marius [Sun, 2 Jul 2017 19:13:01 +0000 (19:13 +0000)]
Retry up to 20 ms to enable bus power as at least with some Intel
SDHCI/eMMC controllers the first attempt after a D3 to D0 transition,
i. e. when the firmware has put the devices into D3 state before,
can fail.
andrew [Sun, 2 Jul 2017 08:52:08 +0000 (08:52 +0000)]
In the arm64 pmap_remove, when removing a full superpage there is no need
to demote it to 512 pages, then remove each of these. We can just remove
the l2 map directly. This is what the intel pmaps already do.
Most important, use a correct signature for the
__pthread_cleanup_push_imp() stub, which was incorrectly generated
with two-args variant. The pthread_cleanup_info pointer was corrupted
in the forwarded call to the real libthr implementation, visible on
PowerPC and possibly ARM. [1]
Found and tested by: Mark Millard <markmi@dsl-only.net> [1]
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Modify vm_map_growstack() to protect itself from the possibility of the
gap entry in the vm map being smaller than the sysctl-derived stack guard
size. Otherwise, the value of max_grow can suffer from overflow, and the
roundup(grow_amount, sgrowsiz) will not be properly capped, resulting in
an assertion failure.
Port PowerPC kqueue(2) compat32 fix in r320500 to MIPS.
All 32bit MIPS ABIs align uint64_t on 8-byte. Since struct kevent32
is defined using 32bit types to avoid extra alignment on amd64/i386,
layout of the structure needs paddings on PowerPC and apparently MIPS.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D11434
Integer underflow in efipart_realstrategy when I/O starts after end of disk
This fixes an integer underflow in efipart_realstrategy, which causes
crashes when an I/O operation's start point is after the end of the disk.
This can happen when trying to detect filesystems on very small disks.
This can occur if a BIOS freebsd-boot partition exists on a system when the
EFI loader is being used.
By default LLD links with relocations disallowed against readonly
sections (e.g., .text), but the 32-bit ARM EFI & uboot boot bits require
such relocations. -znotext is either ignored as an unknown -z option
(in-tree lld 2.17.50) or is already the default (GNU ld or GNU gold from
ports) so we can just add it unconditionally to allow building with LLD.
This is similar to the change in r320179 for the kernel link.
When "force" is specified to pmap_invalidate_cache_range(), the given
start address is not required to be page aligned. However, the loop
within pmap_invalidate_cache_range() that performs the actual cache
line invalidations requires that the starting address be truncated to
a multiple of the cache line size. This change corrects an error in
that truncation.
andrew [Sat, 1 Jul 2017 09:38:52 +0000 (09:38 +0000)]
Remove all calls to cpu_dcache_wb_range from the arm64 pmap code. These
were unneeded as we tell the tlb the pagetables are in cached memory. This
gives us a small, but statistically significant improvement over just
removing the PTE_SYNC cases.
--Remove special-case handling of sparc64 bus_dmamap* functions.
Replace with a more generic mechanism that allows MD busdma
implementations to generate inline mapping functions by
defining WANT_INLINE_DMAMAP in <machine/bus_dma.h>. This
is currently useful for sparc64, x86, and arm64, which all
implement non-load dmamap operations as simple wrappers
around map objects which may be bus- or device-specific.
--Remove NULL-checked bus_dmamap macros. Implement the
equivalent NULL checks in the inlined x86 implementation.
For non-x86 platforms, these checks are a minor pessimization
as those platforms do not currently allow NULL maps. NULL
maps were originally allowed on arm64, which appears to have
been the motivation behind adding arm[64]-specific barriers
to bus_dma.h, but that support was removed in r299463.
--Simplify the internal interface used by the bus_dmamap_load*
variants and move it to bus_dma_internal.h
--Fix some drivers that directly include sys/bus_dma.h
despite the recommendations of bus_dma(9)
Reviewed by: kib (previous revision), marius
Differential Revision: https://reviews.freebsd.org/D10729
Change blst_leaf_alloc() to handle a cursor argument, and to improve
performance.
To find in the leaf bitmap all ranges of sufficient length, use a doubling
strategy with shift-and-and until each bit still set represents a bit
sequence of length 'count', or until the bitmask is zero. In the latter
case, update the hint based on the first bit sequence length not found to
be available. For example, seeking an interval of length 12, the set bits
of the bitmap would represent intervals of length 1, then 2, then 3, then
6, then 12. If no bits are set at the point when each bit represents an
interval of length 6, then the hint can be updated to 5 and the search
terminated.
If long-enough intervals are found, discard those before the cursor. If
any remain, use binary search to find the position of the first of them,
and allocate that interval.
Fix sign of resid and add a mostly useless cast to cope with signed vs
unsigned check warnings from traditional unix code construsts bogusly
flagged as potentially unsafe.
rlibby [Fri, 30 Jun 2017 22:14:22 +0000 (22:14 +0000)]
netfront.c: avoid gcc variably-modified warning
gcc produces a "variably modified X at file scope" warning for
structures that use these size definitions. I think the definitions are
actually fine but can be rephrased with the __CONST_RING_SIZE macro more
cleanly anyway.
kib [Fri, 30 Jun 2017 20:27:51 +0000 (20:27 +0000)]
In the stdio cleanup push and pop wrappers, always call libc stubs for
__pthread_cleanup_push/pop_imp instead of symbols also exported from
libthr.
This prevents calls into libthr if libthr is not yet initialized. The
situation occurs e.g. when an LD_PRELOADed object is not linked
against libthr, but the main binary is.
Reported and tested by: jbeich
PR: 220381
Discussed with: vangyzen
Sponsored by: The FreeBSD Foundation
MFC after: 13 days
emaste [Fri, 30 Jun 2017 16:34:17 +0000 (16:34 +0000)]
bsd.linker.mk: add band-aid for linker invocation failure
In some cases bsd.linker.mk reports an error like:
make[4]: ".../share/mk/bsd.linker.mk" line 56:
Unknown linker from LD=ld -m elf32ppc_fbsd:"
For now change this to a .warning, and then assume GNU ld 2.17.50.
At present the linker type detection is used only for enabling build-id,
and we can carry on without it when type detection fails.
Also, show errors from ${LD} --version to aid in failure diagnosis.
Successful invocations of ${LD} --version produce no output on stderr
so this will not create any spam in non-failing builds.
Tested by: swills
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D11424
kib [Fri, 30 Jun 2017 16:16:21 +0000 (16:16 +0000)]
Correct fences for sys/refcount.h.
The acq barrier in refcount_acquire() has no use, constructor must
ensure that the changes are visible before publication by other means.
Last release must sync/with the constructor and all updaters.
This is based on the refcount/shared_ptr analysis I heard at the Hans
Boehm and Herb Sutter talks about C++ atomics.
Reviewed by: alc, jhb, markj
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D11270
alc [Fri, 30 Jun 2017 15:49:36 +0000 (15:49 +0000)]
Clear the MAP_WIREFUTURE flag on the vm map in exec_new_vmspace() when it
recycles the current vm space. Otherwise, an mlockall(MCL_FUTURE) could
still be in effect on the process after an execve(2), which violates the
specification for mlockall(2).
It's pointless for vm_map_stack() to check the MEMLOCK limit. It will
never be asked to wire the stack. Moreover, it doesn't even implement
wiring of the stack.
delphij [Fri, 30 Jun 2017 07:04:10 +0000 (07:04 +0000)]
Revert r300385 and r300624 which was false positive
reported by cppcheck.
dup_ncp() tries to allocate a buffer of MAXNETCONFIGLINE
as tmp, which is then assigned to p->nc_netid via strcpy,
so the free(p->nc_netid) would have correctly released
the memory in case nc_lookups() fails, therefore, the
allerged leak never existed.
imp [Thu, 29 Jun 2017 23:15:28 +0000 (23:15 +0000)]
Improve wdc error log pulling.
After review by the WDC engineers, improve how we pull down the
so-called 'e6' logs. The 'c6' logs are obsolete and support for them
has been removed because FreeBSD needed to pull them in chunks, which
is incompatible with the 0xc6 opcode implementation. Rather than leave
the code in place that produces bad log pulls, remove it.
jhb [Thu, 29 Jun 2017 21:31:13 +0000 (21:31 +0000)]
Store a 32-bit PT_LWPINFO struct for 32-bit process core dumps.
Process core notes for a 32-bit process running on a 64-bit host need to
use 32-bit structures so that the note layout matches the layout of notes
of a core dump of a 32-bit process under a 32-bit kernel.
kib [Thu, 29 Jun 2017 14:44:17 +0000 (14:44 +0000)]
Make stdio deferred cancel-safe.
If used with fopen(3)/fdopen(3)-ed FILEs, stdio accurately uses
non-cancellable internal versions of the functions, i.e. it seems to
be fine with regard to cancellation. But if the funopen(3) and
f{r,w}open(3) functions were used to open the FILE, and corresponding
user functions create cancellation points (they typically have no
other choice), then stdio code at least leaks FILE' lock.
The change installs cleanup handler which unlocks FILE. Some minimal
restructuring of the code was required to make it use common return
place to satisfy hand-rolled pthread_cleanup_pop() requirements.
Noted by: eugen
Reviewed by: eugen, vangyzen
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D11246
andrew [Thu, 29 Jun 2017 14:00:05 +0000 (14:00 +0000)]
Start to remove _libc_arm_fpu_present checks. We don't support the VFP on
ARMv4 or ARMv5, and only support it when it's present on ARMv6 and later.
As such always store the VFP register in setjmp and restore them in
longjmp when building for armv6.
ian [Thu, 29 Jun 2017 01:50:58 +0000 (01:50 +0000)]
Add iic_recover_bus(), a helper function that can be used by any i2c driver
which is able to manipulate the clock and data lines directly.
When an i2c bus is hung by a slave device stuck in the middle of a
transaction that didn't complete properly, this function manipulates the
clock and data lines in a sequence known to reliably reset slave devices.
The most common cause of a hung i2c bus is a system reboot in the middle of
an i2c transfer (so it doesnt' happen often, but now there is a way other
than power cycling to recover from it).
ian [Thu, 29 Jun 2017 00:29:15 +0000 (00:29 +0000)]
If an i2c transfer ends due to error, issue a stop on the bus even if the
nostop option is set, if a start was issued.
The nostop option doesn't mean "never issue a stop" it means "only issue
a stop after the last in a series of transfers". If the transfer ends
due to error, then that was the last transfer in the series, and a stop
is required.
Before this change, any error during a transfer when nostop is set would
effectively hang the bus, because sc->started would never get cleared,
and that caused all future calls to iicbus_start() to return an error
because it looked like the bus was already active. (Unrelated errors in
handling the nostop option, to be addressed separately, could lead to
this bus hang condition even on busses that don't set the nostop option.)
rmacklem [Wed, 28 Jun 2017 21:37:08 +0000 (21:37 +0000)]
Fix an NFSv3 client case that probably never happens.
If an NFSv3 server were to reply with weak cache consistency attributes,
but not post operation attributes, the client would use garbage attributes
from memory. This was spotted during work on the code for the NFSv4.1 client.
I have never seen evidence that this happens and it wouldn't make sense
for an NFSv3 server to do this, so this patch is basically "theoretical",
but does fix the problem if a server were to do the above.
ian [Wed, 28 Jun 2017 20:28:47 +0000 (20:28 +0000)]
Implement gpio input by reading the pad state register, not the data register.
When a pin is set for input the value in the DR will be the same as the PSR.
When a pin is set for output the value in the DR is the value output to the
pad, and the value in the PSR is the actual electrical level sensed on the
pad, and they can be different if the pad is configured for open-drain mode
and some other entity on the board is driving the line low.
mckusick [Wed, 28 Jun 2017 17:32:09 +0000 (17:32 +0000)]
Create a new function ffs_getcg() to read in and verify a cylinder
group. Change all code points that open-coded this functionality
to use the new function. This commit is a refactoring with no
change in functionality.
In the future this change allows more robust checking of cylinder
group reads along the lines discussed in the hardening UFS session
at BSDCan (retry I/O, add checksums, etc). For more detail see the
session notes at https://wiki.freebsd.org/DevSummit/201706/HardeningUFS
avg [Wed, 28 Jun 2017 13:59:20 +0000 (13:59 +0000)]
fix an architectural problem introduced in r320156, ZFS ABD import
The implementation of ZFS refcount_t uses the emulated illumos mutex
(the sx lock) and the waiting memory allocation when ZFS_DEBUG is
enabled. This makes refcount_t unsuitable for use in GEOM g_up
thread where sleeping is prohibited.
When importing the ABD change I modified vdev_geom using illumos
vdev_disk as an example. As a result, I added a call to abd_return_buf
in vdev_geom_io_intr. The latter is called on g_up thread while the
former uses refcount_t.
This change fixes the problem by deferring the abd_return_buf call to
the previously unused vdev_geom_io_done that is called on a ZFS zio
taskqueue thread where sleeping is allowed.
A side bonus of this change is that now a vdev zio has a pointer
to its corresponding bio while the zio is active.
cem [Wed, 28 Jun 2017 13:56:15 +0000 (13:56 +0000)]
Complete support for IO_APPEND flag in fuse
This finishes what r245164 started and makes open(..., O_APPEND) work again
after r299753.
- Pass ioflags, incl. IO_APPEND, down to the direct write backend (r245164
added it to only the bio backend).
- (r299753 changed the WRONLY backend from bio to direct.)
ngie [Wed, 28 Jun 2017 09:22:45 +0000 (09:22 +0000)]
Pull down pjdfstest 0.1
The summary of changes is as follows..
Generic changes::
- Added configure support [2].
- Check for lchmod filesystem support with create_file(..); for
testcases that require lchmod, skip the testcase -- otherwise
use chmod directly [1].
- Added Travis CI integration [2].
- Added utimensat testcases [1].
Linux support::
- Fixed Linux support to pass on later supported versions of
Fedora/Ubuntu [2].
- Conditionally enable posix_fallocate(2) support [2].
OSX support::
- Fixed compilation on OSX [2].
- Added partial OSX support (the test run isn't fully green yet)
[2].
ngie [Wed, 28 Jun 2017 08:48:09 +0000 (08:48 +0000)]
Pull down pjdfstest 0.1
The summary of changes is as follows..
Generic changes::
- Added configure support [2].
- Check for lchmod filesystem support with create_file(..); for
testcases that require lchmod, skip the testcase -- otherwise
use chmod directly [1].
- Added Travis CI integration [2].
- Added utimensat testcases [1].
Linux support::
- Fixed Linux support to pass on later supported versions of
Fedora/Ubuntu [2].
- Conditionally enable posix_fallocate(2) support [2].
OSX support::
- Fixed compilation on OSX [2].
- Added partial OSX support (the test run isn't fully green yet)
[2].
ngie [Wed, 28 Jun 2017 08:20:51 +0000 (08:20 +0000)]
share/examples/tests/{atf,plain}/Makefile: tweak example Makefile snippets
- Including bsd.own.mk isn't required since no MK_<foo> knobs are being
manipulated.
- Update documentation to note that ${FILES} is installed via bsd.progs.mk,
not bsd.prog.mk.
ngie [Wed, 28 Jun 2017 07:01:22 +0000 (07:01 +0000)]
share/examples/tests/Makefile: clean up example snippets/documentation
- TESTSDIR doesn't need to be specified after r289158.
- Including bsd.own.mk isn't required since no MK_<foo> knobs are being
manipulated.
- TESTS_SUBDIRS should be written out in an append format, one entry
per line, to provide a better, more conflict resistant example.
delphij [Wed, 28 Jun 2017 04:19:54 +0000 (04:19 +0000)]
Chase malloc() change by removing lg_chunk malloc_conf settings.
In jemalloc 5, there are no longer chunks, and as configured on
FreeBSD (the "retain" option defaults to false), the mmap()
requests are precisely sized for the specific needs, which means
the virtual memory overhead should be lower for small applications.
Reviewed by: jasone, ian
Differential Revision: https://reviews.freebsd.org/D11366
kib [Wed, 28 Jun 2017 04:02:36 +0000 (04:02 +0000)]
Treat the addr argument for mmap(2) request without MAP_FIXED flag as
a hint.
Right now, for non-fixed mmap(2) calls, addr is de-facto interpreted
as the absolute minimal address of the range where the mapping is
created. The VA allocator only allocates in the range [addr,
VM_MAXUSER_ADDRESS]. This is too restrictive, the mmap(2) call might
unduly fail if there is no free addresses above addr but a lot of
usable space below it.
Lift this implementation limitation by allocating VA in two passes.
First, try to allocate above addr, as before. If that fails, do the
second pass with less restrictive constraints for the start of
allocation by specifying minimal allocation address at the max bss
end, if this limit is less than addr.
One important case where this change makes a difference is the
allocation of the stacks for new threads in libthr. Under some
configuration conditions, libthr tries to hint kernel to reuse the
main thread stack grow area for the new stacks. This cannot work by
design now after grow area is converted to stack, and there is no
unallocated VA above the main stack. Interpreting requested stack
base address as the hint provides compatibility with old libthr and
with (mis-)configured current libthr.
Reviewed by: alc
Tested by: dim (previous version)
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
ken [Tue, 27 Jun 2017 19:26:02 +0000 (19:26 +0000)]
Fix a panic in camperiphfree().
If a peripheral driver (e.g. da, sa, cd) is added or removed from the
peripheral driver list while an unrelated peripheral driver instance (e.g.
da0, sa5, cd2) is going away and is inside camperiphfree(), we could
dereference an invalid pointer.
When peripheral drivers are added or removed (see periphdriver_register()
and periphdriver_unregister()), the peripheral driver array is resized
and existing entries are moved.
Although we hold the topology lock while we traverse the peripheral driver
list, we retain a pointer to the location of the peripheral driver pointer
and then drop the topology lock. So we are still vulnerable to the list
getting moved around while the lock is dropped.
To solve the problem, cache a copy of the peripheral driver pointer. If
its storage location in the list changes while we have the lock dropped, it
won't have any effect.
This doesn't solve the issue that peripheral drivers ("da", "cd", as opposed
to individual instances like "da0", "cd0") are not generally part of a
reference counting scheme to guard against deregistering them while there
are instances active. The caller (generally the person unloading a module)
has to be aware of active drivers and not unload something that is in use.
sys/cam/cam_periph.c:
In camperiphfree(), cache a pointer to the peripheral driver
instance to avoid holding a pointer to an invalid memory location
in the event that the peripheral driver list changes while we have
the topology lock dropped.
ken [Tue, 27 Jun 2017 17:55:25 +0000 (17:55 +0000)]
In scsi_zbc_in(), fill in the length in the ZBC IN CDB.
Without the allocation length set, the target will either reject
the command or complete it without transferring any data.
This fixes the REPORT ZONES command for SCSI ZBC protocol devices,
as well as ATA ZAC protocol devices that are behind a SCSI to ATA
translation layer. (LSI/Broadcom's 12Gb SAS adapters translate ZBC
commands to ZAC commands.) Those are Host Aware and Host Managed SMR
drives.
This will fix REPORT ZONE commands sent to the da(4) driver via the
GEOM bio interface and zonectl, and REPORT ZONE commands sent from
camcontrol(8).
Note that in the case of camcontrol(8), we currently only send
SCSI ZBC commands to native SCSI protocol devices, not ATA devices
behind a SAT layer.
sys/cam/scsi/scsi_da.c:
Fill in the length field in scsi_zbc_in().
alc [Tue, 27 Jun 2017 17:45:26 +0000 (17:45 +0000)]
Address the remaining integer overflow issues with the "skip" parameters
and "next_skip" variables. The "skip" value in struct blist has long been
a 64-bit quantity but various functions have implicitly truncated this
value to 32 bits. Now, all arithmetic involving the "skip" value is 64
bits wide. (This should allow us to relax the size limit on a swap device
in the swap pager.)
Maintain the ability to test this allocator as a user-space application by
including <stdbool.h>.
Remove an unused variable from blst_radix_print().
ngie [Tue, 27 Jun 2017 17:01:46 +0000 (17:01 +0000)]
Fix LINT, broken by a -Wformat warning in r320329 with PFS_DELEN being
changed from %d to a long-width type.
Use uintmax_t casting and %ju to futureproof the format string against
potential changes with either the #define or the implementation-specific
definition for offsetof(..).