4ccbbe5f imp Sept. 8, 2021, 2:56 a.m.
0e642632 emaste Sept. 8, 2021, 1:52 a.m.
Diff reduction against upstream: remove $FreeBSD$ tags from files where
the tag itself is the only difference from upstream.
a8b89dff cperciva Sept. 8, 2021, 1:31 a.m.
This disables testing the ACPI timer by default, forcing the use of
ACPI-fast rather than ACPI-safe.  The broken-ACPI-timers workaround
can be re-enabled by setting the hw.acpi.timer_test_enabled=1 tunable.

This speeds up the FreeBSD boot process by 140 ms on an EC2 c5.xlarge

This change will not be MFCed.

Assuming no problems are reported, acpi_timer_test, the associated
tunable, and the ACPI-safe timecounter should be removed in FreeBSD 15.

Relnotes:	The ACPI-safe timer is disabled in favour of ACPI-fast;
		if timekeeping issues are observed, please test with
		hw.acpi.timer_test_enabled=1 in loader.conf and report
		if that fixes the problem.
3c253d03 cperciva Sept. 8, 2021, 1:31 a.m.
When hw.acpi.timer_test_enabled is set to 0, this makes acpi_timer_test
return 1 without actually testing the ACPI timer; this results in the
ACPI-fast timecounter always being used rather than potentially using

The ACPI timer testing was introduced in 2002 as a workaround for
errata in Pentium II and Pentium III chipsets, and is unlikely to be
needed in 2021.

While I'm here, add TSENTER/TSEXIT to make it easier to see the time
spent on the test (if it is enabled).

Reviewed by:	allanjude, imp
MFC After:	1 week
19261079 emaste Sept. 8, 2021, 1:05 a.m.
Some notable changes, from upstream's release notes:

- sshd(8): Remove support for obsolete "host/port" syntax.
- ssh(1): When prompting whether to record a new host key, accept the key
  fingerprint as a synonym for "yes".
- ssh-keygen(1): when acting as a CA and signing certificates with an RSA
  key, default to using the rsa-sha2-512 signature algorithm.
- ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa"
  (RSA/SHA1) algorithm from those accepted for certificate signatures.
- ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F
  support to provide address-space isolation for token middleware
  libraries (including the internal one).
- ssh(1): this release enables UpdateHostkeys by default subject to some
  conservative preconditions.
- scp(1): this release changes the behaviour of remote to remote copies
  (e.g. "scp host-a:/path host-b:") to transfer through the local host
  by default.
- scp(1): experimental support for transfers using the SFTP protocol as
  a replacement for the venerable SCP/RCP protocol that it has
  traditionally used.

Additional integration work is needed to support FIDO/U2F in the base

Deprecation Notice

OpenSSH will disable the ssh-rsa signature scheme by default in the
next release.

Reviewed by:	imp
MFC after:	1 month
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D29985
c5128c48 rmacklem Sept. 8, 2021, 12:35 a.m.
Although it is not specified in the RFCs, the concept that
the NFSv4 server should reply to an RPC request within a
reasonable time is accepted practice within the NFSv4 community.

Without this patch, the NFSv4.2 server attempts to reply to
a Copy operation within 1second by limiting the copy to
vfs.nfs.maxcopyrange bytes (default 10Mbytes). This is crude at
best, given the large variation in I/O subsystem performance.

This patch adds a kernel only flag COPY_FILE_RANGE_TIMEO1SEC
that the NFSv4.2 can specify, which tells VOP_COPY_FILE_RANGE()
to return after approximately 1 second with a partial result and
implements this in vn_generic_copy_file_range(), used by

Modifying the NFSv4.2 server to set this flag will be done in
a separate patch.  Also under consideration is exposing the
COPY_FILE_RANGE_TIMEO1SEC to userland for use on the FreeBSD
copy_file_range(2) syscall.

MFC after:	2 weeks
Reviewed by:	khng
Differential Revision:	https://reviews.freebsd.org/D31829
92de7379 np Sept. 7, 2021, 11:28 p.m.
MFC after:	1 week
Sponsored by:	Chelsio Communications
83a611e0 np Sept. 7, 2021, 11:05 p.m.
This should have been added with initial T6 support many years ago.

MFC after:	1 week
Sponsored by:	Chelsio Communications
4b631fc8 melifaro Sept. 7, 2021, 9:41 p.m.
Current logic always selects an IFA of the same family from the
 outgoing interfaces. In IPv4 over IPv6 setup there can be just
 single non- ifa, attached to the loopback interface.

Create a separate rt_getifa_family() to handle entire ifa selection
 for the IPv4 over IPv6.

Differential Revision: https://reviews.freebsd.org/D31868
MFC after:	1 week
c751d067 markj Sept. 7, 2021, 9:14 p.m.
Sponsored by:	The FreeBSD Foundation
a8aa6f1f markj Sept. 7, 2021, 9:12 p.m.
This behaviour appears to date from the 4.4 BSD import.  It has two

1. The update to so_state is not protected by the socket lock, so
   concurrent updates to so_state may be lost.
2. Suppose two threads race to call connect(2) on a socket, and one
   succeeds while the other fails.  Then the failing thread may
   incorrectly clear SS_ISCONNECTING, confusing the state machine.

Simply remove the update.  It does not appear to be necessary:
pru_connect implementations which call soisconnecting() only do so after
all failure modes have been handled.  For instance, tcp_connect() and
tcp6_connect() will never return an error after calling soisconnected().
However, we cannot correctly assert that SS_ISCONNECTED is not set after
an error from soconnect() since the socket lock is not held across the
pru_connect call, so a concurrent connect(2) may have set the flag.

MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D31699
c4b44adc markj Sept. 7, 2021, 9:12 p.m.
... when applied to one-to-one-style sockets.  sctp_listen() cannot be
used to toggle the listening state of such a socket.  See RFC 6458's
description of expected listen(2) semantics for one-to-one- and
one-to-many-style sockets.

Reviewed by:	tuexen
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D31774
523d58aa markj Sept. 7, 2021, 9:12 p.m.
Now that SOCK_IO_*_LOCK() checks for listening sockets, we can eliminate
some racy SOLISTENING() checks.  No functional change intended.

Reviewed by:	tuexen
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D31660
bd4a39cc markj Sept. 7, 2021, 9:11 p.m.
Currently, most protocols implement pru_listen with something like the

	error = solisten_proto_check(so);
	if (error) {
		return (error);

solisten_proto_check() fails if the socket is connected or connecting.
However, the socket lock is not used during I/O, so this pattern is

The change modifies solisten_proto_check() to additionally acquire
socket buffer locks, and the calling thread holds them until
solisten_proto() or solisten_proto_abort() is called.  Now that the
socket buffer locks are preserved across a listen(2), this change allows
socket I/O paths to properly interlock with listen(2).

This fixes a large number of syzbot reports, only one is listed below
and the rest will be dup'ed to it.

Reported by:	syzbot+9fece8a63c0e27273821@syzkaller.appspotmail.com
Reviewed by:	tuexen, gallatin
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D31659
c67f3b8b markj Sept. 7, 2021, 7:09 p.m.
This is necessary to provide proper interlocking with listen(2), which
destroys the socket buffers.  Otherwise, code must lock the socket
itself and check SOLISTENING(so), but most I/O paths do not otherwise
need to acquire the socket lock, so the extra overhead needed to check a
rare error case is undesirable.

listen(2) calls are relatively rare.  Thus, the strategy is to have it
acquire all socket buffer locks when transitioning to a listening
socket.  To do this safely, these locks must be stable, and not
destroyed during listen(2) as they are today.  So, move them out of the
sockbuf and into the owning socket.  For the sockbuf mutexes, keep a
pointer to the mutex in the sockbuf itself, for now.  This can be
removed by replacing SOCKBUF_LOCK() etc. with macros which operate on
the socket itself, as was done for the sockbuf I/O locks.

Reviewed by:	tuexen, gallatin
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D31658