asomers [Mon, 11 Dec 2017 20:36:01 +0000 (20:36 +0000)]
MFC r326041:
periodic: fix exit status for nonexistent arguments
When called with an absolute pathname, periodic should attempt to execute
every script in that directory. If the directory does not exist, it should
print an error and exit 1. Due to a copy/paste mistake in r231568, it exits
0 in that case.
sys/cam/scsi/scsi_da.c
Complete BIO_FLUSH commands immediately if the da(4) device hasn't
been written to since the last flush. If we haven't written to the
device, there is no reason to send a flush.
asomers [Mon, 11 Dec 2017 20:24:29 +0000 (20:24 +0000)]
MFC r326032:
Print ZAC device type in "camcontrol identify" output
ZAC (Zoned-device ATA Command set) is the standard for addressing SMR
(shingled magnetic recording) devices over SATA. Drives indicate their
support for ZAC in their IDENTIFY block. Print whether and how a drive
supports ZAC in the output of "camcontrol identify".
ed [Sun, 10 Dec 2017 12:25:32 +0000 (12:25 +0000)]
MFC r326228 and r326229:
Use TO_PTR() to convert integers to pointers.
For FreeBSD/arm64's cloudabi32 support, I'm going to need a TO_PTR() in
this place. Also use it for all of the other source files, so that the
difference remains as minimal as possible.
hselasky [Fri, 8 Dec 2017 19:19:47 +0000 (19:19 +0000)]
Add support for IPv6 based addresses as part of the TCP unify portspace feature
in ibcore. This resolves an interopability issue when using both iWarp(T6) and
RDMA(CX-4 and CX-5) devices at the same time.
The problem is IPv4 based sockets cannot be bound to an IPv6 based address
causing sobind() to fail preventing all use of IPv6 based addresses with RDMA
when an iWarp device is present.
hselasky [Fri, 8 Dec 2017 15:23:17 +0000 (15:23 +0000)]
MFC r326362:
Disallow TUN and TAP character device IOCTLs to modify the network device
type to any value. This can cause page faults and panics due to accessing
uninitialized fields in the "struct ifnet" which are specific to the network
device type.
Found by: jau@iki.fi
PR: 223767
Sponsored by: Mellanox Technologies
bapt [Fri, 8 Dec 2017 10:42:05 +0000 (10:42 +0000)]
MFC r326526:
In case man(1) found a catpage to display skip looking ".so" which is manpage
only.
In case we are trying to read a catpage, the manpage variable is not defined.
It results in the "cattool" having no arguments.
In case the catpage is compressed, the cattool used is "zcat" which dies if the
standard input is a terminal, meaning the function calling it is exiting as if
there were no ".so"
In case the catpage is uncompressed, the cattool used is "zcat -f" which waits
reading standard input, making the man(1) command hang.
MFC r326422:
Do better cleaning in key_destroy() for VIMAGE case.
SPDB was cleaned using TAILQ_CONCAT() instead of calling key_unlink()
for each SP, thus we need to properly clean lists in each bucket of
V_sphashtbl to avoid panic in hashdestroy() when INVARIANTS is enabled.
Do the same for V_acqaddrhashtbl and V_acqseqhashtbl.
When we are called in DEFAULT_VNET, destroy also all global locks and
drain key_timer callout.
asomers [Fri, 8 Dec 2017 05:32:17 +0000 (05:32 +0000)]
MFC r325947:
Fix potential NULL pointer dereference of device physical path
In scsi_dev_advinfo(), if the physical path is being stored and there is a
malloc failure (malloc(9) is called with M_NOWAIT), we could wind up in a
situation where the device's physpath_len is set to the length the user
provided, but the physpath itself is NULL.
If another context then comes in to fetch the physical path value, we would
wind up trying to memcpy a NULL pointer into the caller's buffer.
So, set the physpath_len to 0 when we free the physpath on entry into the
store case for the physical path. Reset the length to a non-zero value only
after we've successfully malloced a buffer to hold it.
asomers [Fri, 8 Dec 2017 05:24:49 +0000 (05:24 +0000)]
MFC r325857:
Remove a double free(9) in xpt_bus_register
In xpt_bus_register(), remove superfluous call to free(). This was mostly
benign since free(9) checks for NULL before doing anything, and
xpt_create_path() is nice enough to NULL out the pointer on failure.
However, it could've segfaulted if malloc(9) failed during
xpt_create_path().
asomers [Fri, 8 Dec 2017 05:20:54 +0000 (05:20 +0000)]
MFC r325817, r325827
r325817:
AIO tests: increase limits
tests/sys/aio/aio_kqueue_test.c
Instead of using a hard-coded queue depth, use
vfs.aio.max_aio_queue_per_proc
tests/sys/aio/lio_kqueue_test.c
The old, small limit on lio_listio's operation count was lifted by
change 324941. Raise the operation count as high as possible without
exceeding the process's operation limit.
emaste [Thu, 7 Dec 2017 03:57:11 +0000 (03:57 +0000)]
MFC r326094: Fix indentation in bsdinstall-created wpa_supplicant.conf
r311690 (MFC of r309934) cleaned up some cases in bsdinstall to use
heredocs but broke the indentation of the generated output, because <<-
heredocs strip leading tabs.
- Mention mismatching numbers in MSR vs. ACPI _PSS count warning.
- Rephrase unsupported AMD CPUs message and wrap as an overly long line.
- Improve readability when reporting resulted P-state transition (debug).
r322710, r323286 (cem):
- Add support for family 17h pstate info from MSRs.
- Yield CPU awaiting frequency change.
r326378, r326383, r326407:
- Fix some style(9) nits.
- Add a tunable "debug.hwpstate_verify" to check P-state after changing it
and turn it off by default.
emaste [Tue, 5 Dec 2017 01:35:04 +0000 (01:35 +0000)]
MFC r326074: filter all passwords (not only changed) from periodic passwd backup
The periodic 200.backup-passwd script outputs any differences it finds
in master.passwd, relative to the previous backup. It intends to elide
the encrypted password field, but previously did so only for changed
lines (i.e., those beginning with - or + in the diff).
Apply the sed expression also to unchanged lines to also elide their
passwords.
PR: 223461
Reported by: Andre Albsmeier
Sponsored by: The FreeBSD Foundation
wulf [Mon, 4 Dec 2017 21:12:05 +0000 (21:12 +0000)]
MFC r325295:
evdev: Lock Giant around keyboard ioctls
This fixes turning ukbd(4) LEDs on/off with evdev interface as well
MFC r325296:
evdev: Take driver's lock in cdev write handler if necessary
MFC r325297:
sysmouse(4): Fix ums(4)-style T-axis reporting via evdev protocol
- Do not report T-axis wheel events as button presses
- Reverse T-axis to match Linux
- Remove wrong comment. T-axis buttons state should be checked by level not
by edge to allow continuous wheel tilt reporting
MFC r325298:
evdev: Disable value normalization and state filtering for SND events.
Some events can take sound pitch as a value so can not be represented
as binary on/off events. Tracking for on/off state is left in place
as it is a part of the evdev API.
MFC r325299:
evdev: Do not start/stop softrepeat callout if no clients attached
gjb [Mon, 4 Dec 2017 15:28:07 +0000 (15:28 +0000)]
MFC r326315, r326330, r326331, r326412:
r326315:
Set DISTDIR and WRKDIRPREFIX when building ports within the
chroot(8) to avoid mtime changes within the ports checkout,
which can cause checksum differences.
r326330:
Add a comment to release/release.conf.sample documenting
EMBEDDEDPORTS. [1]
Remove and update stale documentation from release(7) while here.
r326331:
Correct a comment.
r326412:
Fix port build flags passed to make(1) after r326315, where
it was missed for embedded image builds.
PR: 206344 [1]
Sponsored by: The FreeBSD Foundation
hselasky [Mon, 4 Dec 2017 09:53:03 +0000 (09:53 +0000)]
MFC r325897:
Improve the library dependencies helper script in src/tools.
Implement double pass of the relevant Makefiles. First make a list of
library names and directories and then scan for all the dependencies.
Spaces in directories in the source tree are not supported.
This avoids using hardcoded mappings between the library name
and the directory containing the library Makefile.
hselasky [Mon, 4 Dec 2017 09:51:08 +0000 (09:51 +0000)]
MFC r326058:
Make sure all initialized mutexes are destroyed in the iser module,
else WITNESS will panic. Prefix all mutex names with "iser_" to
prevent future WITNESS issues.
emaste [Fri, 1 Dec 2017 17:15:13 +0000 (17:15 +0000)]
MFC r324703: loader.mk: clean md.o even if MD_IMAGE_SIZE not defined
We don't normally provide special handling for optionally-included src
files, but md.o depends on both md.c and the value of ${MD_IMAGE_SIZE}.
Previously if one built with MD_IMAGE_SIZE, executed "make clean", and
then built with a different MD_IMAGE_SIZE md.o would not be rebuilt.
Reported by: Zakary Nafziger
Sponsored by: The FreeBSD Foundation
avg [Fri, 1 Dec 2017 11:13:58 +0000 (11:13 +0000)]
MFC r326070: zfs_write: fix problem with writes appearing to succeed when over quota
The problem happens when the writes have offsets and sizes aligned with
a filesystem's recordsize (maximum block size). In this scenario
dmu_tx_assign() would fail because of being over the quota, but the uio
would already be modified in the code path where we copy data from the
uio into a borrowed ARC buffer. That makes an appearance of a partial
write, so zfs_write() would return success and the uio would be modified
consistently with writing a single block.
That bug can result in a data loss because the writes over the quota
would appear to succeed while the actual data is being discarded.
This commit fixes the bug by ensuring that the uio is not changed until
after all error checks are done. To achieve that the code now uses
uiocopy() + uioskip() as in the original illumos design. We can do that
now that uiocopy() has been updated in r326067 to use
vn_io_fault_uiomove().
kp [Thu, 30 Nov 2017 21:21:22 +0000 (21:21 +0000)]
MFC r325850: pfctl: teach route-to to deal with interfaces with multiple addresses
The route_host parsing code set the interface name, but only for the first
node_host in the list. If that one happened to be the inet6 address and the
rule wanted an inet address it'd get removed by remove_invalid_hosts() later
on, and we'd have no interface name.
We must set the interface name for all node_host entries in the list, not just
the first one.
ae [Thu, 30 Nov 2017 07:42:56 +0000 (07:42 +0000)]
MFC r326086:
Add ipfw_add_protected_rule() function that creates rule with 65535
number in the reserved set 31. Use this function to create default rule.
MFC r326115:
Rework rule ranges matching. Use comparison rule id with UINT32_MAX to
match all rules with the same rule number.
MFC r326116:
Move ipfw_send_pkt() from ip_fw_dynamic.c into ip_fw2.c.
It is not specific for dynamic states function and called also from
generic code.
MFC r326117:
Check that address family of state matches address family of packet.
If it is not matched avoid comparing other state fields.
MFC r326118:
Modify ipfw's dynamic states KPI.
Hide the locking logic used in the dynamic states implementation from
generic code. Rename ipfw_install_state() and ipfw_lookup_dyn_rule()
function to have similar names: ipfw_dyn_install_state() and
ipfw_dyn_lookup_state(). Move dynamic rule counters updating to the
ipfw_dyn_lookup_state() function. Now this function return NULL when
there is no state and pointer to the parent rule when state is found.
Thus now there is no need to return pointer to dynamic rule, and no need
to hold bucket lock for this state. Remove ipfw_dyn_unlock() function.
asomers [Tue, 28 Nov 2017 17:07:21 +0000 (17:07 +0000)]
MFC r325363:
Fix mpr(4) panics caused by bad drive mapping tables
sys/dev/mpr/mpr_mapping.c
If _mapping_process_dpm_pg0 detects inconsistencies in the drive
mapping table (stored in the HBA's NVRAM), abort reading it and
continue to boot as if the mapping table were blank. I observed
such inconsistencies in several HBAs after upgrading firmware from
14.0.0.0 to 15.0.0.0.
asomers [Tue, 28 Nov 2017 17:04:22 +0000 (17:04 +0000)]
MFC r322258, r324941, r324956, r325018
r322258:
Make p1003_1b.aio_listio_max a tunable
p1003_1b.aio_listio_max is now a tunable. Its value is reflected in the
sysctl of the same name, and the sysconf(3) variable _SC_AIO_LISTIO_MAX.
Its value will be bounded from below by the compile-time constant
AIO_LISTIO_MAX and from above by the compile-time constant
MAX_AIO_QUEUE_PER_PROC and the tunable vfs.aio.max_aio_queue.
r324941:
Remove artificial restriction on lio_listio's operation count
In r322258 I made p1003_1b.aio_listio_max a tunable. However, further
investigation shows that there was never any good reason for that limit to
exist in the first place. It's used in two completely different ways:
* To size a UMA zone, which globally limits the number of concurrent
aio_suspend calls.
* To artifically limit the number of operations in a single lio_listio call.
There doesn't seem to be any memory allocation associated with this limit.
This change does two things:
* Properly names aio_suspend's UMA zone, and sizes it based on a new constant.
* Eliminates the artifical restriction on lio_listio. Instead, lio_listio
calls will now be limited by the more generous max_aio_queue_per_proc. The
old p1003_1b.aio_listio_max is now an alias for
vfs.aio.max_aio_queue_per_proc, so sysconf(3) will still work with
_SC_AIO_LISTIO_MAX.
An off-by-one error has been present since the system call was first present
in 185878. It additionally became a memory corruption bug after change
324941. The failure is actually revealed by our existing AIO tests.
However, apparently nobody's been running those in 32-bit emulation mode.
asomers [Tue, 28 Nov 2017 16:52:38 +0000 (16:52 +0000)]
MFC r325011, r325016
r325011:
zfsd should be able to online an L2ARC that disappears and returns
Previously, this didn't work because L2ARC devices' labels don't contain
pool GUIDs. Modify zfsd so that the pool GUID won't be required:
lib/libdevdctl/guid.h
Change INVALID_GUID from a uint64_t constant to a function that
returns an invalid Guid object. Remove the void constructor.
Nothing uses it, and it violates RAII.
cddl/usr.sbin/zfsd/case_file.h
cddl/usr.sbin/zfsd/case_file.cc
Allow CaseFile::Find to match a CaseFile based on Vdev GUID alone.
In CaseFile::ReEvaluate, attempt to online devices even if the newly
arrived device has no pool GUID.
cddl/usr.sbin/zfsd/vdev_iterator.cc
Iterate through a pool's cache devices as well as its regular
devices.
asomers [Tue, 28 Nov 2017 16:34:55 +0000 (16:34 +0000)]
MFC r324940:
Fix the error message when creating a zpool on a too-small device
Don't check for SPA_MINDEVSIZE in vdev_geom_attach when opening by path.
It's redundant with the check in vdev_open, and failing to attach here
results in the wrong error message being printed. However, still check for
it in some other situations:
* When opening by guids, so we don't get bogged down reading from slow
devices like floppy drives.
* In vdev_geom_read_pool_label for the same reason, because we iterate over
all providers.
* If the caller requests that we verify the guid, because then we'll have to
read from the device before vdev_open verifies the size.
PR: 222227
Reported by: Marie Helene Kvello-Aune <marieheleneka@gmail.com>
Reviewed by: avg, mav
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D12531
andrew [Tue, 28 Nov 2017 11:06:17 +0000 (11:06 +0000)]
MFC r326137:
Ensure we check the program state set in the trap frame on arm and arm64.
This value may be set by userspace so we need to check it before using it.
If this is not done correctly on exception return the kernel may continue
in kernel mode with all registers set to a userspace controlled value. Fix
this by moving the check into set_mcontext, and also add the missing
sanitisation from the arm64 set_regs.
emaste [Tue, 28 Nov 2017 00:55:30 +0000 (00:55 +0000)]
MFC r325042: libdtrace: replace "DOODAD" with more descriptive string
Previously some unimplemented libdtrace routines printed the function,
file and line number, followed by "DOODAD." That is not particularly
informative, so replace it with a message reporting the actual issue.
asomers [Tue, 28 Nov 2017 00:39:58 +0000 (00:39 +0000)]
MFC r323275, r324112
r323275:
Add basic tests for chflags, mkdir, rcp, and rmdir
Add basic command line parsing test coverage for these utilities. The tests
were automatically generated based on their man pages. These tests can be
expanded by hand for more thorough coverage. The aim is to generate very
basic amount of test coverage for all the utilities in the base system.
asomers [Tue, 28 Nov 2017 00:19:04 +0000 (00:19 +0000)]
MFC r322854, r323995, r324568, r324991
r322854:
zfsd(8): Close a race condition when onlining a disk paritition
When inserting a partitioned disk, devfs and geom will announce the whole
disk before they announce the partition. If the partition containing ZFS
extends to one of the disk's extents, then zfsd will see a ZFS label on the
whole disk and attempt to online it. ZFS is smart enough to activate the
partition instead of the whole disk, but only if GEOM has already created
the partition's provider.
cddl/contrib/opensolaris/lib/libzfs/common/libzfs.h
cddl/contrib/opensolaris/lib/libzfs/common/libzfs_import.c
Add a zpool_read_all_labels method. It's similar to
zpool_read_label, but it will return the number of labels found.
cddl/usr.sbin/zfsd/zfsd_event.cc
When processing a DevFS CREATE event, only online a VDEV if we can
read all four ZFS labels.
r324991:
Fix zpool_read_all_labels when vfs.aio.enable_unsafe=0
Previously, zpool_read_all_labels was trying to do 256KB reads, which are
greater than the default MAXPHYS and therefore must go through the slow,
unsafe AIO path. Shrink these reads to 112KB so they can use the safe, fast
AIO path instead.
gjb [Mon, 27 Nov 2017 15:12:14 +0000 (15:12 +0000)]
MFC r326068:
Remove /etc/resolv.conf from virtual machine images, which is
copied from the build host. It is renamed to /etc/resolv.conf.bak
on boot, so never used anyway.
ae [Fri, 24 Nov 2017 04:42:21 +0000 (04:42 +0000)]
MFC r325960:
Unconditionally enable support for O_IPSEC opcode.
IPsec support can be loaded as kernel module, thus do not depend from
kernel option IPSEC and always build O_IPSEC opcode implementation as
enabled.
MFC r325962:
Do not invoke IPv4 NAT handler for non IPv4 packets. Libalias expects
a packet is IPv4. And in case when it is IPv6, it just translates them
as IPv4. This leads to corruption and in some cases to panics.
In particular a panic can happen when value of ip6_plen modified to
something that leads to IP fragmentation, but actual packet length does
not match the IP length.
Packets that are not IPv4 will be dropped by NAT rule.