MFC r357875: diff: fix segfault with --tabsize and no/malformed argument
--tabsize was previously listed as optional_argument, but didn't account for
the optionality of it in the argument handling. This is irrelevant -- the
manpage doesn't indicate that the argument is optional, and indeed there's
no clear interpretation of omitting the argument because there's no other
side effect of --tabsize.
The "malformed" argument part of the header on this message is simply
referring to usage like this:
% diff --tabsize 4 A B
With an optional_argument, the argument must be attached to the parameter
directly (e.g. --tabsize=4), so the argument is effectively NULL with the
above invocation as if no argument had been passed.
MFC r360182-r360183: kqueue(2): add note about EV_RECEIPT
r360182:
kqueue(2): add a note about EV_RECEIPT
In the below-referenced PR, a case is attached of a simple reproducer that
exhibits suboptimal behavior: EVFILT_READ and EVFILT_WRITE being set in the
same kevent(2) call will only honor the first one. This is, in-fact, how
it's supposed to work.
A read of the manpage leads me to believe we could be more clear about this;
right now there's a logical leap to make in the relevant statement: "When
passed as input, it forces EV_ERROR to always be returned." -- the logical
leap being that this indicates the caller should have allocated space for
the change to be returned with EV_ERROR indicated in the events, or
subsequent filters will get dropped on the floor.
Another possible workaround that accomplishes similar effect without needing
space for all events is just setting EV_RECEIPT on the final change being
passed in; if any errored before it, the kqueue would not be drained. If we
made it to the final change with EV_RECEIPT set, then we would return that
one with EV_ERROR and still not drain the kqueue. This would seem to not be
all that advisable.
r360183:
kqueue(2): de-vandalize the random sentence in the middle
A last minute change appears to have inadvertently vandalized unrelated
parts of the manpage with the date. =-(
r356724:
asprintf returns -1, not an arbitrary value < 0. Also upon error the
(very sloppy specification) leaves an undefined value in *ret, so it is
wrong to inspect it, the error condition is enough.
r356725:
When system calls indicate an error they return -1, not some arbitrary
value < 0. errno is only updated in this case.
r357649:
Update diff(1) TODO removing what has been implemented
This matches GNU diff(1) behavior and, more importantly, eliminates any
source of confusion if multiple formatting options are specified.
Note that the committed diff differs slightly from the submitted: I've
modified it so that we initialize diff_format to something that isn't an
accepted format option so that we can also reject --normal -c and -c
--normal, which would've otherwise been accepted because the default was
--normal. After option parsing we default it to D_NORMAL if it's still
unset.
r359953:
kern uuid: break format validation out into a separate KPI
This new KPI, validate_uuid, strictly validates the formatting of the input
UUID and, optionally, populates a given struct uuid.
As noted in the header, the key differences are that the new KPI won't
recognize an empty string as a nil UUID and it won't do any kind of semantic
validation on it. Also key is that populating a struct uuid is optional, so
the caller doesn't necessarily need to allocate a bogus one on the stack
just to validate the string.
This KPI has specifically been broken out in support of D24288, which will
preload /etc/hostid in loader so that early boot hostuuid users (e.g.
anything that calls ether_gen_addr) can have a valid hostuuid to work with
once it's been stashed in /etc/hostid.
r359980:
validate_uuid: absorb the rest of parse_uuid with a flags arg
This makes the naming annoyance (validate_uuid vs. parse_uuid) less of an
issue and centralizes all of the functionality into the new KPI while still
making the extra validation optional. The end-result is all the same as far
as hostuuid validation-only goes.
r359999:
Preload hostuuid for early-boot use
prison0's hostuuid will get set by the hostid rc script, either after
generating it and saving it to /etc/hostid or by simply reading /etc/hostid.
Some things (e.g. arbitrary MAC address generation) may use the hostuuid as
a factor in early boot, so providing a way to read /etc/hostid (if it's
available) and using it before userland starts up is desirable. The code is
written such that the preload doesn't *have* to be /etc/hostid, thus not
assuming that there will be newline at the end of the buffer or even the
exact shape of the newline. White trailing whitespace/non-printables
trimmed, the result will be validated as a valid uuid before it's used for
early boot purposes.
The preload can be turned off with hostuuid_load="NO" in /boot/loader.conf,
just as other preloads; it's worth noting that this is a 37-byte file, the
overhead is believed to be generally minimal.
It doesn't seem necessary at this time to be concerned with kern.hostid.
One does wonder if we should consider validating hostuuids coming in
via jail_set(2); some bits seem to care about uuid form and we bother
validating format of smbios-provided uuid and in-fact whatever uuid comes
from /etc/hostid.
Certs can be easily examined after installation with `certctl list`, and
certctl blacklist will accept the hashed filename as output by list or as
seen in /etc/ssl/certs
r355376:
caroot update to latest tip: one (1) addition, none (0) removed
With the inclusion of caroot bits, we'll need to also rehash on update as we
do in mergemaster/etcupdate.
If certctl's installed on the system, just unconditionally rehash. This
isn't an expensive operation, and we can refine it to compare
INDEX-{OLD,NEW} later if we really want to.
John Baldwin [Mon, 27 Apr 2020 20:37:11 +0000 (20:37 +0000)]
MFC 350013: Don't pass error from syscallenter() to syscallret().
syscallret() doesn't use error anymore. Fix a few other places to permit
removing the return value from syscallenter() entirely.
- Remove a duplicated assertion from arm's syscall().
- Use td_errno for amd64_syscall_ret_flush_l1d.
MFC r359702, r359774: enforce -fno-common for userland/kernel src builds
r359702:
Add -fno-common to all userland/kernel src builds
-fno-common will become the default in GCC10/LLVM11. Plenty of work has been
put in to make sure our world builds are no -fno-common clean, so let's slap
the build with this until it becomes the compiler default to ensure we don't
regress.
At this time, we will not be enforcing -fno-common on ports builds. I
suspect most ports will be or quickly become -fno-common clean as they're
naturally built against compilers that default to it, so this will hopefully
become a non-issue in due time. The exception to this, which is actually the
status quo, is that kmods built from ports will continue to build with
-fno-common.
As of the time of writing, I intend to also make stable/12 -fno-common
clean. What's been done will be MFC'd to stable/11 if it's easily applicable
and/or not much work to massage it into being functional, but I anticipate
adding -fcommon to stable/11 builds to maintain its ability to be built with
newer compilers for the rest of its lifetime instead of putting in a third
branch's worth of effort.
r359774:
userland build: replace -fno-common with ${CFCOMMONFLAG}
This change allows any downstream or otherwise consumer to easily override
the new -fno-common default on a temporary basis without having to hack into
src.sys.mk, and also makes it a bit easier to search for these specific
cases where -fno-common must be overridden with -fcommon or else the build
will fail.
The gdb build, the only program requiring -fcommon on head/, is switched
over as an example usage. It will need it on all branches, so this does not
harm future mergability.
MFC r359642: adduser: allow standard IFS characters in passwords
Notably, the default IFS contains space/tab, thus any leading/trailing
whitespace characters tend to be removed.
Set IFS= for just the read lines to mitigate this, allowing the user to be
less surprised when their leading/trailing spaces weren't actually captured
in the password as they are with other means of setting a user's password.
[Neither of these originally mine, but the latter commit referenced
fixes an -fno-common issue and the former is a bugfix]
r340361:
Fix printing of 64-bit counters on 32-bit ppc platforms.
Several statistic counters are uint64_t values and are printed by systat
using %lu. This results in displaying wrong numbers. Use PRIu64 instead.
While there, print variables of size_t using %zd.
r345804:
systat -zarc to display disk activities like -vm
Alexander Motin [Mon, 27 Apr 2020 14:03:24 +0000 (14:03 +0000)]
MFC r360123: Allow namespace-id specification where it makes sense.
It makes tool more convenient to not require user to explicitly convert
namespace device name into controller device name. There should be no
changes to already existing syntaxes.
John Baldwin [Mon, 27 Apr 2020 04:47:02 +0000 (04:47 +0000)]
MFC 350012: Always set td_errno to the error value of a system call.
Early errors prior to a system call did not set td_errno. This commit
sets td_errno for all errors during syscallenter(). As a result,
syscallret() can now always use td_errno without checking TDP_NERRNO.
Compared to the original commit, this change preserves the ABI of
struct thread and instead adds explicit zero'ing of td_errno.
Both DIOCCHANGEADDR and DIOCADDADDR take a struct pf_pooladdr from
userspace. They failed to validate the dyn pointer contained in its
struct pf_addr_wrap member structure.
This triggered assertion failures under fuzz testing in
pfi_dynaddr_setup(). Happily the dyn variable was overruled there, but
we should verify that it's set to NULL anyway.
Add casts to work around harmless -Werror warnings from clang 10.0.0,
such as:
usr.sbin/timed/timed/networkdelta.c:160:13: error: implicit conversion from 'long' to 'float' changes value from 9223372036854775807 to 9223372036854775808
[-Werror,-Wimplicit-int-float-conversion]
float ap = LONG_MAX; /* bounds on the median */
~~ ^~~~~~~~
Direct commit to stable/{10,11,12}, since timed has been removed from
FreeBSD 13.
The MIPS bug was introduced by upstream commit 7403cb630, which failed
to account for the additional indirection introduced and also dropped
one of the checks; change it to the standard "NULL-or-empty" check as
used elsewhere in BFD, which is also what upstream now has.
Ed Maste [Sat, 25 Apr 2020 15:29:06 +0000 (15:29 +0000)]
MFC r359777: hdac: show which command timed out
There are several reports of "hdac0: Command timeout on address 2"
messages emitted during playback on a variety of contemporary machines.
Show the command that timed out in case it might provide a clue in
finding the cause.
Fix some misleading indentation warnings reported by recent clang.
These should not be any functional change. While the change in
emul10kx-pcm.c looks like a real bug fix (as opposed to inconsistent
whitespace), the extra statements were not harmful.
g++9 now warns about having defined an assignment operator but using the
default copy constructor, or vice versa. Avoid the issue in libdevdctl
by just using the default assignment operator too.
MIPS64 has 64-bit longs, so use uint64_t for it, otherwise uint32_t.
sizeof(long) == sizeof(ptr) for all platforms, so define
atomic_swap_ptr in terms of atomic_swap_long.
ethersubr: Make the mac address generation more robust
If we create two (vnet) jails and create a bridge interface in each we end up
with the same mac address on both bridge interfaces.
These very often conflicts, resulting in same mac address in both jails.
Mitigate this problem by including the jail name in the mac address.
According to my tests and errata to several generations of Intel CPUs,
PCIe hot-plug command completion reporting is not very reliable thing.
At least on my Supermicro X11DPi-NT board I never saw it reported.
Before this change timeout code detached devices and tried to disable
the slot, that in my case resulted in hot-plugged device being detached
just a second after it was successfully detected and attached. This
change removes that, so in case of timeout it just prints the error and
continue operation. Linux does the same.
Userspace may pass a negative ps_len value to us, which causes an
assertion failure in malloc().
Treat negative values as zero, i.e. return the required size.
Alexander Motin [Fri, 24 Apr 2020 15:02:05 +0000 (15:02 +0000)]
MFC r359667 (by mw): Add hwpmc support for Intel Atom Goldmont microarchitecture
Recognize new micro-architecture in hwpmc_intel driver. Based on Intel
document 325462-071US. Tested with tools/test/hwpmc/pmctest.py
on Atom E3930 SoC.
- amd_intr() does not account for the offset (0x200) in the counter
MSR address and ends up accessing invalid regions while reading
counter value after the 4th counter (0xC001000[8,9,..]) and
erroneously updates the counter values for counters [1-4].
- amd_intr() should only check core pmcs for interrupts since
other types of pmcs (L3,DF) cannot generate interrupts.
- fix pmc NMI's being ignored due to NMI latency on newer AMD processors
Note that this fixes a kernel panic due to GPFs accessing MSRs on
higher core count AMD cpus (seen on both Rome 7502P, and
Threadripper 2990WX 32-core CPUs)
MFC r360051: tty: convert tty_lock_assert to tty_assert_locked
A later change, currently being iterated on in D24459, will in-fact change
the lock type to an sx so that TTY drivers can sleep on it if they need to.
Committing this ahead of time to make the review in question a little more
palatable.
tty_lock_assert() is unfortunately still needed for now in two places to
make sure that the tty lock has not been recursed upon, for those scenarios
where it's supplied by the TTY driver and possibly a mutex that is allowed
to recurse.
MFC r360033, r360108: better precision in kqueue timer tests
r360033:
tests: kqueue: use a more precise timer for the NOTE_ABSTIME test
Originally noticed while attempting to run the kqueue tests under
qemu-user-static, this apparently just happens sometimes when running in a
jail in general -- the timer will fire off "too early," but it's really just
the result of imprecise measurements (noted by cem).
Kicking this over to NOTE_USECONDS still tests the correct thing while
allowing it to work more consistently; a basic sanity test reveals that we
often end up coming in just less than 200 microseconds after the timer
fired off.
r360108:
tests: kqueue: fix some issues with now() on ILP32 platforms
There were ultimately two separate problems here:
- a 32-bit long cannot represent microseconds since 1970 (noted by ian)
- time_t is 32-bit on i386, so now() was wrong anyways even with the correct
return type.
For the first, just explicitly use a uint64_t for now() and all of the
callers. For the second, we need to explicitly cast tv_sec to uint64_t
before it gets multiplied in the SEC_TO_US macro. Casting this instance
rather than generally in the macro was arbitrarily chosen simply because all
other uses are converting small relative time values.
The tests now pass on i386, at least; presumably other ILP32 will be fine
now as well.
r360140:
kqueue: fix conversion of timer data to sbintime
This unbreaks the i386 kqueue timer tests after a recent change switched
NOTE_ABSTIME over to using microseconds. Notably, the data argument (which
holds useconds) is an int64_t, but we were passing it to timer2sbintime
which takes an intptr_t. Perhaps in a previous incarnation, intptr_t would
have made sense, but now it just leads to the timestamp getting truncated
and subsequently rejected when it no longer fits in an intptr_t.
r360155:
kevent32: fix the split of data into data1/data2
The current situation results in intermittent breakage if data gets split up
with the sign bit set on the data1 half of it, as PAIR32TO64 will then:
data1 | (data2 << 32) -> resulting in data1 getting sign-extended when it's
implicitly widened and clobbering the result. AFAICT, there's no compelling
reason for these to be signed.
This was most exposed by flakiness in the kqueue timer tests under compat32
after the ABSTIME test got switched over to using a better clock and
microseconds.
Rick Macklem [Wed, 22 Apr 2020 21:08:08 +0000 (21:08 +0000)]
MFC: r359720
Fix an interoperability issue w.r.t. the Linux client and the NFSv4 server.
Luoqi Chen reported a problem on freebsd-fs@ where a Linux NFSv4 client
was able to open and write to a file when the file's permissions were
not set to allow the owner write access.
Since NFS servers check file permissions on every write RPC, it is standard
practice to allow the owner of the file to do writes, regardless of
file permissions. This provides POSIX like behaviour, since POSIX only
checks permissions upon open(2).
The traditional way NFS clients handle this is to check access via the
Access operation/RPC and use that to determine if an open(2) on the
client is allowed.
It appears that, for NFSv4, the Linux client expects the NFSv4 Open (not a
POSIX open) operation to fail with NFSERR_ACCES if the file is not being
created and file permissions do not allow owner access, unlike NFSv3.
Since both the Linux and OpenSolaris NFSv4 servers seem to exhibit this
behaviour, this patch changes the FreeBSD NFSv4 server to do the same.
A sysctl called vfs.nfsd.v4openaccess can be set to 0 to return the
NFSv4 server to its previous behaviour.
Since both the Linux and FreeBSD NFSv4 clients seem to exhibit correct
behaviour with the access check for file owner in Open enabled, it is enabled
by default.
Alexander Motin [Tue, 21 Apr 2020 16:52:56 +0000 (16:52 +0000)]
MFC r348996 (by jtl):
The current IPMI KCS code is waiting 100us for all transitions (roughly
between each byte either sent or received). However, most transitions
actually complete in 2-3 microseconds.
By polling the status register with a delay of 4us with exponential
backoff, the performance of most IPMI operations is significantly
improved:
- A BMC update on a Supermicro x9 or x11 motherboard goes from ~1 hour
to ~6-8 minutes.
- An ipmitool sensor list time improves by a factor of 4.
Testing showed no significant improvements on a modern server by using
a lower delay.
The changes should also generally reduce the total amount of CPU or
I/O bandwidth used for a given IPMI operation.
Rick Macklem [Tue, 21 Apr 2020 04:47:42 +0000 (04:47 +0000)]
MFC: r359679
Fix noisy NFSv4 server printf.
Peter reported that his dmesg was getting cluttered with
nfsrv_cache_session: no session
messages when he rebooted his NFS server and they did not seem useful.
He was correct, in that these messages are "normal" and expected when
NFSv4.1 or NFSv4.2 are mounted and the server is rebooted.
This patch silences the printf() during the grace period after a reboot.
It also adds the client IP address to the printf(), so that the message
is more useful if/when it occurs. If this happens outside of the
server's grace period, it does indicate something is not working correctly.
Instead of adding yet another nd_XXX argument, the arguments for
nfsrv_cache_session() were simplified to take a "struct nfsrv_descript *".
I believe this was introduced in the original '-r' commit, r231911 (2012).
At the time, the scope was limited to a 1 second sleep. r332518 (2018)
added '-R', which increased the potential duration of the affected interval
(from 1 to N seconds) by permitting arbitrary restart intervals.
Instead, handle SIGTERM normally during restart-sleep, when the monitored
process is not running, and shut down promptly.
(I noticed this behavior when debugging a child process that exited quickly
under the 'daemon -r -R 30' environment. 'kill <daemonpid>' had no
immediate effect and the monitor process slept until the next restart
attempt. This was annoying.)
MFC r360040: jail(8): improve manual and usage information
with more clear description for "jail -e" mode
to show that it does not take additional jail name argument.
Reported by: David Marec <david.marec@davenulle.org>
Rick Macklem [Mon, 20 Apr 2020 01:17:00 +0000 (01:17 +0000)]
MFC: r359643
Change the xid for client side krpc over UDP to a global value.
Without this patch, the xid used for the client side krpc requests over
UDP was initialized for each "connection". A "connection" for UDP is
rather sketchy and for the kernel NLM a new one is created every 2minutes.
A problem with client side interoperability with a Netapp server for the NLM
was reported and it is believed to be caused by reuse of the same xid.
Although this was never completely diagnosed by the reporter, I could see
how the same xid might get reused, since it is initialized to a value
based on the TOD clock every two minutes.
I suspect initializing the value for every "connection" was inherited from
userland library code, where having a global xid was not practical.
However, implementing a global "xid" for the kernel rpc is straightforward
and will ensure that an xid value is not reused for a long time. This
patch does that and is hoped it will fix the Netapp interoperability
problem.
Untangle TPR shadowing and APIC virtualization.
This speeds up Windows guests tremendously.
The patch does:
Add a new tuneable 'hw.vmm.vmx.use_tpr_shadowing' to disable TLP shadowing.
Also add 'hw.vmm.vmx.cap.tpr_shadowing' to be able to query if TPR shadowing is used.
Detach the initialization of TPR shadowing from the initialization of APIC virtualization.
APIC virtualization still needs TPR shadowing, but not vice versa.
Any CPU that supports APIC virtualization should also support TPR shadowing.
When TPR shadowing is used, the APIC page of each vCPU is written to the VMCS_VIRTUAL_APIC field of the VMCS
so that the CPU can write directly to the page without intercept.
On vm exit, vlapic_update_ppr() is called to update the PPR.
GeƤnderte Pfade:
M /head/sys/amd64/vmm/intel/vmx.c M /head/sys/amd64/vmm/io/vlapic.c M
/head/sys/amd64/vmm/io/vlapic.h
MFC r348873: Enable touch and trackpads by default
Enable synaptics and elantech touchpads, as well as IBM/Lenovo TrackPoints
by default, instead of having users find and toggle a loader tunable.
This makes things like two finger scroll and other modern features work out
of the box with X. By enabling these settings by default, we get a better
desktop experience in X, since xserver and evdev can make use of the more
advanced synaptics and elantech features.
The geli(8) manual page has an example for preloading keyfiles during boot.
There is no detail though on how the lookup of these variables actually
works.
Let's document that the name of a device does not have to be a part
of the variable.