Robert Watson [Mon, 1 Jun 2009 16:13:06 +0000 (16:13 +0000)]
Add 'sy_flags', a currently unused per-syscall entry flags field that will
see future use in 9-CURRENT and 8-STABLE for features such as the
capability-mode enable flag and pay-as-you-audit.
Bjoern A. Zeeb [Mon, 1 Jun 2009 15:49:42 +0000 (15:49 +0000)]
Convert the two dimensional array to be malloced and introduce
an accessor function to get the correct rnh pointer back.
Update netstat to get the correct pointer using kvm_read()
as well.
This not only fixes the ABI problem depending on the kernel
option but also permits the tunable to overwrite the kernel
option at boot time up to MAXFIBS, enlarging the number of
FIBs without having to recompile. So people could just use
GENERIC now.
Reviewed by: julian, rwatson, zec
X-MFC: not possible
Bruce M Simpson [Mon, 1 Jun 2009 15:30:18 +0000 (15:30 +0000)]
Merge fixes from p4:
* Tighten v1 query input processing.
* Borrow changes from MLDv2 for how general queries are processed.
* Do address field validation upfront before accepting input.
* Do NOT switch protocol version if old querier present timer active.
* Always clear IGMPv3 state in igmp_v3_cancel_link_timers().
* Update comments.
Robert Watson [Mon, 1 Jun 2009 15:03:58 +0000 (15:03 +0000)]
Garbage collect NETISR_POLL and NETISR_POLLMORE, which are no longer
required for options DEVICE_POLLING.
De-fragment the NETISR_ constant space and lower NETISR_MAXPROT from
32 to 16 -- when sizing queue arrays using this compile-time constant,
significant amounts of memory are saved.
Warn on the console when tunable values for netisr are automatically
adjusted during boot due to exceeding limits, invalid values, or as a
result of DEVICE_POLLING.
Alexander Motin [Mon, 1 Jun 2009 13:13:47 +0000 (13:13 +0000)]
Comment out old Realtek ALC883 quirk, that was disabling phantop power on
mic inputs. I have no idea what for it was made that time, but now I have
several reports that it should be removed to make microphones work. If
this quirk is still required for some systems then they should be identified
and specified explicitly.
Robert Watson [Mon, 1 Jun 2009 10:41:38 +0000 (10:41 +0000)]
Reimplement the netisr framework in order to support parallel netisr
threads:
- Support up to one netisr thread per CPU, each processings its own
workstream, or set of per-protocol queues. Threads may be bound
to specific CPUs, or allowed to migrate, based on a global policy.
In the future it would be desirable to support topology-centric
policies, such as "one netisr per package".
- Allow each protocol to advertise an ordering policy, which can
currently be one of:
NETISR_POLICY_SOURCE: packets must maintain ordering with respect to
an implicit or explicit source (such as an interface or socket).
NETISR_POLICY_FLOW: make use of mbuf flow identifiers to place work,
as well as allowing protocols to provide a flow generation function
for mbufs without flow identifers (m2flow). Falls back on
NETISR_POLICY_SOURCE if now flow ID is available.
NETISR_POLICY_CPU: allow protocols to inspect and assign a CPU for
each packet handled by netisr (m2cpuid).
- Provide utility functions for querying the number of workstreams
being used, as well as a mapping function from workstream to CPU ID,
which protocols may use in work placement decisions.
- Add explicit interfaces to get and set per-protocol queue limits, and
get and clear drop counters, which query data or apply changes across
all workstreams.
- Add a more extensible netisr registration interface, in which
protocols declare 'struct netisr_handler' structures for each
registered NETISR_ type. These include name, handler function,
optional mbuf to flow ID function, optional mbuf to CPU ID function,
queue limit, and ordering policy. Padding is present to allow these
to be expanded in the future. If no queue limit is declared, then
a default is used.
- Queue limits are now per-workstream, and raised from the previous
IFQ_MAXLEN default of 50 to 256.
- All protocols are updated to use the new registration interface, and
with the exception of netnatm, default queue limits. Most protocols
register as NETISR_POLICY_SOURCE, except IPv4 and IPv6, which use
NETISR_POLICY_FLOW, and will therefore take advantage of driver-
generated flow IDs if present.
- Formalize a non-packet based interface between interface polling and
the netisr, rather than having polling pretend to be two protocols.
Provide two explicit hooks in the netisr worker for start and end
events for runs: netisr_poll() and netisr_pollmore(), as well as a
function, netisr_sched_poll(), to allow the polling code to schedule
netisr execution. DEVICE_POLLING still embeds single-netisr
assumptions in its implementation, so for now if it is compiled into
the kernel, a single and un-bound netisr thread is enforced
regardless of tunable configuration.
In the default configuration, the new netisr implementation maintains
the same basic assumptions as the previous implementation: a single,
un-bound worker thread processes all deferred work, and direct dispatch
is enabled by default wherever possible.
Performance measurement shows a marginal performance improvement over
the old implementation due to the use of batched dequeue.
An rmlock is used to synchronize use and registration/unregistration
using the framework; currently, synchronized use is disabled
(replicating current netisr policy) due to a measurable 3%-6% hit in
ping-pong micro-benchmarking. It will be enabled once further rmlock
optimization has taken place. However, in practice, netisrs are
rarely registered or unregistered at runtime.
A new man page for netisr will follow, but since one doesn't currently
exist, it hasn't been updated.
This change is not appropriate for MFC, although the polling shutdown
handler should be merged to 7-STABLE.
- Rename IP_NONLOCALOK IP socket option to IP_BINDANY, to be more consistent
with OpenBSD (and BSD/OS originally). We can't easly do it SOL_SOCKET option
as there is no more space for more SOL_SOCKET options, but this option also
fits better as an IP socket option, it seems.
- Implement this functionality also for IPv6 and RAW IP sockets.
- Always compile it in (don't use additional kernel options).
- Remove sysctl to turn this functionality on and off.
- Introduce new privilege - PRIV_NETINET_BINDANY, which allows to use this
functionality (currently only unjail root can use it).
Xin LI [Mon, 1 Jun 2009 07:05:52 +0000 (07:05 +0000)]
According to Intel documentation (307013), 3Gbps mode is supported on
Desktop chipsets only for ICH7 series, so mark all ICH7M as ATA_SA150
instead of ATA_SA300.
Juli Mallett [Mon, 1 Jun 2009 06:49:09 +0000 (06:49 +0000)]
o) Restructure tcpdrop(8) to provide a facility to try to drop all established
connections. Including a flag to instead output a sequence of tcpdrop(8)
invocations that would accomplish the same thing, which is convenient for
scripting.
o) Make tcpdrop complain if the addresses given to it are entirely in different
address families, rather than failing silently.
o) When cross-referencing httpd(8), do not explicitly specify the apache2 port,
since the example in question is generic.
Doug Barton [Mon, 1 Jun 2009 06:31:04 +0000 (06:31 +0000)]
Local hack to get the build going again while ISC works on a more
permanent solution for 9.6.1-release.
"My suggestion is to remove the whole attribute construct.
It only suppresses a warning when a function is unused. In this case
the function is defined as inline, so it's not causing a warning when
not used."
Doug Barton [Mon, 1 Jun 2009 05:37:13 +0000 (05:37 +0000)]
Eliminate the warning that "Values of network_interfaces other than
AUTO are deprecated.' There is no good reason to deprecate them, and
setting this to different values can be useful for custom solutions
and/or one-off configuration problems.
Doug Barton [Mon, 1 Jun 2009 05:35:03 +0000 (05:35 +0000)]
Make the pf and ipfw firewalls start before netif, just like ipfilter
already does. This eliminates a logical inconsistency, and a small
window where the system is open after the network comes up.
Doug Barton [Mon, 1 Jun 2009 04:55:13 +0000 (04:55 +0000)]
Substitute ypset for ypbind in REQUIRE lines. If you use ypset it has to
happen right after ypbind, and before anything that uses NIS. The only
change in rcorder accomplished by this patch is make that happen.
PR: conf/117555
Submitted by: John Marshall <john@rwsrv05.mby.riverwillow.net.au>
Craig Rodrigues [Mon, 1 Jun 2009 01:02:30 +0000 (01:02 +0000)]
sys/boot/common.c
=================
Extend the loader to parse the root file system mount options in /etc/fstab,
and set a new loader variable vfs.root.mountfrom.options with these options.
The root mount options must be a comma-delimited string, as specified in
/etc/fstab.
Only set the vfs.root.mountfrom.options variable if it has not been
set in the environment.
sys/kern/vfs_mount.c
====================
When mounting the root file system, pass the mount options
specified in vfs.root.mountfrom.options, but filter out "rw" and "noro",
since the initial mount of the root file system must be done as "ro".
While we are here, try to add a few hints to the mountroot prompt
to give users and idea what might of gone wrong during mounting
of the root file system.
Craig Rodrigues [Mon, 1 Jun 2009 00:40:39 +0000 (00:40 +0000)]
Code for parsing nmount options in kernel was merged
to stable/7 branch in r190315. So only resort to fallback_mount()
could which passes struct nfs_args to kernel in kernel versions
less than 702100.
Jilles Tjoelker [Sun, 31 May 2009 19:37:06 +0000 (19:37 +0000)]
sh: Make read's timeout (-t) apply to the entire line, not only the first
character.
This avoids using non-standard behaviour of the old (upto FreeBSD 7) TTY
layer: it reprocesses the input queue when switching to canonical mode. The
new TTY layer does not provide this functionality and so read -t worked
very poorly (first character is not echoed, cannot be backspaced but is
still read).
This also agrees with what most other shells with read -t do.
PR: bin/129566
Reviewed by: stefanf
Approved by: ed (mentor)
Ed Schouten [Sun, 31 May 2009 19:35:41 +0000 (19:35 +0000)]
Restore support for bell pitch/duration.
Because we only support a single argument to tf_param, use 16 bits for
the pitch and 16 bits for the duration. While there, make the argument
unsigned. There isn't a single param call that needs a signed integer.
Unlock the pseudofs vnode before calling fill method for pfs_readlink().
The fill code may need to lock another vnode, e.g. procfs file
implementation.
Reviewed by: des
Tested by: pho
MFC after: 2 weeks
Implement the bypass routine for VOP_VPTOCNP in nullfs.
Among other things, this makes procfs <pid>/file working for executables
started from nullfs mount.
Eliminate code duplication in vn_fullpath1() around the cache lookups
and calls to vn_vptocnp() by moving more of the common code to
vn_vptocnp(). Rename vn_vptocnp() to vn_vptocnp_locked() to signify that
cache is locked around the call.
Do not track buffer position by both the pointer and offset, use only
buflen to record the start of the free space.
Export vn_vptocnp() for external consumers as a wrapper around
vn_vptocnp_locked() that locks the cache and handles hold counts.
Do not drop vnode interlock in null_checkvp(). null_lock() verifies that
v_data is not-null before calling NULLVPTOLOWERVP(), and dropping the
interlock allows for reclaim to clean v_data and free the memory.
While there, remove unneeded semicolons and convert the infinite loops
to panics. I have a will to remove null_checkvp() altogether, or leave
it as a trivial stub, but not now.
Lock the real null vnode lock before substitution of vp->v_vnlock.
This should not really matter for correctness, since vp->v_lock is
not locked before the call, and null_lock() holds the interlock,
but makes the control flow for reclaim more clear.
Daniel Eischen [Sun, 31 May 2009 14:48:51 +0000 (14:48 +0000)]
Add a NO_SYNCHRONIZE_CACHE quirk for an AIPTEK2
part identified as Sunplus Technology Inc. This
happens to sit in a Rosewill RX81U-ES-25A 2.5" SATA
to USB 2.0 external enclosure.
Fix the eval command in combination with set -e. Before this change the shell
would always terminate if eval returned with a non-zero exit status regardless
if the status was actually tested. Unfortunately a new file-scope variable
is needed, the alternative would only be to add a new parameter to all
built-ins.
Marko Zec [Sun, 31 May 2009 12:10:04 +0000 (12:10 +0000)]
Introduce an interm userland-kernel API for creating vnets and
assigning ifnets from one vnet to another. Deletion of vnets is not
yet supported.
The interface is implemented as an ioctl extension so that no syscalls
had to be introduced. This should be acceptable given that the new
interface will be used for a short / interim period only, until the
new jail management framwork gains the capability of managing vnets.
This method for managing vimages / vnets has been in use for the past
7 years without any observable issues.
The userland tool to be used in conjunction with the interim API can be
found in p4: //depot/projects/vimage-commit2/src/usr.sbin/vimage/... and
will most probably never get commited to svn.
While here, bump copyright notices in kern_vimage.c and vimage.h to
cover work done in year 2009.
Robert Watson [Sun, 31 May 2009 09:03:14 +0000 (09:03 +0000)]
Upgrade audit(4) from experimental to production status for FreeBSD 8.0.
While there remain some incomplete aspects of the implementation (such
as incomplete auditing of some system calls), the implementation has
been burned in for a few years, as well as in GENERIC for a few years.
Nathan Whitehorn [Sun, 31 May 2009 08:59:15 +0000 (08:59 +0000)]
Provide a new CPU device driver ivar to report the nominal speed of the
CPU, if available. This is meant to solve the issue of cpufreq misreporting
speeds on CPUs that boot in a reduced power mode and have only relative
speed control.
Adrian Chadd [Sun, 31 May 2009 08:11:39 +0000 (08:11 +0000)]
Fix the MP IPI code to differentiate between bitmapped IPIs and function IPIs.
This attempts to fix the IPI handling code to correctly differentiate
between bitmapped IPIs and function IPIs. The Xen IPIs were on low numbers
which clashed with the bitmapped IPIs.
This commit bumps those IPI numbers up to 240 and above (just like in the i386
code) and fiddles with the ipi_vectors[] logic to call the correct function.
This still isn't "right". Specifically, the IPI code may work fine for TLB
shootdown events but the rendezvous/lazypmap IPIs are thrown by calling ipi_*()
routines which don't set the call_func stuff (function id, addr1, addr2) that
the TLB shootdown events are. So the Xen SMP support is still broken.
Adrian Chadd [Sun, 31 May 2009 07:25:24 +0000 (07:25 +0000)]
Remove some unused code in ipi_selected() .
The code path this was copied from (sys/i386/i386/mp_machdep.c:ipi_selected())
handles bitmap'ed IPIs and normal IPIs via separate notification paths. Xen
SMP handles them the same way.
Doug Barton [Sun, 31 May 2009 05:44:21 +0000 (05:44 +0000)]
Update BIND to version 9.6.1rc1. This version has better performance and
lots of new features compared to 9.4.x, including:
Full NSEC3 support
Automatic zone re-signing
New update-policy methods tcp-self and 6to4-self
DHCID support.
More detailed statistics counters including those supported in BIND 8.
Faster ACL processing.
Efficient LRU cache-cleaning mechanism.
NSID support.
Doug Barton [Sun, 31 May 2009 05:42:58 +0000 (05:42 +0000)]
Update BIND to version 9.6.1rc1. This version has better performance and
lots of new features compared to 9.4.x, including:
Full NSEC3 support
Automatic zone re-signing
New update-policy methods tcp-self and 6to4-self
DHCID support.
More detailed statistics counters including those supported in BIND 8.
Faster ACL processing.
Efficient LRU cache-cleaning mechanism.
NSID support.
Doug Barton [Sat, 30 May 2009 23:50:12 +0000 (23:50 +0000)]
In preparation for the BIND 9.6.1rc1 import, remove this directory.
The libbind library is no longer distributed as part of the main
BIND package, and we never built it in any case.
Doug Barton [Sat, 30 May 2009 23:48:09 +0000 (23:48 +0000)]
In preparation for the BIND 9.6.1rc1 import, remove these two directories.
We do not install these files so there is little use to keeping them in
the tree, and the drafts directory in particular is the source of a lot
of churn for each new version.
Rick Macklem [Sat, 30 May 2009 22:11:12 +0000 (22:11 +0000)]
Add a check to v_type == VREG for the recently modified code that
does NFSv4 Closes in the experimental client's VOP_INACTIVE().
I also replaced a bunch of ap->a_vp with a local copy of vp,
because I thought that made it more readable.
Sam Leffler [Sat, 30 May 2009 19:57:31 +0000 (19:57 +0000)]
o assert TDMA_MAXSLOTS is 2 so noone tries to blindly increase it
o add safety belt in vdetach for failed state block allocation
o fix dynamic change to tdma config; ERESTART may not result in
kicking the state machine so we need to explicitly mark the
beacon for update
Adrian Chadd [Sat, 30 May 2009 15:20:25 +0000 (15:20 +0000)]
Even though I'm not quite sure that the call_func stuff will work properly
in all the places/cases IPI messages will be generated, at least be consistent
with how the call_data pointer is assigned and cleared (ie, all done inside
the spinlock.
Ensure that its NULL before continuing, just to try and identify situations
where things are going horribly wrong.
Attilio Rao [Sat, 30 May 2009 15:14:44 +0000 (15:14 +0000)]
When user_frac in the polling subsystem is low it is going to busy the
CPU for too long period than necessary. Additively, interfaces are kept
polled (in the tick) even if no more packets are available.
In order to avoid such situations a new generic mechanism can be
implemented in proactive way, keeping track of the time spent on any
packet and fragmenting the time for any tick, stopping the processing
as soon as possible.
In order to implement such mechanism, the polling handler needs to
change, returning the number of packets processed.
While the intended logic is not part of this patch, the polling KPI is
broken by this commit, adding an int return value and the new flag
IFCAP_POLLING_NOCOUNT (which will signal that the return value is
meaningless for the installed handler and checking should be skipped).
Bump __FreeBSD_version in order to signal such situation.
Add VOP_ACCESSX, which can be used to query for newly added V*
permissions, such as VWRITE_ACL. For a filsystems that don't
implement it, there is a default implementation, which works
as a wrapper around VOP_ACCESS.
Randall Stewart [Sat, 30 May 2009 11:14:41 +0000 (11:14 +0000)]
Adds missing sysctl to manage the vtag_time_wait time. This will
even allow disabling time-wait all together if you set the value
to 0 (not advisable actually). The default remains the same
i.e. 60 seconds.