64fe4400 dim May 3, 2021, 8:47 p.m.
0dad05dd dim May 3, 2021, 8:45 p.m.
1c3dcf8d dim May 3, 2021, 8:43 p.m.
d134e496 dim May 3, 2021, 8:40 p.m.
b9ec6f2e dim May 3, 2021, 8:24 p.m.
64881da4 markj May 3, 2021, 5:47 p.m.
AIM (adaptive interrupt moderation) was part of BSD11 driver. Upon IFLIB
migration, AIM feature got lost. Re-introducing AIM back into IFLIB
based IXGBE driver.

One caveat is that in BSD11 driver, a queue comprises both Rx and Tx
ring. Starting from BSD12, Rx and Tx have their own queues and rings.
Also, IRQ is now only configured for Rx side. So, when AIM is
re-enabled, we should now consider only Rx stats for configuring EITR
register in contrast to BSD11 where Rx and Tx stats were considered to
manipulate EITR register.

Reviewed by:	gallatin, markj
Sponsored by:	NetApp, Inc.
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D27344
cgit
f161d294 markj May 3, 2021, 5:35 p.m.
Several protocol methods take a sockaddr as input.  In some cases the
sockaddr lengths were not being validated, or were validated after some
out-of-bounds accesses could occur.  Add requisite checking to various
protocol entry points, and convert some existing checks to assertions
where appropriate.

Reported by:	syzkaller+KASAN
Reviewed by:	tuexen, melifaro
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D29519
cgit
a3c7da3d markj May 3, 2021, 5:24 p.m.
These should never get values large enough for sign to matter, but one
of them becoming negative could cause problems.

MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D29327
cgit
1d712c05 markj May 3, 2021, 5:24 p.m.
The revision D25604 capsicumize traceroute6. For UDP the send socket was
changed from SOCK_DGRAM to SOCK_RAW and thus the UDP checksum need be
calculated by application itself other than the kernel.

outpacket is filled with zeros by line 707, thus the first round the UDP
checksum is correct. But subsequent rounds outudp->uh_sum will be left
with garbage.

PR:		255507
Reviewed by:	ae, markj, tuexen
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D30042
cgit
243b324f markj May 3, 2021, 5:24 p.m.
devvn_refthread() will initialize *devp only if it succeeds, so check for
success before comparing with fp->f_data.  Other devvn_refthread()
callers are careful to do this.

Reported by:	KMSAN
Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D30068
cgit
2b2d77e7 markj May 3, 2021, 5:24 p.m.
Some filesystems, e.g., pseudofs and the NFSv3 client, do not provide
one.

Reviewed by:	kib
Reported by:	KMSAN
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D30091
cgit
cdfcfc60 markj May 3, 2021, 5:24 p.m.
Otherwise, if !smp_started is true, then smp_rendezvous_cpus_done() will
harmlessly perform an atomic RMW on an uninitialized variable.

Reported by:	KMSAN
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
cgit
02e7a651 markj May 3, 2021, 5:24 p.m.
Reviewed by:	jhb
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D30037
cgit
7cb40543 kib May 3, 2021, 4:49 p.m.
User-supplied data might make this loop too time-consuming. Divide
directly, and handle both the possibility that we were woken up earlier,
and arithmetic overflows/underflows from the calculation.

Reported and tested by:	pho (previous version)
Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D30069
cgit
b87a5b26 dim May 3, 2021, 4:37 p.m.
Fixes:		bfc99943b04b ("ndis(4): remove as previous announced")
cgit