Robert Watson [Sun, 23 Feb 2014 22:10:25 +0000 (22:10 +0000)]
Give mips64 its own ficl configuration that sizes pointers/etc suitably for
a 64-bit architecture, rather than trying to share the 32-bit MIPS ficl
configuration.
When building ficl on MIPS, don't conflate 32-bit and 64-bit ISAs -- unlike
x86, we don't want a 32-bit loader on a 64-bit CPU. Use quite conservative
code generation -- e.g., softfloat, no GOT, etc -- suitable for early boot.
UCL is heavily infused by nginx configuration as the example of a convenient
configuration system. However, UCL is fully compatible with JSON format and is
able to parse json files.
UCL is used by pkg(8) for its configuration file as well for the manifest format
in packages, it will be used in base for the pkg boostrap (signature checking
and configuration file parsing.)
libucl has been developped and is maintained by vsevolod@
UCL is heavily infused by nginx configuration as the example of a convenient
configuration system. However, UCL is fully compatible with JSON format and is
able to parse json files.
UCL is used by pkg(8) for its configuration file as well for the manifest format
in packages, it will be used in base for the pkg boostrap (signature checking
and configuration file parsing.)
libucl has been developped and is maintained by vsevolod@
Ian Lepore [Sun, 23 Feb 2014 01:48:07 +0000 (01:48 +0000)]
Create a generic IMX6 kernel config. This is based on the existing
WANDBOARD.common config, but with the freescale-specific optons and devices
all together at the bottom now. In addition to reformatting and shuffling
lines around, two new options are added because they're now known to work,
VFP and FREEBSD_BOOT_LOADER.
This config does not include any static DTB, it requires that u-boot
provide a DTB (or a custom kernel config can compile one in).
This will supercede all the existing WANDBOARD* configs, but those will
be left around for a while to help people transition their customized
configs to include this new one instead.
Ian Lepore [Sat, 22 Feb 2014 22:18:20 +0000 (22:18 +0000)]
Add a feature for automatically finding and loading a dtb file by name.
The name is taken from the u-boot env vars fdtfile or fdt_file. If the
name isn't fully-qualified a search is done in module_path locations.
The search order for a usable dtb in fdt_setup_fdtp() is now
- A dtb loaded with an explicit "load -t dtb" command.
- A dtb already loaded into memory somehow[*] and pointed to by fdt_to_load.
- A dtb in the memory pointed to by the u-boot env vars fdtaddr or fdt_addr.
- A file named by the u-boot env vars fdtfile or fdt_file.
- A static dtb compiled into the kernel.
* Presumably by some arch-specific command or code.
Pedro F. Giffuni [Sat, 22 Feb 2014 22:07:16 +0000 (22:07 +0000)]
ext2fs: fully enable ext4 read-only support.
The ext4 developers tend to tag Ext4-specific flags as
"incompatible" even when such features are not relevant for
read-only support. This is a consequence of the process
though which this filesystem is implemented without design
and the fact that some new features are not extensible to
ext2/3.
Organize the features according to what we support and sort
them so that we can now read-only mount filesystems with
some features that may be found in newly formatted ext4 fs.
Submitted by: Zheng Liu
Reviewed by: pfg
MFC after: 5 days
Ian Lepore [Sat, 22 Feb 2014 22:03:26 +0000 (22:03 +0000)]
Change file_loadraw() from static to public. Change the order of its
arguments from type,filename to filename,type to be consistant with other
public file_whatever() functions, and change it to return a pointer to
the preloaded_file struct describing the file. Adjust existing callers.
Ian Lepore [Sat, 22 Feb 2014 19:10:58 +0000 (19:10 +0000)]
Change fdt_setup_fdtp() from "guess then fail" to more probe-like behavior.
The old code basically said it was going to use some particular blob
without knowing whether it could successfully do so, then it would invoke
the function to do that and return its status. If it failed, you were
done, even if other blobs might be available. Now the code attempts to use
some particular blob and if that succeeds it says so and returns success,
otherwise it moves on to try another potential blob.
One specific problem this solves is when u-boot sets an fdtaddr variable
to point to some memory address, then doesn't actually load a blob at
that address. Now the header check will fail, and the code will move
on to the fallback dtb compiled into the kernel (if any).
Alan Cox [Sat, 22 Feb 2014 18:53:42 +0000 (18:53 +0000)]
When the kernel is running in a virtual machine, it cannot rely upon the
processor family to determine if the workaround for AMD Family 10h Erratum
383 should be enabled. To enable virtual machine migration among a
heterogeneous collection of physical machines, the hypervisor may have
been configured to report an older processor family with a reduced feature
set. Effectively, the reported processor family and its features are like
a "least common denominator" for the collection of machines.
Therefore, when the kernel is running in a virtual machine, instead of
relying upon the processor family, we now test for features that prove
that the underlying processor is not affected by the erratum. (The
features that we test for are unlikely to ever be emulated in software
on an affected physical processor.)
Ian Lepore [Sat, 22 Feb 2014 17:51:10 +0000 (17:51 +0000)]
Allow the ubldr boot device to be choosen by a u-boot environment variable.
If a "loaderdev=<device>" env variable is set and the named device
exists, it is used. If the device doesn't exist, fall back to the
historic "probe" loop that prefers disk devices over network devices.
If the env var is not set, preserve the historic behavior of using the
first working disk device provided by u-boot, or a network device if no
functional disk device is found and a network device exists.
The old probe loop is reworked so that it checks all bootable devices
provided by u-boot rather than taking an early-out on the first device
found. This results in the cosmetic change of listing all potential boot
devices for the user, but the behavior of which device it chooses is the
same as it has always been.
David Xu [Sat, 22 Feb 2014 11:06:48 +0000 (11:06 +0000)]
Increase alignment to size of pointer if the alignment is too small.
Some modules do not align data at least to size of pointer, they uses a
smaller alignment, but our pointer should be aligned to its native
boundary, otherwise on some platforms, hardware alignment checking
will cause bus error.
Simplify the way the end of a singly linked list is followed (for adding
items), so it is more obvious that we aren't going to indirect through
a NULL pointer.
PR: 144723
Submitted by: Garrett Cooper <yaneurabeya at gmail.com>
Obtained from: NetBSD r1.19
MFC after: 2 weeks
Peter Grehan [Sat, 22 Feb 2014 07:18:06 +0000 (07:18 +0000)]
ZFS boot support for bhyveload.
Modelled after the i386 zfsloader. However, with no
2nd stage zfsboot to search for a bootable dataset,
attempt a ZFS boot if there is more than one ZFS
dataset found during the disk probe.
sys/boot/userboot/zfs
- build the ZFS boot library
sys/boot/userboot/userboot/
conf.c
- Add the ZFS pool and filesystem tables
devicename.c
- correctly format ZFS devices
main.c
- increase the size of the libstand malloc pool
to account for the increased usage from ZFS buffers
- probe for a ZFS dataset, and if one is
found, attempt to boot from it.
usr.sbin/bhyveload/bhyveload.c
- allow multiple invocations of the '-d' option
to specify multiple disks e.g. a raidz set.
Up to 32 disks are supported.
Tested with various combinations of GPT, MBR, single
and multiple disks, RAID-Z, mirrors.
Reviewed by: neel
Discussed with: avg
Tested by: Michael Dexter and others
MFC after: 3 weeks
This fixes the tst.resize1.d and tst.resize2.d DTrace tests, which have
been failing since r261122 since they were causing dtrace(1) to attempt to
allocate and use large amounts of memory, and get killed by the OOM killer
as a result.
Mark Johnston [Sat, 22 Feb 2014 05:13:35 +0000 (05:13 +0000)]
Define the KM_NORMALPRI flag for kmem_alloc(), as it is used in some
upstream DTrace code. It indicates that the kernel memory allocator need not
attempt to satisfy non-blocking allocations in low-memory conditions. This
has no direct equivalent in the malloc(9) flags, so it is just defined to 0
for now.
Ian Lepore [Sat, 22 Feb 2014 03:36:45 +0000 (03:36 +0000)]
Look for both fdtaddr and fdt_addr env var names. Grepping the u-boot
source shows that board vendors seem to be about evenly split on this.
This commit is a trivial change to note that while the previous change
was supposed to be whitespace only, this functional change also crept in.
The added lines were:
/* Board vendors use both fdtaddr and fdt_addr names. Grrrr. */
Dimitry Andric [Fri, 21 Feb 2014 22:38:25 +0000 (22:38 +0000)]
Move the part in bsd.own.mk that sets -Wno-c++11-extensions for clang to
bsd.sys.mk, where it really belongs. This also causes the flag to get
added when clang is *not* the default system compiler, but is still
used, e.g. by setting WITH_CLANG_IS_CC manually.
It is a small and lightweight Mail Transport Agent.
It accepts mails from locally installed Mail User Agents (MUA) and delivers the
mails either locally or to a remote destination. Remote delivery includes
several features like TLS/SSL support, SMTP authentication and NULLCLIENT.
Make dma conditional to new WITHOUT_DMA option and make it respect WITHOUT_MAIL
Reviewed by: peter
Discussed with: emaste, bz, peter
Neel Natu [Fri, 21 Feb 2014 06:03:54 +0000 (06:03 +0000)]
Add support for x2APIC virtualization assist in Intel VT-x.
The vlapic.ops handler 'enable_x2apic_mode' is called when the vlapic mode
is switched to x2APIC. The VT-x implementation of this handler turns off the
APIC-access virtualization and enables the x2APIC virtualization in the VMCS.
The x2APIC virtualization is done by allowing guest read access to a subset
of MSRs in the x2APIC range. In non-root operation the processor will satisfy
an 'rdmsr' access to these MSRs by reading from the virtual APIC page instead.
The guest is also given write access to TPR, EOI and SELF_IPI MSRs which
get special treatment in non-root operation. This is documented in the
Intel SDM section titled "Virtualizing MSR-Based APIC Accesses".
Enforce that APIC-write and APIC-access VM-exits are handled only if
APIC-access virtualization is enabled. The one exception to this is
SELF_IPI virtualization which may result in an APIC-write VM-exit.
Ian Lepore [Fri, 21 Feb 2014 06:00:06 +0000 (06:00 +0000)]
Add basic cpu frequency control and temperature monitoring to imx6_anatop.
The temperature monitor device is enabled to sample the die temperature at
16hz. The temperature is published via sysctl. A callout routine at 10hz
monitors the temperature and throttles back the cpu if the temperature
goes over a user-settable throttle point (by default 10C less than the
critical high-point temperature for the chip). The hardware is supposed
to be able to deliver an interrupt when the temperature exceeds a settable
limit, but the interrupt never arrives so for now a callout does the job.
At attach time we read the maximum cpu frequency the chip is allowed to run
at and the cpu is set to run at that speed. It's reported at attach time.
A sysctl variable reports the current speed when queried.
David Xu [Fri, 21 Feb 2014 03:36:16 +0000 (03:36 +0000)]
malloc_aligned() may not leave enough space for pointer to allocated memory,
saving the pointer will overwrite bytes belongs to another memory block
unexpectly, to fix the problem, use (allocated address + sizeof(void *)) as
initial value, and slip to next aligned address, so maximum extra bytes is
sizeof(void *) + align - 1.
Tested by: Andre Albsmeier < mail at ma17 dot ata dot myota dot orgndre >
Further refine the auth fail regex to catch more auth failures and
reduce false positives.
The committed patch was provided by Christian Marg.
PR: 91732
Submitted by: Daniel O'Connor <doconnor at gsoft.com.au>
Skye Poier <spoier at gmail.com>
Alan Amesbury <amesbury at umn.edu>
Christian Marg <marg at rz.tu-clausthal.de>
MFC after: 1 month
Peter Wemm [Thu, 20 Feb 2014 19:48:47 +0000 (19:48 +0000)]
Import svn-1.8.8.
Highlights:
* Security fix for apache server plugin that we don't build or use
* sqlite performance improvements.
* bug fixes for edge cases and some other less common operations.
Steven Kreuzer [Thu, 20 Feb 2014 14:39:12 +0000 (14:39 +0000)]
Document r261504 - FreeBSD/i386 guests can be run under bhyve.
Document r261498 - ping uses the Capsicum framework to drop privileges
Document r261344 - mdocml have been upgraded to version 1.12.3
Documetn r261991 - llvm/clang have been upgraded to version 3.4
Neel Natu [Thu, 20 Feb 2014 01:48:25 +0000 (01:48 +0000)]
Simplify APIC mode switching from MMIO to x2APIC. In part this is done to
simplify the implementation of the x2APIC virtualization assist in VT-x.
Prior to this change the vlapic allowed the guest to change its mode from
xAPIC to x2APIC. We don't allow that any more and the vlapic mode is locked
when the virtual machine is created. This is not very constraining because
operating systems already have to deal with BIOS setting up the APIC in
x2APIC mode at boot.
Fix a bug in the CPUID emulation where the x2APIC capability was leaking
from the host to the guest.
Ignore MMIO reads and writes to the vlapic in x2APIC mode. Similarly, ignore
MSR accesses to the vlapic when it is in xAPIC mode.
The default configuration of the vlapic is xAPIC. The "-x" option to bhyve(8)
can be used to change the mode to x2APIC instead.
Marko Zec [Wed, 19 Feb 2014 08:29:07 +0000 (08:29 +0000)]
V_irtualize rtsock refcounting, which reduces the chances for panics
on teardown of vnets without active routing sockets while at least
one routing socket is active elsewhere.
Peter Wemm [Wed, 19 Feb 2014 07:09:14 +0000 (07:09 +0000)]
Really (I think) fix the sporadic heimdal build failures with high -j
levels. The root of the problem was that make was attempting to run up
to three concurrent asn1_compile commands to produce the three outputs
that it was declared to produce. The failure was caused when the
asn1_compiles were started out of sync and a later one was truncating
the files that another thread was trying to copy. In reality it is
supposed to be run exactly once and all three outputs are produced in
one pass.
Use the same hack as for the parent's Makefile.inc for the compile_et
multi-output rule.
Robert Watson [Tue, 18 Feb 2014 23:22:54 +0000 (23:22 +0000)]
Replace Apache-style license on two Makefiles with stock 2-clause BSD;
license, although the former is pretty safe, it wasn't intended to be
used in the version of MIPS boot2/loader upstreamed to FreeBSD.
Robert Watson [Tue, 18 Feb 2014 23:18:32 +0000 (23:18 +0000)]
Commit a first cut at ports of boot2 and loader to 64-bit MIPS, with a
particular interest in (and support for) SRI International and the
University of Cambridge's BERI FPGA soft-core processor. This includes
micro device drivers for the Altera JTAG UART console, memory-mapped
flash, and the Altera SD Card IP core in both boot2 and loader. boot2
can be written to the on-board Intel StrataFlash on the DE4 board, and
loader can be placed in StrataFlash or the SD Card.
Plenty of XXX comments, but works quite well locally in practice and I
am using it daily. Although I had originally ported the ARM version
of boot2, the current version is x86-derived as that proved more
feature-complete. As we don't currently use partitions on our flash
disks, support for that has been commented out relative to x86, but
would be easy to add back. FDT support has not yet been hooked up,
although some skeleton parts have been put in place for that.
This may well be a useful starting point for ports to other 32-bit and
64-bit MIPS-ISA systems.
Add more __BEGIN_DECLS / __END_DECLS to <sys/capability.h>.
capability.h currently only wraps some of its declarations in __BEGIN_DECLS/__END_DECLS, so cap_enter(), cap_sandboxed(), etc. are usable from C++ code but cap_rights_init(), cap_rights_is_valid() etc. are not. This commit fixes this distinction.
Luigi Rizzo [Tue, 18 Feb 2014 04:38:26 +0000 (04:38 +0000)]
enable rfc1323 and rfc1644 by default in picobsd images.
I disabled it some 15 years ago but it is useful to have them on
when doing tcp throughput tests.