Page MenuHomeFreeBSD

jhb (John Baldwin)
User

Projects (8)

User Details

User Since
Mar 11 2014, 8:46 PM (329 w, 2 d)

Recent Activity

Today

jhb committed rS362902: Consolidate duplicated logic in csu Makefiles to lib/csu/Makefile.inc..
Consolidate duplicated logic in csu Makefiles to lib/csu/Makefile.inc.
Fri, Jul 3, 12:09 AM
jhb closed D25537: Consolidate duplicated logic in csu Makefiles to lib/csu/Makefile.inc..
Fri, Jul 3, 12:09 AM

Yesterday

jhb updated the diff for D25537: Consolidate duplicated logic in csu Makefiles to lib/csu/Makefile.inc..
  • Centralize MI CTRT1OBJS.
Thu, Jul 2, 11:11 PM

Wed, Jul 1

jhb accepted D25312: Relax the rule against declaring variables in nested scopes..

I think this is probably consistent with a fair bit of code in the tree which does use patterns like

Wed, Jul 1, 8:45 PM
jhb added a comment to D25417: Add a driver for the SafeXcel EIP-97..

The OCF interface looks fine to me. Supporting separate output and separate AAD is optional. For IPsec separate AAD will be more meaningful once the semi half folks land ESN support. (ESN uses a 64-bit sequence number where the upper 32-bits are implicit and never sent on the wire, so not in the mbuf.)

Wed, Jul 1, 8:40 PM
jhb added inline comments to D25417: Add a driver for the SafeXcel EIP-97..
Wed, Jul 1, 8:38 PM
jhb added a comment to D25531: riscv plic: Do not complete interrupts until the interrupt handler has run.

FWIW, the general strategy on x86 and other platforms is to mask the interrupt in the PIC in the "pre_ithread" hook and later re-enable it in the PIC again in the "post_ithread" hook. Both "pre_ithread" and "post_filter" send an EOI as they are the only ones guaranteed to run synchronously on the CPU which received the interrupt. MSI alleviates the need for masking on most platforms since it is effectively edge triggered so actual level-triggered interrupts are rare on many modern systems. I'm not quite sure how that model translates to the PLIC, but on the surface reading the description of this commit seems to imply it is not doing the same thing at all. The reason we did this on x86 is that the EOI was global and could not be deferred to post_ithread. If you don't have a global EOI but instead are free to get additional interrupts (including additional lower priority interrupts) while the interrupt is not claimed, then I think your commit will work fine. However, if a high priority interrupt (PLIC priority) blocks other interrupts then you are letting that ithread starve the filters, etc. for other devices which is probably not ideal.

Wed, Jul 1, 6:20 PM
jhb accepted D25532: Use tdfind() in pget()..
Wed, Jul 1, 6:12 PM
jhb committed rP540986: Cleanup a few things in emulators/qemu-cheri. No functional change..
Cleanup a few things in emulators/qemu-cheri. No functional change.
Wed, Jul 1, 6:09 PM
jhb closed D25529: Cleanup a few things in emulators/qemu-cheri. No functional change..
Wed, Jul 1, 6:09 PM
jhb added a comment to D25537: Consolidate duplicated logic in csu Makefiles to lib/csu/Makefile.inc..

I got tired of reworking the crt changes with lots of conflicts as I moved the ABI tag note around, so wanted to pause and simplify the build glue first so that the diffs would be smaller and more obvious.

Wed, Jul 1, 5:16 PM
jhb requested review of D25537: Consolidate duplicated logic in csu Makefiles to lib/csu/Makefile.inc..
Wed, Jul 1, 5:13 PM

Tue, Jun 30

jhb added inline comments to D25529: Cleanup a few things in emulators/qemu-cheri. No functional change..
Tue, Jun 30, 11:14 PM
jhb requested review of D25529: Cleanup a few things in emulators/qemu-cheri. No functional change..
Tue, Jun 30, 11:13 PM
jhb added inline comments to D25417: Add a driver for the SafeXcel EIP-97..
Tue, Jun 30, 10:12 PM
jhb accepted D25454: cxgbe(4): changes in the Tx path to help increase tx coalescing..

As far as I understand it, this looks ok to me.

Tue, Jun 30, 9:39 PM
jhb accepted D24784: Avoid rebuilding libpmc in every incremental rebuild.
Tue, Jun 30, 4:51 PM
jhb added inline comments to D25514: Add a new security/isal-kmod port..
Tue, Jun 30, 4:48 PM
jhb accepted D25493: Replace OPENSSL_NO_SSL3_METHODs with dummies.

I believe this is correct. I think you only put things in Symbol.map if you want them public for when you link new binaries. We use __sym_compat without any corresponding Symbol.map entries for other compat shims in libc (e.g. fts* symbols in lib/libc/gen/Symbol.map are only the latest FBSD1.5 version and don't include the legacy versions for FBSD1.0 and FBSD1.1.)

Tue, Jun 30, 4:46 PM

Mon, Jun 29

jhb added a reviewer for D25514: Add a new security/isal-kmod port.: kevans.
Mon, Jun 29, 11:00 PM
jhb added a comment to D25514: Add a new security/isal-kmod port..

This might get some more testing of the driver before it should be committed, but this isn't a bad place to coordinate testing if others are interested in testing I suppose. On my wimpy little 4-core Haswell box KTLS with aesni was able to push about 35 Gbps in a simple https benchmark vs 41-42 Gbps with this module (and 42-43 Gbps with the KTLS-specific ktls-isa_l-crypto-kmod port).

Mon, Jun 29, 11:00 PM
jhb requested review of D25514: Add a new security/isal-kmod port..
Mon, Jun 29, 10:57 PM
jhb committed rS362785: Stop using STATIC_CFLAGS..
Stop using STATIC_CFLAGS.
Mon, Jun 29, 5:19 PM
jhb closed D25305: Stop using STATIC_CFLAGS..
Mon, Jun 29, 5:19 PM
jhb updated subscribers of D25493: Replace OPENSSL_NO_SSL3_METHODs with dummies.

It's probably worth seeing what other distros do. I'd probably be inclined to just return NULL as well. Some old software might call all of these methods even if it ends up using TLS 1.x instead, so the abort might be overkill. (I ran into things like this with the deprecation warnings for old crypto since OpenSSL in stable/10 would just open /dev/crypto and try to create sessions for all algos even if it didn't end up using any of them).

Mon, Jun 29, 4:36 PM

Sat, Jun 27

jhb added inline comments to D25488: Document new kern.tty_info_kstacks tunable..
Sat, Jun 27, 6:08 PM

Fri, Jun 26

jhb committed rS362660: Only include object files from .ALLSRC when linking crt1 objects..
Only include object files from .ALLSRC when linking crt1 objects.
Fri, Jun 26, 7:46 PM
jhb closed D25469: Only include object files from .ALLSRC when linking crt1 objects..
Fri, Jun 26, 7:46 PM
jhb accepted D25464: Remove CRYPTO_TIMING..
Fri, Jun 26, 7:28 PM
jhb added a comment to D25304: Include ABI note tag in shared libraries..
In D25304#562386, @kib wrote:
In D25304#562372, @jhb wrote:

It also affects what OSABI GDB assigns if you do 'file /path/to/dso' or 'add-symbol-file /path/to/dso'. Mostly this would matter in the context of GDB used on a non-FreeBSD host (on FreeBSD hosts the fallback default OSABI is FreeBSD, so when you fail to recognize a shared library, it ends up still working due to the accident).

Removing the EI_OSABI check on aarch64 and riscv64 means ldd would try to dlopen() Linux shared libraries on those platforms instead of erroring out.

I would say that this is all cosmetics, but I see that you do not agree.
Then I suggest trying the comdat idea to put the ABI note into both crt1.o and crti.o, to keep crt1.o self-contained ABI marker.

Fri, Jun 26, 7:23 PM
jhb added a comment to D25459: domain: make it safer to add domains post-domainfinalize.

I suspect it is less deliberate and it's probably worth looking into to see if we can reverse them. To be honest, what most other subsystems would do is use a single SYSINIT that initialized the object and then added it to the list (e.g. the module handler for device driver modules). If domains were per-VNET that would be trivial. As it is, you probably want to init on all VNETs first via the existing separate SYSINITs before the domain_add.

Fri, Jun 26, 7:20 PM
jhb added a comment to D25304: Include ABI note tag in shared libraries..

It also affects what OSABI GDB assigns if you do 'file /path/to/dso' or 'add-symbol-file /path/to/dso'. Mostly this would matter in the context of GDB used on a non-FreeBSD host (on FreeBSD hosts the fallback default OSABI is FreeBSD, so when you fail to recognize a shared library, it ends up still working due to the accident).

Fri, Jun 26, 6:41 PM
jhb added a comment to D25469: Only include object files from .ALLSRC when linking crt1 objects..

We already use a slightly different pattern (ALLSRC:N:*.h:[1]) in csu/Makefile.inc without a comment, and also not sure what the comment would say? I am hopeful if I can get some of the other reviews in this train all landed that I can move most of this duplicated logic up into csu/Makefile.inc anyway at which point there would be a single instance of this command.

Fri, Jun 26, 6:36 PM
jhb accepted D25465: Remove unused 32-bit compatibility structures from cryptodev..

Technically timespec32 != timespec for amd64 since i386 uses uint32_t for time_t? However, it seems no one bothered to add the 32-bit compat support shims anyway, so fine to remove.

Fri, Jun 26, 6:34 PM
jhb accepted D25464: Remove CRYPTO_TIMING..
Fri, Jun 26, 6:32 PM
jhb accepted D25466: Convert cryptostats to a counter_u64 array..
Fri, Jun 26, 6:31 PM
jhb updated subscribers of D25459: domain: make it safer to add domains post-domainfinalize.

Actually, why do we add the domain to the list via domain_add() before calling domain_init()? If we do domain_init() before domain_add() then doesn't that fix the issue? It would mean swapping the order of the SYSINIT's in DOMAIN_SET and VNET_DOMAIN_SET, but presumably none of the domain init routines really care that they are on the global list yet?

Fri, Jun 26, 6:28 PM
jhb requested review of D25469: Only include object files from .ALLSRC when linking crt1 objects..
Fri, Jun 26, 4:55 PM
jhb committed rS362637: Reduce contention on per-adapter lock..
Reduce contention on per-adapter lock.
Fri, Jun 26, 12:01 AM
jhb closed D25457: Reduce contention on per-adapter lock..
Fri, Jun 26, 12:01 AM
jhb added reviewers for D25440: Use explicit_bzero() instead of bzero() for hash context state.: avg, mav.
Fri, Jun 26, 12:00 AM

Thu, Jun 25

jhb closed D25443: Simplify IPsec transform-specific teardown..
Thu, Jun 25, 11:59 PM
jhb committed rS362636: Simplify IPsec transform-specific teardown..
Simplify IPsec transform-specific teardown.
Thu, Jun 25, 11:59 PM
jhb committed rS362635: Enter and exit the network epoch for async IPsec callbacks..
Enter and exit the network epoch for async IPsec callbacks.
Thu, Jun 25, 11:57 PM
jhb closed D25444: Enter and exit the network epoch for async IPsec callbacks..
Thu, Jun 25, 11:57 PM
jhb added inline comments to D25304: Include ABI note tag in shared libraries..
Thu, Jun 25, 10:57 PM
jhb requested review of D25457: Reduce contention on per-adapter lock..
Thu, Jun 25, 9:24 PM
jhb updated the summary of D25304: Include ABI note tag in shared libraries..
Thu, Jun 25, 9:18 PM
jhb added inline comments to D25304: Include ABI note tag in shared libraries..
Thu, Jun 25, 9:17 PM
jhb updated the diff for D24628: Add support for KTLS RX via software decryption..
  • Rebase.
  • Update for separate output buffer changes.
  • Use separate AAD support to remove duplicate iovec.
  • Pass the mbuf chain down to the decryption backends.
  • Compile.
Thu, Jun 25, 9:14 PM
jhb added inline comments to D24628: Add support for KTLS RX via software decryption..
Thu, Jun 25, 9:12 PM
jhb removed a reviewer for D25443: Simplify IPsec transform-specific teardown.: cem.
Thu, Jun 25, 9:02 PM
jhb updated the summary of D25443: Simplify IPsec transform-specific teardown..
Thu, Jun 25, 9:02 PM
jhb updated the diff for D25443: Simplify IPsec transform-specific teardown..
  • Restore an empty tcpsignature_cleanup.
  • Restore some NULL pointer assignments.
Thu, Jun 25, 9:00 PM
jhb added inline comments to D25443: Simplify IPsec transform-specific teardown..
Thu, Jun 25, 8:56 PM
jhb added a comment to D25443: Simplify IPsec transform-specific teardown..
In D25443#562018, @jhb wrote:
In D25443#562009, @jhb wrote:

I'm not 100% comfortable with the removal of these = NULL's but it appears that the code didn't cared about their value being non-zero, so the change as-is seemed Okay.

I'd probably change key_cleansav() to perform a bzero on the whole 'sav' structure and remove all sav->* = NULL, but that's only a personal preference.

I'd be fine doing a single zero of the sav. I'd much rather do that centralized than the current approach of partial clearing scattered about. I do think that in all these cases we are doing a zero just before freeing, and that none of these pointers being cleared currently are sensitive in the sense of requiring explicit_bzero().

Hmm, this is not quite trivial. Some fields like sav->lock and sav->lftc_c probably need to not be zeroed in key_cleansav. Some of that I can fix by moving key_cleansav down in key_delsav just before the free and in that case we could even use zfree. This would potentially permit removing many of the NULL assignments from key_cleansav. However, key_cleansav is also called for the error case for key_setsaval. Hmm, looking at that more though, if that errors the key always gets freed, and in one of those cases we effectively duplicate key_freeval. Maybe I can clean this up.

Thu, Jun 25, 8:52 PM
jhb added a comment to D25443: Simplify IPsec transform-specific teardown..
In D25443#562009, @jhb wrote:

I'm not 100% comfortable with the removal of these = NULL's but it appears that the code didn't cared about their value being non-zero, so the change as-is seemed Okay.

I'd probably change key_cleansav() to perform a bzero on the whole 'sav' structure and remove all sav->* = NULL, but that's only a personal preference.

I'd be fine doing a single zero of the sav. I'd much rather do that centralized than the current approach of partial clearing scattered about. I do think that in all these cases we are doing a zero just before freeing, and that none of these pointers being cleared currently are sensitive in the sense of requiring explicit_bzero().

Thu, Jun 25, 8:47 PM
jhb committed rS362632: Use zfree() to explicitly zero IPsec keys..
Use zfree() to explicitly zero IPsec keys.
Thu, Jun 25, 8:31 PM
jhb closed D25442: Use zfree() to explicitly zero IPsec keys..
Thu, Jun 25, 8:31 PM
jhb added a comment to D25443: Simplify IPsec transform-specific teardown..

I'm not 100% comfortable with the removal of these = NULL's but it appears that the code didn't cared about their value being non-zero, so the change as-is seemed Okay.

I'd probably change key_cleansav() to perform a bzero on the whole 'sav' structure and remove all sav->* = NULL, but that's only a personal preference.

Thu, Jun 25, 8:29 PM
jhb added a comment to D25442: Use zfree() to explicitly zero IPsec keys..

I think setting tdb_xform to NULL is no longer needed (as they are about to be done by the caller anyway).

Thu, Jun 25, 8:27 PM
jhb committed rS362629: Use explicit_bzero() instead of bzero() for sensitive data..
Use explicit_bzero() instead of bzero() for sensitive data.
Thu, Jun 25, 8:25 PM
jhb closed D25441: Use explicit_bzero() instead of bzero() for sensitive data..
Thu, Jun 25, 8:25 PM
jhb closed D25439: Explicitly zero the temporary auth context used to generate HMAC state..
Thu, Jun 25, 8:23 PM
jhb committed rS362628: Explicitly zero the temporary auth context used to generate HMAC state..
Explicitly zero the temporary auth context used to generate HMAC state.
Thu, Jun 25, 8:22 PM
jhb committed rS362627: Explicitly zero hash results and context in glxsb_authcompute()..
Explicitly zero hash results and context in glxsb_authcompute().
Thu, Jun 25, 8:21 PM
jhb closed D25438: Explicitly zero hash results and context in glxsb_authcompute()..
Thu, Jun 25, 8:21 PM
jhb committed rS362626: Use zfree() instead of bzero() and free()..
Use zfree() instead of bzero() and free().
Thu, Jun 25, 8:20 PM
jhb closed D25437: Use zfree() instead of bzero() and free()..
Thu, Jun 25, 8:20 PM
jhb committed rS362625: Zero the temporary HMAC key in hmac_init_pad()..
Zero the temporary HMAC key in hmac_init_pad().
Thu, Jun 25, 8:19 PM
jhb closed D25436: Zero the temporary HMAC key in hmac_init_pad()..
Thu, Jun 25, 8:19 PM
jhb closed D25435: Use zfree() instead of explicit_bzero() and free()..
Thu, Jun 25, 8:18 PM
jhb committed rS362624: Use zfree() instead of explicit_bzero() and free()..
Use zfree() instead of explicit_bzero() and free().
Thu, Jun 25, 8:18 PM
jhb added a comment to D25062: domain: give domains a chance to probe for availability.

I was hoping this was going to fix the bluetooth issue of adding domains post-boot from the initial mail, but it doesn't seem so? (I get a warning every time I boot on a laptop with bluetooth since the BT domain is pulled in via devmatch.) It seems like solving that problem cleanly would be a prerequisite for kicking this out of GENERIC and into a module as well.

Thu, Jun 25, 2:28 PM
jhb accepted D25432: cxgbe(4): Store a pointer to the adapter softc in vi_info..
Thu, Jun 25, 2:23 PM
jhb updated the diff for D25304: Include ABI note tag in shared libraries..
  • Rebase.
Thu, Jun 25, 2:08 PM
jhb requested review of D25444: Enter and exit the network epoch for async IPsec callbacks..
Thu, Jun 25, 12:49 AM
jhb added inline comments to D25435: Use zfree() instead of explicit_bzero() and free()..
Thu, Jun 25, 12:47 AM
jhb requested review of D25443: Simplify IPsec transform-specific teardown..
Thu, Jun 25, 12:43 AM
jhb requested review of D25442: Use zfree() to explicitly zero IPsec keys..
Thu, Jun 25, 12:42 AM
jhb requested review of D25441: Use explicit_bzero() instead of bzero() for sensitive data..
Thu, Jun 25, 12:41 AM
jhb added a comment to D25440: Use explicit_bzero() instead of bzero() for hash context state..

Using explicit_bzero vs bzero is largely for readability, though it can also prevent "helpful" compiler optimizations if bzero is mapped to a memset the compiler knows it can elide. The compiler probably won't elide the bzero before calling kmem_free but might elide ones at the end of functions.

Thu, Jun 25, 12:40 AM
jhb requested review of D25440: Use explicit_bzero() instead of bzero() for hash context state..
Thu, Jun 25, 12:37 AM
jhb requested review of D25439: Explicitly zero the temporary auth context used to generate HMAC state..
Thu, Jun 25, 12:36 AM
jhb requested review of D25438: Explicitly zero hash results and context in glxsb_authcompute()..
Thu, Jun 25, 12:35 AM
jhb requested review of D25437: Use zfree() instead of bzero() and free()..
Thu, Jun 25, 12:02 AM
jhb requested review of D25436: Zero the temporary HMAC key in hmac_init_pad()..
Thu, Jun 25, 12:01 AM
jhb requested review of D25435: Use zfree() instead of explicit_bzero() and free()..
Thu, Jun 25, 12:00 AM

Wed, Jun 24

jhb added a comment to P398 Masterwork From Distant Lands.

If you do 'make toolchain' first to get the updated headers into the WORLDTMP sysroot you don't need this workaround. In general in the tree we assume you are building against an up-to-date sysroot rather than using this sort of approach. Note that to be fully correct you'd need to replace every machine/ include with "amd64/include" above which would then also break for arm64 support, etc.

Wed, Jun 24, 6:58 PM
jhb committed rS362589: Always compile the brand and ignore init ELF notes standalone..
Always compile the brand and ignore init ELF notes standalone.
Wed, Jun 24, 5:54 PM
jhb closed D25374: Always compile the brand and ignore init ELF notes standalone..
Wed, Jun 24, 5:54 PM
jhb added inline comments to D25249: x86: Scale default msi/msix vector limit with MAXCPU.
Wed, Jun 24, 4:46 PM
jhb accepted D25228: Prevent calling USB backends multiple times..
Wed, Jun 24, 4:46 PM

Tue, Jun 23

jhb accepted D24835: kmod.mk: Don't split out debug symbols if requested.
Tue, Jun 23, 5:03 PM
jhb accepted D24750: pkg-bootstrap: complain on improper `pkg bootstrap` usage.
Tue, Jun 23, 4:58 PM
jhb added a comment to D24856: cam: scsi_enc_ses: Remove an unnecessary VLA construction.

*shrug* Given the function already defines variables in scope I'm not sure it really matters to pull it out to the top-level (esp in light of the recent style(9) change Warner is working on). Presumably this is all the same for the compiler anyway?

Tue, Jun 23, 4:55 PM
jhb added a comment to D24784: Avoid rebuilding libpmc in every incremental rebuild.

My only real question is do you want to do a single target? Since you are using mv instead of cp make is always going to invoke both targets anyway. The single target version would just join the two bodies.

Tue, Jun 23, 4:53 PM
jhb added inline comments to D24174: bhyve AHCI controller will accept ser/rev/model/nmrr config.
Tue, Jun 23, 4:47 PM
jhb closed D25211: Remove the sed hack for ABI tag notes..
Tue, Jun 23, 3:26 AM
jhb closed D24774: kgssapi no longer supports RC4, so don't list it as a build dependency..
Tue, Jun 23, 3:23 AM