx(), but did not
change fstat64() or newfstatat(), which also take an equivalent flags
argument. Add a linux_to_bsd_stat_flags() helper and use it in all
three places.
PR: 281526
Reviewed by: trasz
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46711
(cherry picked from commit 3cf834d069d1dcdbe464ea74624930eaf916715d)
Return errno rather than -1 on error. This allows pfctl to report much
more useful errors.
Reported by: Alexander Leidinger <Alexander@Leidinger.net>
MFC after: 1 week
(cherry picked from commit 93e96359c980ccf318fe089b30b863f7c910b622)
In 5c73b3e0a3 calls to core.loadEntropy were added to core.boot
and core.autoboot; but neither of those is invoked if we disable
the "beastie" menu. Add a core.loadEntropy call to the no-menu
path.
Reviewed by: imp
MFC after: 1 week
Sponsored by: Amazon
Fixes: 5c73b3e0a3 ("Add support for getting early entropy from UEFI")
Differential Revision: https://reviews.freebsd.org/D46637
(cherry picked from commit 74a28cf6e7f66c7c12fd25ee8231eeedf756bf08)
The EFI RNG on some platforms takes a long time if we request 2048
bytes of entropy, so we would like to request less; but our kernel
Fortuna RNG needs to be fed 2048 bytes in order to consider itself
"fully seeded". If we have between 64 bytes (the size of a single
Fortuna pool and enough to guarantee cryptographic security) and
2048 bytes (what Fortuna wants) then the boot process will hang
waiting for more entropy despite in fact having enough to operate
securely.
Since 64 bytes of entropy is plenty to be cryptographically secure
(an attack of cost ~ 2^128 is infeasible, which implies a mere 16
bytes of entropy), use PBKDF2 (aka pkcs5v2_genkey_raw) to spread
the entropy across 2048 bytes. This is secure since PBKDF2 has
the property that every subset of output bytes has within O(1) of
the maximum possible amount of entropy.
Reviewed by: pjd
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46635
(cherry picked from commit c8ebbd28aa91705aea3a67b06018ea6aef5aa6e4)
This was previously only available if GELI support was included, but I
want to use it for processing entropy from EFI
Reviewed by: imp
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46634
(cherry picked from commit 925f15731e3480fe80f580a2f7463cb5210a95c8)
This is like pkcs5v2_genkey but takes a "passphrase" as a buffer and
length rather than a NUL-terminated string.
Reviwed by: pjd
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46633
(cherry picked from commit 8ce291a335bc751e7a89691eebfb9f9da65b82ac)
Add a new loader variable entropy_efi_seed_size which defaults to 2048;
if not defined (e.g. if the /boot/lua/ is updated but /boot/defaults/
isn't) the same 2048 default will be used.
Reviewed by: Val Packett
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46632
(cherry picked from commit f4a69a933cd645e384b337db5ef2ccf41a1ddd5b)
On some systems, the EFI GetRNG is slow. Make it show up in flamecharts.
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46631
(cherry picked from commit b58fe4eb29fbd3236df0f7fdfad4393d2536dbb5)
Wrap each call to a built-in command with TSENTER/TSEXIT to make
it easier to see where time is going in the loader.
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46630
(cherry picked from commit 58ec2d0d4a3c3bcf741d9694dc7696c7b4e753b9)
Move RANDOM_FORTUNA_{NPOOLS,DEFPOOLSIZE} from fortuna.c to fortuna.h
and use RANDOM_FORTUNA_DEFPOOLSIZE in random_harvestq.c rather than
having a magic (albeit explained in a comment) number. The NPOOLS
value will be used in a later commit.
Reviewed by: cem
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46693
(cherry picked from commit 32fce09268ddd97efb4412529ba57293554c5985)
The write is only used to toggle the debug print function and this is
otherwise stateless.
(cherry picked from commit 5f6964d9fbf663f85ee60dae7dfff153b82759d8)