OPNSense/src c722f5fsys/dev/mmc mmc.c

MFC: r340495

- Restore setting the clock for devices which support the default/legacy
  transfer mode only (lost with r321385). [1]
- Similarly, don't try to set the power class on MMC devices that comply
  to version 4.0 of the system specification but are operated in default/
  legacy transfer or 1-bit bus mode as no power class is specified for
  these cases. Trying to set a power class nevertheless resulted in an -
  albeit harmless - error message.

PR:     231713 [1]
DeltaFile
+14-8sys/dev/mmc/mmc.c
+14-81 files

OPNSense/src f07063asys/dev/mmc mmcsd.c mmc.c

MFC: r333647, r338275, r338280, r338513

- If present, take advantage of the R/W cache of eMMC revision 1.5 and
  later devices. These caches work akin to the ones found in HDDs/SSDs
  that ada(4)/da(4) also enable if existent, but likewise increase the
  likelihood of data loss in case of a sudden power outage etc. On the
  other hand, write performance is up to twice as high for e. g. 1 GiB
  files depending on the actual chip and transfer mode employed.
  For maximum data integrity, the usage of eMMC caches can be disabled
  via the hw.mmcsd.cache tunable.
- Get rid of the NOP mmcsd_open().
- Obtain the bus mode (MMC or SD) from the directly superordinated
  bus rather than reaching up to the bridge and use the cached mode
  in mmcsd_delete(), too.
- Use le32dec(9) for decoding EXT_CSD values where it makes sense. [1]
- Locally cache some instance variable values in mmc_discover_cards()
  in order to improve the code readability a bit.

Obtained from:  NetBSD [1]

OPNSense/src c02d197sys/dev/mmc mmcbrvar.h

MFC: r338304

The read accessors generated by __BUS_ACCESSOR() have the problem that
they don't check the result of BUS_READ_IVAR(9) and silently return stack
garbage on failure in case a bus doesn't implement a particular instance
variable for example. With MMC bridges not providing MMCBR_IVAR_RETUNE_REQ,
yet, this in turn can cause mmc(4) to get into a state in which re-tuning
seems to be necessary but is inappropriate, causing mmc_wait_for_request()
to fail. Thus, don't use __BUS_ACCESSOR() for mmcbr_get_retune_req() and
instead provide a version of the latter which returns retune_req_none if
reading MMCBR_IVAR_RETUNE_REQ fails.

OPNSense/src c9524b0sys/dev/mmc mmc.c

Revert "MMC, HS200/HS400 support seems to break mmc legacy support, clock probing seems to 
have issues."

This reverts commit c4ec367c3d9c4c29da94411b29fe6bfa55cb5d09.
DeltaFile
+118-29sys/dev/mmc/mmc.c
+118-291 files

OPNSense/src bb9e423sys/netpfil/pf pf.c

pf: Ensure that IP addresses match in ICMP error packets

States in pf(4) let ICMP and ICMP6 packets pass if they have a
packet in their payload that matches an exiting connection.  It was
not checked whether the outer ICMP packet has the same destination
IP as the source IP of the inner protocol packet.  Enforce that
these addresses match, to prevent ICMP packets that do not make
sense.

Reported by:    Nicolas Collignon, Corentin Bayet, Eloi Vanderbeken, Luca Moro at 
Synacktiv
Obtained from:  OpenBSD
Security:       CVE-2019-5598
DeltaFile
+22-3sys/netpfil/pf/pf.c
+22-31 files

OPNSense/src a5becf7sys/netpfil/pf pf.c

pf: Ensure that IP addresses match in ICMP error packets

States in pf(4) let ICMP and ICMP6 packets pass if they have a
packet in their payload that matches an exiting connection.  It was
not checked whether the outer ICMP packet has the same destination
IP as the source IP of the inner protocol packet.  Enforce that
these addresses match, to prevent ICMP packets that do not make
sense.

Reported by:    Nicolas Collignon, Corentin Bayet, Eloi Vanderbeken, Luca Moro at 
Synacktiv
Obtained from:  OpenBSD
Security:       CVE-2019-5598
DeltaFile
+22-3sys/netpfil/pf/pf.c
+22-31 files

OPNSense/src 4ea457esys/dev/netmap if_vtnet_netmap.h

MFC r344510

netmap: remove redundant call to nm_set_native_flags()

This redundant call was introduced by mistake in r343772.

Sponsored by:   Sunny Valley Networks

OPNSense/src 8cadbe8sys/dev/netmap netmap_freebsd.c netmap.c

MFC r343579, r344253

netmap: fix lock order reversal related to kqueue usage

When using poll(), select() or kevent() on netmap file descriptors,
netmap executes the equivalent of NIOCTXSYNC and NIOCRXSYNC commands,
before collecting the events that are ready. In other words, the
poll/kevent callback has side effects. This is done to avoid the
overhead of two system call per iteration (e.g., poll() + ioctl(NIOC*XSYNC)).

When the kqueue subsystem invokes the kqueue(9) f_event callback
(netmap_knrw), it holds the lock of the struct knlist object associated
to the netmap port (the lock is provided at initialization, by calling
knlist_init_mtx).
However, netmap_knrw() may need to wake up another netmap port (or even
the same one), which means that it may need to call knote().
Since knote() needs the lock of the struct knlist object associated to
the to-be-wake-up netmap port, it is possible to have a lock order reversal
problem (AB/BA deadlock).

This change prevents the deadlock by executing the knote() call in a
per-selinfo taskqueue, where it is possible to hold a mutex.
The change also adds a counter (kqueue_users) to keep track of how many
kqueue users are referencing a given struct nm_selinfo.
In this way, nm_os_selwakeup() can schedule the kevent notification

    [6 lines not shown]

OPNSense/src f2eb6a6sys/dev/vmware/vmxnet3 vmx_netmap.h if_vmx.c

vmx(4): add native netmap support

This change adds native netmap support for the vmx(4) adapter
(vmxnet3). Native support comes for free in 12, since the driver has been
ported to iflib. To make it minimally intrusive, the native support is
only enabled if vmxnet3.netmap_native is set at boot (e.g., in loader.conf).

Tested on stable/11 running inside vmplayer.

Submitted by:   Giuseppe Lettieri <g.lettieri at iet.unipi.it>
Reviewed by:    vmaffione, bryanv
Sponsored by:   Sunny Valley Networks
Differential Revision:  https://reviews.freebsd.org/D19104

OPNSense/src e51189dsys/dev/netmap netmap_pipe.c netmap.c

MFC r343772, r343867

netmap: refactor logging macros and pipes

Changelist:
    - Replace ND, D and RD macros with nm_prdis, nm_prinf, nm_prerr
      and nm_prlim, to avoid possible naming conflicts.
    - Add netmap_krings_mode_commit() helper function and use that
      to reduce code duplication.
    - Refactor pipes control code to export some functions that
      can be reused by the veth driver (on Linux) and epair(4).
    - Add check to reject API requests with version less than 11.
    - Small code refactoring for the null adapter.

Conflicts:
        sys/dev/netmap/netmap.c

OPNSense/src b9df35csys/dev/netmap netmap_kloop.c netmap.c, sys/net netmap.h

MFC r343689

netmap: upgrade sync-kloop support

Add SYNC_KLOOP_MODE option, and add support for direct mode, where application
executes the TXSYNC and RXSYNC in the context of the ioeventfd wake up callback.

OPNSense/src 5ca1748sys/dev/netmap netmap_freebsd.c netmap_kloop.c

MFC r343549

netmap: add notifications on kloop stop

On sync-kloop stop, send a wake-up signal to the kloop, so that
waiting for the timeout is not needed.
Also, improve logging in netmap_freebsd.c.

OPNSense/src c11d725sys/dev/netmap netmap_kloop.c netmap_kern.h, sys/net netmap.h

MFC r343346

netmap: improvements to the netmap kloop (CSB mode)

Changelist:
    - Add the proper memory barriers in the kloop ring processing
      functions.
    - Fix memory barriers usage in the user helpers (nm_sync_kloop_appl_write,
      nm_sync_kloop_appl_read).
    - Fix nm_kr_txempty() helper to look at rhead rather than rcur. This
      is important since the kloop can read a value of rcur which is ahead
      of the value of rhead (see explanation in nm_sync_kloop_appl_write)
    - Remove obsolete ptnetmap_guest_write_kring_csb() and
      ptnet_guest_read_kring_csb().
    - Prepare in advance the arguments for netmap_sync_kloop_[tr]x_ring(),
      to make the kloop faster.
    - Provide kernel and user implementation for nm_ldld_barrier() and
      nm_ldst_barrier()

OPNSense/src 01059casys/dev/netmap netmap_freebsd.c netmap.c

MFC r343344

netmap: fix knote() argument to match the mutex state

The nm_os_selwakeup function needs to call knote() to wake up kqueue(9)
users. However, this function can be called from different code paths,
with different lock requirements.
This patch fixes the knote() call argument to match the relavant lock state.
Also, comments have been updated to reflect current code.

PR:     https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219846
Reported by:    Aleksandr Fedorov <aleksandr.fedorov at itglobal.com>
Reviewed by:    markj
Differential Revision:  https://reviews.freebsd.org/D18876

OPNSense/src 5359fd1sys/dev/netmap if_lem_netmap.h ixgbe_netmap.h

netmap: small cleanup on em, lem, igb, ixgbe

Replace D, ND and RD macros with the corresponding nm_pr* ones.

OPNSense/src dc1a6e6sys/dev/ixl if_ixl.c ixl.h, sys/dev/netmap if_ixl_netmap.h

ixl: remove unnecessary limitations related to netmap

Netmap supports the case where TX rings and RX rings have different size.
Remove unnecessary limitations related to netmap support, making the code
simpler.
Also, check that the value of the hw head index written back from the NIC
is valid.

Reviewed by:    erj
Differential Revision:  https://reviews.freebsd.org/D18984

OPNSense/src 0a8fd4fsys/dev/netmap netmap_monitor.c

MFC r343413

netmap: fix crash with monitors and VALE ports

Crash report described here:
    https://github.com/luigirizzo/netmap/issues/583
Fixed by providing dummy sync callback in case it is missing.

OPNSense/src f083bc4sys/netpfil/pf pf_norm.c

pf: IPv6 fragments with malformed extension headers could be erroneously passed by pf or 
cause a panic

We mistakenly used the extoff value from the last packet to patch the
next_header field. If a malicious host sends a chain of fragmented packets
where the first packet and the final packet have different lengths or number of
extension headers we'd patch the next_header at the wrong offset.
This can potentially lead to panics or rule bypasses.

Security:       CVE-2019-5597
Obtained from:  OpenBSD
Reported by:    Corentin Bayet, Nicolas Collignon, Luca Moro at Synacktiv

OPNSense/src 37e6008sys/amd64/amd64 pmap.c mpboot.S, sys/arm/include gdb_machdep.h

OPNSense/src 9cae629sys/netpfil/pf pf_norm.c

pf: IPv6 fragments with malformed extension headers could be erroneously passed by pf or 
cause a panic

We mistakenly used the extoff value from the last packet to patch the
next_header field. If a malicious host sends a chain of fragmented packets
where the first packet and the final packet have different lengths or number of
extension headers we'd patch the next_header at the wrong offset.
This can potentially lead to panics or rule bypasses.

Security:       CVE-2019-5597
Obtained from:  OpenBSD
Reported by:    Corentin Bayet, Nicolas Collignon, Luca Moro at Synacktiv

OPNSense/src 060d545sys/amd64/amd64 pmap.c mpboot.S, sys/mips/include gdb_machdep.h

OPNSense/src 2850267sys/dev/re if_re.c

re: compile on arm
DeltaFile
+4-0sys/dev/re/if_re.c
+4-01 files

OPNSense/src 7e56b64sys/dev/re if_re.c

re: compile on arm
DeltaFile
+4-0sys/dev/re/if_re.c
+4-01 files

OPNSense/src 3644549usr.sbin Makefile

Revert "pmcstat: that doesn't make any sense..."

This reverts commit 7913071e4c5a9e09fab097d50af7c695377b4136.

Revert "uathload: same as previous"

This reverts commit 9c051fee57a1e1c13b9a9bae7555d1c548eda9b8.

Revert "nghook: disable compilation, armv6 issue and usused"

This reverts commit 2160e45071f999387fef62f79b5a46483450ae5a.
DeltaFile
+0-6usr.sbin/Makefile
+0-61 files

OPNSense/src 7913071usr.sbin Makefile

pmcstat: that doesn't make any sense...
DeltaFile
+2-0usr.sbin/Makefile
+2-01 files

OPNSense/src 9c051feusr.sbin Makefile

uathload: same as previous
DeltaFile
+5-2usr.sbin/Makefile
+5-21 files

OPNSense/src 2160e45usr.sbin Makefile

nghook: disable compilation, armv6 issue and usused

PR: https://github.com/opnsense/tools/issues/113
DeltaFile
+2-1usr.sbin/Makefile
+2-11 files

OPNSense/src 428416b. UPDATING, sys/conf newvers.sh

UPDATING and newvers entries for 11.2-p9

Approved by:    so
Security:       FreeBSD-SA-19:01.syscall

OPNSense/src 2bfe52esys/amd64/amd64 exception.S

amd64: clear callee-preserved registers on syscall exit

Submitted by:   kib
Approved by:    so
Security:       CVE-2019-5595
Security:       FreeBSD-SA-19:01.syscall

OPNSense/src 10d5d42sys/amd64/amd64 exception.S

amd64: clear callee-preserved registers on syscall exit

Submitted by:   kib
Approved by:    so
Security:       CVE-2019-5595
Security:       FreeBSD-SA-19:01.syscall

OPNSense/src cde60ca. UPDATING, sys/conf newvers.sh

UPDATING and newvers entries for 11.2-p9

Approved by:    so
Security:       FreeBSD-SA-19:01.syscall

OPNSense/src 31af16dsys/dev/mmc mmc.c

MMC, HS200/HS400 support seems to break mmc legacy support, clock probing seems to have 
issues.

Original source 
https://github.com/freebsd/freebsd/commit/398d5fc6afb7ce20f0cf9ecc4fe286e72afdbf29

This commit resets mmc_calculate_clock() to it's original behaviour.
DeltaFile
+29-118sys/dev/mmc/mmc.c
+29-1181 files

OPNSense/src c4ec367sys/dev/mmc mmc.c

MMC, HS200/HS400 support seems to break mmc legacy support, clock probing seems to have 
issues.

Original source 
https://github.com/freebsd/freebsd/commit/398d5fc6afb7ce20f0cf9ecc4fe286e72afdbf29

This commit resets mmc_calculate_clock() to it's original behaviour.
DeltaFile
+29-118sys/dev/mmc/mmc.c
+29-1181 files

OPNSense/src 2a379b1. UPDATING, sys/conf newvers.sh

UPDATING and newvers entries for 11.2-p8

Approved by:    so
Security:       FreeBSD-EN-19:03.sqlite
Security:       FreeBSD-EN-19:04.tzdata
Security:       FreeBSD-EN-19:05.kqueue
DeltaFile
+11-0UPDATING
+1-1sys/conf/newvers.sh
+12-12 files

OPNSense/src 354c524sys/kern kern_event.c

MFS11 r340904: Avoid unsynchronized updates to kn_status.

Approved by:    so
Security:       FreeBSD-EN-19:05.kqueue
DeltaFile
+13-8sys/kern/kern_event.c
+13-81 files

OPNSense/src e26db71contrib/tzdata asia australasia

MFS11 r342668: Import tzdata 2018h, 2018i

Approved by:    so
Security:       FreeBSD-EN-19:04.tzdata

OPNSense/src 5cd0cd1contrib/sqlite3 sqlite3.c shell.c, contrib/sqlite3/tea/generic tclsqlite3.c

MFS11 r342292: MFC r333352 & r342183:

r333352: Update private sqlite from sqlite3-3.20.0 to sqlite3-3.23.1
r342183: Update sqlite3-3.23.1 --> sqlite3-3.26.0 (3260000)

PR:            234113
Approved by:    so
Security:       FreeBSD-EN-19:03.sqlite

OPNSense/src 2a5391acontrib/sqlite3 sqlite3.c shell.c, contrib/sqlite3/tea/generic tclsqlite3.c

MFS11 r342292: MFC r333352 & r342183:

r333352: Update private sqlite from sqlite3-3.20.0 to sqlite3-3.23.1
r342183: Update sqlite3-3.23.1 --> sqlite3-3.26.0 (3260000)

PR:            234113
Approved by:    so
Security:       FreeBSD-EN-19:03.sqlite

OPNSense/src b652cc9sys/kern kern_event.c

MFS11 r340904: Avoid unsynchronized updates to kn_status.

Approved by:    so
Security:       FreeBSD-EN-19:05.kqueue
DeltaFile
+13-8sys/kern/kern_event.c
+13-81 files

OPNSense/src f44a7c3. UPDATING, sys/conf newvers.sh

UPDATING and newvers entries for 11.2-p8

Approved by:    so
Security:       FreeBSD-EN-19:03.sqlite
Security:       FreeBSD-EN-19:04.tzdata
Security:       FreeBSD-EN-19:05.kqueue
DeltaFile
+11-0UPDATING
+1-1sys/conf/newvers.sh
+12-12 files

OPNSense/src 97ea9c0contrib/tzdata asia australasia

MFS11 r342668: Import tzdata 2018h, 2018i

Approved by:    so
Security:       FreeBSD-EN-19:04.tzdata

OPNSense/src 85f6989sys/dev/netmap netmap.c

netmap: disable this notice again

If it's full it's full.  No use telling dmesg on every other packet.

OPNSense/src 0ac3343sys/dev/netmap netmap.c

MFC r342368, r342369

netmap: fix bug in netmap_poll() optimization

The bug was introduced by r339639, although it is present in the upstream
netmap code since 2015. It is due to resetting the want_rx variable to
POLLIN, rather than resetting it to POLLIN|POLLRDNORM.
It only affects select(), which uses POLLRDNORM. poll() is not affected,
because it uses POLLIN.
Also, it only affects FreeBSD, because Linux skips the optimization
implemented by the piece of code where the bug occurs.
To check if txsync can be skipped, it is necessary to look for
unseen TX space. However, this means comparing ring->cur
against ring->tail, rather than ring->head against ring->tail
(like nm_ring_empty() does).

Sponsored by:   Sunny Valley Networks
DeltaFile
+22-12sys/dev/netmap/netmap.c
+22-121 files

OPNSense/src 63bafd8sys/dev/netmap netmap.c netmap_kern.h

MFC r342300

netmap: move buf_size validation code to its own function

This code validates the netmap buf_size against the interface MTU
and maximum descriptor size, to make sure the values are consistent.
Moving this functionality to its own function is needed because this
function is also called by Linux-specific code.

OPNSense/src b3e0b7bsys/dev/netmap netmap_pipe.c

MFC r342299

netmap: pipes: make sure both ends use the same number of slots

OPNSense/src ba193f3sys/dev/netmap netmap_kloop.c

MFC r341992

netmap: fix warning in netmap_kloop.c

Reported by:    markj

OPNSense/src 72fc511sys/dev/netmap netmap.c

MFC r341624

netmap: netmap_transmit should honor bpf packet tap hook

This allows tcpdump to capture outbound kernel packets while
in netmap mode

Submitted by:   Marc de la Gueronniere <mdelagueronniere at verisign.com>
Reviewed by:    vmaffione
MFC after:      1 week
Sponsored by:   Verisign, Inc.
Differential Revision:  https://reviews.freebsd.org/D17896

OPNSense/src f7502f7sys/dev/netmap netmap_kloop.c netmap.c, sys/net netmap_virt.h

MFC r341516, r341589

netmap: align codebase to the current upstream (760279cfb2730a585)

Changelist:
  - Replace netmap passthrough host support with a more general
    mechanism to call TXSYNC/RXSYNC from an in-kernel event-loop.
    No kernel threads are used to use this feature: the application
    is required to spawn a thread (or a process) and issue a
    SYNC_KLOOP_START (NIOCCTRL) command in the thread body. The
    kernel loop is executed by the ioctl implementation, which returns
    to userspace only when a different thread calls SYNC_KLOOP_STOP
    or the netmap file descriptor is closed.
  - Update the if_ptnet driver to cope with the new data structures,
    and prune all the obsolete ptnetmap code.
  - Add support for "null" netmap ports, useful to allocate netmap_if,
    netmap_ring and netmap buffers to be used by specialized applications
    (e.g. hypervisors). TXSYNC/RXSYNC on these ports have no effect.
  - Various fixes and code refactoring.

Sponsored by:   Sunny Valley Networks
Differential Revision:  https://reviews.freebsd.org/D18015

OPNSense/src e5eae90sys/modules/netmap Makefile

netmap: fix module Makefile

Reported by:    mav

OPNSense/src cef2939sys/dev/netmap netmap_freebsd.c

MFC r341144

netmap: set IFCAP_NETMAP in if_capabilities

Revision r307394 removed (by mistake) the code that sets IFCAP_NETMAP
in if_capabilities on netmap_attach. This patch reverts this change.

Reviewed by:    np
Approved by:    gnn (mentor)
Differential Revision:  https://reviews.freebsd.org/D17987