Justin Hibbits [Mon, 6 May 2019 03:35:44 +0000 (03:35 +0000)]
MFC r344613:
powerpc/mpc85xx: Synchronize timebase the platform correct way
Summary:
To safely synchronize timebase we need to disable the timebase on all
cores, set timebase, and resynchronize. This adds two new devices, mutually
exclusive, which attach on the SoC simplebus, to freeze and unfreeze the
timebase. The devices are singletons, and platform-specific, so no reason
to make them optional and in separate files.
This was found to be necessary for top(1) to work correctly on an AmigaOne
X5000 (P5020 SoC). It also fixes bufdaemon and bufspacedaemon hangs at
shutdown.
Justin Hibbits [Mon, 6 May 2019 03:15:07 +0000 (03:15 +0000)]
MFC r339559,344083,344202,344203,344204
Bulk merge of Book-E pmap changes
r339559: powerpc/booke: Turn tlb*_print_tlbentries() into 'show tlb*' DDB
commands
r344083: powerpc/booke: Use the 'tlbilx' instruction on newer cores
r344202,344204: powerpc/booke: Use DMAP where possible for page copy and zeroing
r344203: powerpc/booke: depessimize MAS register updates
Rick Macklem [Mon, 6 May 2019 03:06:22 +0000 (03:06 +0000)]
MFC: r346856
Add #ifdef INET6 around declaration of nbuf.
It was reported that without #ifdef INET6 around the declaration of "nbuf",
a build would report an unused variable. For some reason, I didn't see that
warning when I did a build, but it seems reasonable to add these #ifdef INET6's.
r347027:
libbe(3): Properly mount BEs with mountpoint=none
Instead of pretending to successfully mount them while not actually
mounting anything, we'll now actually mount them *and* claim we mounted them
successfully.
Reported by: ler
r347028:
libbe: set mountpoint=none in be_import
If we're going to set a mountpoint at all, mountpoint=none makes more sense
than mountpoint=/.
Kyle Evans [Mon, 6 May 2019 02:08:52 +0000 (02:08 +0000)]
MFC r347021: fdt: Fix installation of aarch64 dtb
r345519 rewrote parts of how we build .dtb, but mistakenly dropped the
vendor dir for aarch64. Simply drop the :T for building ${DTB} in the
aarch64 case- it'll get applied at install-time as-needed, with :H:T for
determining the vendor dir.
Michael Tuexen [Sat, 4 May 2019 13:58:45 +0000 (13:58 +0000)]
MFC r346854:
Some test scripts use ncat --sctp --listen port to run an SCTP discard
server in the background. However, when running in the background,
stdin is closed and ncat initiates a graceful shutdown of the SCTP
association. This is not expected by the client. Therefore, the
ncat-based discard server is replaced by a perl-based one.
In addition, to remove the dependency from ncat, which needs to be
installed via the nmap port, also the code testing for a free SCTP port
is changed to use the perl-based client.
Finally, remove some debug output from the report generated.
Michael Tuexen [Sat, 4 May 2019 13:55:51 +0000 (13:55 +0000)]
MFC r346400:
Improve input validation for the socket option IPV6_CHECKSUM.
When using the IPPROTO_IPV6 level socket option IPV6_CHECKSUM on a raw
IPv6 socket, ensure that the value is either -1 or a non-negative even
number.
MFC r346401:
Avoid a buffer overwrite in rip6_output() when computing the checksum
as requested by the user via the IPPROTO_IPV6 level socket option
IPV6_CHECKSUM. The check if there are enough bytes in the packet to
store the checksum at the requested offset was wrong by 1.
MFC r346402:
When a checksum has to be computed for a received IPv6 packet because it
is requested by the application using the IPPROTO_IPV6 level socket option
IPV6_CHECKSUM on a raw socket, ensure that the packet contains enough
bytes to contain the checksum at the specified offset.
MFC r346406:
When an IPv6 packet is received for a raw socket which has the
IPPROTO_IPV6 level socket option IPV6_CHECKSUM enabled and the
checksum check fails, drop the message. Without this fix, an
ICMP6 message was sent indicating a parameter problem.
Thanks to bz@ for suggesting a way to simplify this fix.
MFC: r346715: Acpi MADT table correction for VM_MAXCPU > 21
The bhyve acpi MADT table was given a static space of 256 (0x100) bytes,
this is enough space to allow VM_MAXCPU to be 21, this patch changes that
so VM_MAXCPU can be of arbitrary value and not overflow the space by
actually calculating the space needed for the table.
Michael Tuexen [Sat, 4 May 2019 13:05:21 +0000 (13:05 +0000)]
MFC r346197:
When sending a routing message, don't allow the user to set the
RTF_RNH_LOCKED flag in rtm_flags, since this flag is used only
internally.
Michael Tuexen [Sat, 4 May 2019 13:02:46 +0000 (13:02 +0000)]
MFC r346182:
When sending IPv4 packets on a SOCK_RAW socket using the IP_HDRINCL option,
ensure that the ip_hl field is valid. Furthermore, ensure that the complete
IPv4 header is contained in the first mbuf. Finally, move the length checks
before relying on them when accessing fields of the IPv4 header.
Michael Tuexen [Sat, 4 May 2019 12:07:00 +0000 (12:07 +0000)]
MFC r345461:
Limit the size of messages sent on 1-to-many style SCTP sockets with the
SCTP_SENDALL flag. Allow also only one operation per SCTP endpoint.
This fixes an issue found by running syzkaller and is joint work with rrs@.
Michael Tuexen [Sat, 4 May 2019 11:15:01 +0000 (11:15 +0000)]
MFC r344872:
After removing an entry from the stream scheduler list, set the pointers
to NULL, since we are checking for it in case the element gets inserted
again.
Michael Tuexen [Sat, 4 May 2019 11:13:03 +0000 (11:13 +0000)]
MFC r344742:
Allocate an assocition id and register the stcb with holding the lock.
This avoids a race where stcbs can be found, which are not completely
initialized.
Michael Tuexen [Sat, 4 May 2019 10:06:17 +0000 (10:06 +0000)]
MFC r343960:
Fix a locking issue in the IPPROTO_SCTP level SCTP_PEER_ADDR_THLDS socket
option. The problem affects only setsockopt with invalid parameters.
Michael Tuexen [Sat, 4 May 2019 10:04:00 +0000 (10:04 +0000)]
MFC r340179:
Don't use a function when neither INET nor INET6 are defined.
This is a valid case for the userland stack, where this fixes
two set-but-not-used warnings in this case.
Thanks to Christian Wright for reporting the issue.
Michael Tuexen [Sat, 4 May 2019 09:25:32 +0000 (09:25 +0000)]
MFC r343951:
Fix locking for IPPROTO_SCTP level SCTP_DEFAULT_PRINFO socket option.
This problem occurred when calling setsockopt() will invalid parameters.
Michael Tuexen [Sat, 4 May 2019 09:11:17 +0000 (09:11 +0000)]
MFC r343661:
When handling SYN-ACK segments in the SYN-RCVD state, set tp->snd_wnd
consistently.
This inconsistency was observed when working on the bug reported in
PR 235256, although it does not fix the reported issue. The fix for
the PR will be a separate commit.
PR: 235256
Reviewed by: rrs@, Richard Scheffenegger
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D19033
Michael Tuexen [Sat, 4 May 2019 09:07:53 +0000 (09:07 +0000)]
MFC r343525:
Fix the detection of ECN-setup SYN-ACK packets.
RFC 3168 defines an ECN-setup SYN-ACK packet as on with the ECE flags
set and the CWR flags not set. The code was only checking if ECE flag
is set. This patch adds the check to verify that the CWR flags is not
set.
Submitted by: Richard Scheffenegger
Reviewed by: tuexen@
Differential Revision: https://reviews.freebsd.org/D18996
Rick Macklem [Fri, 3 May 2019 02:58:33 +0000 (02:58 +0000)]
MFC: r346424
Add support for the ModeSetMasked attribute to the NFSv4.1 server.
I do not know of an extant NFSv4.1 client that currently does a Setattr
operation for the ModeSetMasked, but it has been discussed on the linux-nfs
mailing list.
This patch adds support for doing a Setattr of ModeSetMasked, so that it
will work for any future NFSv4.1 client that chooses to do so.
Tested via a hacked FreeBSD NFSv4.1 client.
Rick Macklem [Fri, 3 May 2019 02:44:57 +0000 (02:44 +0000)]
MFC: r346423
Replace "vp" with NULL to make the code more readable.
At the time of this nfsv4_sattr() call, "vp == NULL", so this patch doesn't
change the semantics, but I think it makes the code more readable.
It also makes it consistent with the nfsv4_sattr() call a few lines above
this one. Found during code inspection.
Rick Macklem [Fri, 3 May 2019 02:03:29 +0000 (02:03 +0000)]
MFC: r346365
Fix the NFSv4.0 server so that it does not support NFSv4.1 attributes.
During inspection of a packet trace, I noticed that an NFSv4.0 mount
reported that it supported attributes that are only defined for NFSv4.1.
In practice, this bug appears to be benign, since NFSv4.0 clients will
not use attributes that were added for NFSv4.1.
However, this was not correct and this patch fixes the NFSv4.0 server
so that it only supports attributes defined for NFSv4.0.
It also adds a definition for NFSv4.1 attributes that can only be set,
although it is only defined as 0 for now.
This is anticipation of the addition of support for the NFSv4.1 mode+mask
attribute soon.
Glen Barber [Fri, 3 May 2019 00:45:31 +0000 (00:45 +0000)]
MFC r346959:
Reduce the default image size for virtual machine disk images from
30GB to 3GB. The raw images can be resized using truncate(1), and
other formats can be resized with tools included in hypervisors.
Enable the growfs(8) rc(8) at firstboot if the disk was resized
prior to booting the virtual machine for the first time.
Rick Macklem [Thu, 2 May 2019 01:02:26 +0000 (01:02 +0000)]
MFC: r346709
Add support to nfsdumpstate for printing of INET6 addresses for locks.
r346190 added support for printing of INET6 addresses for the "-o" option
(all opens) but missed adding support for INET6 addresses for the "-l" option.
This patch adds that support.
John Baldwin [Wed, 1 May 2019 21:45:15 +0000 (21:45 +0000)]
MFC 345655: Remove nested epochs from lagg(4).
lagg_bcast_start appeared to have a bug in that was using the last
lagg port structure after exiting the epoch that was keeping that
structure alive. However, upon further inspection, the epoch was
already entered by the caller (lagg_transmit), so the epoch enter/exit
in lagg_bcast_start was actually unnecessary.
This commit generally removes uses of the net epoch via LAGG_RLOCK to
protect the list of ports when the list of ports was already protected
by an existing LAGG_RLOCK in a caller, or the LAGG_XLOCK.
It also adds a missing epoch enter/exit in lagg_snd_tag_alloc while
accessing the lagg port structures. An ifp is still accessed via an
unsafe reference after the epoch is exited, but that is true in the
current code and will be fixed in a future change.
John Baldwin [Wed, 1 May 2019 18:17:42 +0000 (18:17 +0000)]
MFC 346066: Refine r330113 to honor the ProducerConsumer flag most of the time.
While it is true that the ACPI spec says that the flag is only valid
on Extended Address Space Descriptors, examples of other descriptors
in the spec use the ProducerConsumer flag explicitly, and real
hardware uses it as well. In fact, even in the ASL of the Thunder X2
for which r330113 was a workaround, some devices use this flag on
non-Extended Address Space Descriptors correctly. Instead, only
ignore the flag for resources associated with the UART devices on the
Thunder X2 using the "ARMH0011" HID to identify these devices.
This should fix regressions from ignoring this flag in other contexts
such as Hyper-V.
John Baldwin [Wed, 1 May 2019 17:30:14 +0000 (17:30 +0000)]
MFC 346063: Don't pre-reserve resources for CPU devices when they are set.
CPUs can use shared (RF_SHAREABLE) resources for the I/O port used for
entering and exiting C states. If this I/O port is included in an ACPI
system resource device, then this happens to still work, but if the port
wasn't part of a system resource device, only the first CPU could allocate
the I/O port and use C states since resource_list_reserve() was always
allocating the resource from nexus0 without RF_SHAREABLE. By avoiding
the reservation, the flags from the bus_alloc_resource() in the CPU driver
(which include RF_SHAREABLE) are honored.
Alexander Motin [Wed, 1 May 2019 13:42:56 +0000 (13:42 +0000)]
MFC r346644: Call delist_dev() before destroy_dev_sched_cb().
destroy_dev_sched_cb() is excessively asynchronous, and during media change
retaste new provider may appear sooner then device of the previous one get
destroyed.
MFC r345843:
Follow the declared behaviour that specifies server string format in
bsnmpclient(3).
snmp_parse_server() function accepts string where some fields can be
omitted: [trans::][community@][server][:port]
"trans" field can be "udp", "udp6", "dgram" and "stream".
"community" can be empty string, if it is omitted, the default value
will be used. For read_community it is "public", for write_comminity
it is "private". "server" field can be hostname, IPv4 address or IPv6
address. IPv6 address should be specified in brackets "[]".
If port is omitted, the default value "snmp" will be used for "udp"
and "udp6" transports. So, now for bsnmpget(1) and bsnmwalk(1) it is
not required to specify all fields in argument of '-s' option. E.g.
This patch adds a new table begemotSnmpdTransInetTable that uses the
InetAddressType textual convention and can be used to create listening
ports for IPv4, IPv6, zoned IPv6 and based on DNS names. It also supports
future extension beyond UDP by adding a protocol identifier to the table
index. In order to support this gensnmptree had to be modified.
Submitted by: harti
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D16654
MFC r346263:
tcpdump: disable Capsicum if -E option is provided.
The -E is used to provide a secret for decrypting IPsec.
The secret may be provided through command line or as the file.
The problem is that tcpdump doesn't support yet opening files in capability mode
and the file may contain a list of the files to open.
As a workaround, for now, let's just disable capsicum if the -E
the option is provided.
Cy Schubert [Wed, 1 May 2019 01:42:38 +0000 (01:42 +0000)]
MFC r341759, r341796, r341839, r341989, r346591:
The following five MFCs update wpa 2.6 --> 2.8.
r341759:
MFV r341618: Update wpa 2.6 --> 2.7.
r341796:
Clean stale wpa dependencies and objects after r341759
The wpa update added some source files with the same name as a file in
another directory (found via .PATH in the previous version). Having a
stale entry in a .depend file means the new file won't be built, so test
for this case and if found remove all of wpa's dependency files.
Sponsored by: The FreeBSD Foundation
r341839:
Set default ciphers.
Submitted by: jkim@
r341989:
Makefile.inc1: update stale wpa dependency removal statement
Only stale .depend files are removed; do not mention object files.
John Baldwin [Tue, 30 Apr 2019 23:53:54 +0000 (23:53 +0000)]
MFC 344711: Fix missed posted interrupts in VT-x in bhyve.
When a vCPU is HLTed, interrupts with a priority below the processor
priority (PPR) should not resume the vCPU while interrupts at or above
the PPR should. With posted interrupts, bhyve maintains a bitmap of
pending interrupts in PIR descriptor along with a single 'pending'
bit. This bit is checked by a CPU running in guest mode at various
places to determine if it should be checked. In addition, another CPU
can force a CPU in guest mode to check for pending interrupts by
sending an IPI to a special IDT vector reserved for this purpose.
bhyve had a bug in that it would only notify a guest vCPU of an
interrupt (e.g. by sending the special IPI or by resuming it if it was
idle due to HLT) if an interrupt arrived that was higher priority than
PPR and no interrupts were currently pending. This assumed that if
the 'pending' bit was set, any needed notification was already in
progress. However, if the first interrupt sent to a HLTed vCPU was
lower priority than PPR and the second was higher than PPR, the first
interrupt would set 'pending' but not notify the vCPU, and the second
interrupt would not notify the vCPU because 'pending' was already set.
To fix this, track the priority of pending interrupts in a separate
per-vCPU bitmask and notify a vCPU anytime an interrupt arrives that
is above PPR and higher than any previously-received interrupt.
This was found and debugged in the bhyve port to SmartOS maintained by
Joyent. Relevant SmartOS bugs with more background:
cxgbe(4): Make sure bundled_fw is always initialized before use.
This fixes a bug that prevented the driver from auto-flashing the
firmware when it didn't see one on the card. This feature was
introduced in r321390 and this bug was introduced in r343269.
cxgbe/netmap: Fix cxgbe netmap when interface is DOWN
A kernel panic can occur if the cxgbe interface is DOWN
when activating netmap. This patch prevents the driver
from freeing up cxgbe netmap resources when they have not
been allocated.
Submitted by: Nicolas Witkowski <nwitkowski@verisign.com>
Reviewed by: np
Sponsored by: Verisign, Inc.
Differential Revision: https://reviews.freebsd.org/D17802
fw_outstanding"(outstanding IOs at firmware level) counter gets screwed up when R1 fastpath
writes are running. Some of the cases which are not handled properly in driver are:
1. With R1 fastpath supported, single write from CAM layer can consume 2 MPT frames
at driver/firmware level for fastpath qualification(if fw_outstanding < controller Queue Depth).
Due to this driver has to throttle IOs coming from CAM layer as well as second fastpath
write(of R1 write) against Adapter Queue Depth.
If "fw_outstanding" reaches to adapter queue depth, driver should return IOs from CAM layer with
device busy status.While allocating second MPT frame(corresponding to R1 FP write) also, driver
should ensure fw_outstanding should not exceed adapter QD.
2. For R1 fastpath writes completion, driver decrements "fw_oustanding" counter without
really returning MPT frame to free pool. It may cause IOs(with heavy IOs running, consuming whole
adapter Queue Depth) consuming MPT frames reserved for DCMDs(management commands) and
DCMDs(internal and sent by application) not getting MPT frame will start failing.
Below is one test case to hit the issue described above-
1. Run heavy IOs (outstanding IOs should hit adapter Queue Depth).
2. Run management tool (Broadcom's storcli tool) querying adapter in loop (run command- "storcli64 /c0 show" in loop).
3. Management tool's requests would start failing due to non-availability of free MPT frames as all frames would be consumed by IOs.
Fix: Increment/decrement of "fw_outstanding" counter should be in sync with MPT frame get/return.
r345058
Allocated MFI frames should be same as MPT frames reserved for DCMDs
Ian Lepore [Tue, 30 Apr 2019 00:54:31 +0000 (00:54 +0000)]
MFC r346489:
Move the reporting of spurious interrupts under bootverbose control, because
occasional spurious interrupts are a normal thing on this hardware. Also,
change the name of the cpu-local interrupt controller driver from local_intc
to lintc, because the name gets built into interrupt names, which have to
fit into a 19-byte field for stats reporting (so this allows 5 more bytes
of the actual interrupt name to be displayed).
Enji Cooper [Mon, 29 Apr 2019 23:07:19 +0000 (23:07 +0000)]
MFC r345351:
r345351 (by bdrewery):
Build common kernel dependencies before modules.
This ensures files like genassym.o and awk/mfiles are generated before
descending into the modules build. It may also allow some module builds
to not recreate files that are already present in the KERNBUILDDIR.
This fixes a rare build race where genassym.o is missing and assym.inc
is empty.
More work is planned around this to reduce some redundant dependency
generation in modules.
Enji Cooper [Mon, 29 Apr 2019 19:32:11 +0000 (19:32 +0000)]
MFC r345723:
PROG_OVERRIDE_VARS should override default values if specified
The behavior prior to this change would not override default values if set in
`bsd.own.mk`, or (in the more general case) globally before `bsd.progs.mk` was
included. This affected `bsd.test.mk` as well, since it consumes
`bsd.progs.mk`.
Some examples of this failing behavior are as follows:
* `BINMODE` defaults to 0555 per `bsd.own.mk`. If someone wanted to set the
`BINMODE` to `NOBINMODE` (0444) for `prog`, for example, like
`BINMODE.prog= ${NOBINMODE}`, `bsd.progs.mk` would not honor the per-PROG
setting.
* An application, `prog`, does not build at `WARNS?= 6`. Before this change,
setting to a lower `WARNS` value, e.g., `WARNS.prog= 3`, would have been
impossible, requiring that `prog` be built from another directory,
the global `WARNS` be lowered, or a per-PROG value needing to be set
across the board. None of the above workarounds is desirable.
This change unbreaks variables defined in `PROG_OVERRIDE_VARS` which have
defaults set before `bsd.progs.mk` is included, by setting them to their
defined values if set on a per-PROG basis.
Enji Cooper [Mon, 29 Apr 2019 19:12:47 +0000 (19:12 +0000)]
MFC r346539:
Fix `get_int_via_sysctlbyname(..)` on Jenkins
Initialize `oldlen` to the size of the value, instead of leaving the value
unitialized. Leaving it unitialized seems to work by accident on amd64 when
running 64-bit programs, but not on i386.
This matches patterns in use in other programs.
PR: 237458
Tested on: ^/head (amd64), ^/stable/11 (i386)
Alexander Motin [Mon, 29 Apr 2019 19:10:24 +0000 (19:10 +0000)]
MFC r344192 (by sef): Add support for a virtual hostname to nfsd
Specifically, this allows (via "-V vhostname") telling nfsd what principal
to use, instead of the hostname. This is used at iXsystems for fail-over in
HA systems.
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D19191
Enji Cooper [Mon, 29 Apr 2019 19:09:44 +0000 (19:09 +0000)]
MFC r346542:
Fix sys.kern.coredump_phnum_test.coredump_phnum on i386
The zero-padding when printing out the Size field is on 32-bit architectures is
5, not 15. Adjust the regular expression to work with both the 32-bit and
64-bit case.
r346568: ar: test for writing 64-bit format only if symbol count is nonzero
This is a minor simplification; if we do not have any symbols the empty
symbol table can be in 32-bit format.
r346569: ar: use array notation to access s_so
This is somewhat more readable than pointer arithmetic. Also remove an
unnecessary cast while here.
r346582: ar: shuffle symbol offsets during conversion for 32-bit ar archives
During processing we maintain symbol offsets in the 64-bit s_so array,
and when writing the archive convert to 32-bit if no offsets are greater
than 4GB. However, this was somewhat inefficient as we looped over the
array twice: first, converting to big endian and second, writing each
32-bit value one at a time (and incorrectly so on big-endian platforms).
Instead, when writing a 32-bit archive shuffle convert symbol data to
big endian (as required by the ar format) and shuffle to the beginning
of the allocation at the same time.
Also correct emission of the symbol count on big endian platforms.
Further changes are planned, but this should fix powerpc64.
Ed Maste [Mon, 29 Apr 2019 18:25:39 +0000 (18:25 +0000)]
MFC r339648: ar: report errno on warning/error
Previously ar would report an error like "ar: fatal: Write error"
without including additional errno information. Change warnings and
errors to include archive_errno() so that the user may have some idea
of the reason for the failure.