Mark Johnston [Sat, 21 Dec 2019 19:04:05 +0000 (19:04 +0000)]
Fix VPO_UNMANAGED handling in vm_page_reclaim_run() after r353540.
When allocating a replacement page we must clear VPO_UNMANAGED since we
only ever reclaim pages from managed objects. vm_page_replace() does
not handle this for us.
Sprinkle some assertions to help catch this sort of issue.
Reported by: pho
Reviewed by: alc, kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D22868
GCC-9.1 reports following error when trying to compile file
src/malloc_io.c and with CFLAGS='-Werror' :
src/malloc_io.c: In function ‘malloc_vsnprintf’:
src/malloc_io.c:369:2: error: case label value exceeds maximum value for type [-Werror]
369 | case '?' | 0x80: \
| ^~~~
src/malloc_io.c:581:5: note: in expansion of macro ‘GET_ARG_NUMERIC’
581 | GET_ARG_NUMERIC(val, 'p');
| ^~~~~~~~~~~~~~~
...
<snip>
cc1: all warnings being treated as errors
make: *** [Makefile:388: src/malloc_io.sym.o] Error 1
The warning is reported as by default the type 'char' is 'signed char'
and or-ing 0x80 will turn the case label char negative which will be
beyond the printable ascii range (0 - 127).
The patch fixes this by explicitly casting the 'len' variable as
unsigned char' inside the 'switch' statement so that value of
expression " '?' | 0x80 " falls within the legal values of the
variable 'len'.
Ryan Libby [Sat, 21 Dec 2019 02:44:26 +0000 (02:44 +0000)]
libdevdctl: g++9 avoid Wdeprecated-copy
g++9 now warns about having defined an assignment operator but using the
default copy constructor, or vice versa. Avoid the issue in libdevdctl
by just using the default assignment operator too.
Ryan Libby [Sat, 21 Dec 2019 02:43:20 +0000 (02:43 +0000)]
gcc: quiet Wattribute for no_sanitize("address")
This is an unfortunate instance where the __has_attribute check does
not function usefully. Gcc does have the attribute, but for gcc it only
applies to functions, not variables, and trying to apply it to a
variable generates Wattribute. So far we only apply the attribute to
variables. Only enable the attribute for clang, for now.
Reviewed by: Anton Rang <rang at acm.org>
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D22875
Rick Macklem [Fri, 20 Dec 2019 21:45:20 +0000 (21:45 +0000)]
Update the man page to reflect the addition of NFSv4.2 (r355677).
Update all the references to NFSv4.1, so that they apply to NFSv4.1 and
NFSv4.2. Also, change the MDS->DS mounts to use NFSv4.2, so that both
versions of the protocol can be used against the server with pNFS enabled.
Rick Macklem [Fri, 20 Dec 2019 21:41:33 +0000 (21:41 +0000)]
Update the man page to reflect the addition of NFSv4.2 (r355677).
Include references to NFSv4.2 and Flexible File layout, plus clarify
when vfs.nfsd.flexlinuxhack needs to be set for Linux pNFS clients.
Also update the man page to reflect the addition of SpaceUsed to the
attributes stored in the extended attribute on the MDS (r354158).
Conrad Meyer [Fri, 20 Dec 2019 21:11:00 +0000 (21:11 +0000)]
random(4): Flip default Fortuna generator over to Chacha20
The implementation was landed in r344913 and has had some bake time (at
least on my personal systems). There is some discussion of the motivation
for defaulting to this cipher as a PRF in the commit log for r344913.
As documented in that commit, administrators can retain the prior (AES-ICM)
mode of operation by setting the 'kern.random.use_chacha20_cipher' tunable
to 0 in loader.conf(5).
Dimitry Andric [Fri, 20 Dec 2019 20:44:58 +0000 (20:44 +0000)]
Copy llvm vendor/*/dist to vendor/llvm-project/master
This uses the new layout of the upstream repository, which was recently
migrated to GitHub, and converted into a "monorepo". That is, most of
the earlier separate sub-projects with their own branches and tags were
consolidated into one top-level directory, and are now branched and
tagged together.
Dimitry Andric [Fri, 20 Dec 2019 19:53:05 +0000 (19:53 +0000)]
Move all sources from the llvm project into contrib/llvm-project.
This uses the new layout of the upstream repository, which was recently
migrated to GitHub, and converted into a "monorepo". That is, most of
the earlier separate sub-projects with their own branches and tags were
consolidated into one top-level directory, and are now branched and
tagged together.
Updating the vendor area to match this layout is next.
Kyle Evans [Fri, 20 Dec 2019 17:15:09 +0000 (17:15 +0000)]
vt: store a pointer to the keyboard instead of index
This effectively reverts r355935, but is functionally equivalent. We gain no
benefit from storing the index and repeatedly fetching the keyboard with
`kbd_get_keyboard` when we need it. We'll be notified when it's going away
so we can clean up the pointer.
All existing references were trivially converted. Only once instance
actually needed the index.
Kyle Evans [Fri, 20 Dec 2019 16:22:14 +0000 (16:22 +0000)]
Kill off dummy kbd drivers
As far as I can tell, these are an artifact of times when linker sets
couldn't be empty, otherwise the kernel build would fail due to unresolved
symbols. hselasky fixed this in r268138, and I've audited the kbd portions
to make sure nothing would blow up due to the empty linker set and
successfully compiled+ran a kernel with no keyboard support at all.
Kill them off now since they're no longer required.
Kyle Evans [Fri, 20 Dec 2019 16:20:38 +0000 (16:20 +0000)]
vt: fix post-boot keyboard attachment
With absolutely no keyboards attached and no kbdmux in kernel, we descend
down this error path. 0 is a valid keyboard index, so leaving
vd->vd_keyboard at 0 when there's no keyboard found is objectively wrong as
later attachment of a keyboard will fail -- it gets index 0, and vt thinks
it's already using that keyboard.
This is decidedly the corniest of corner cases, but it's easy enough to get
correct that we should do so.
Tested in a kernel without atkbdc, atkbd, psm, kbdmux, ukbd, hyperv then
loading ukbd post-boot and attaching a usb keyboard.
Conrad Meyer [Fri, 20 Dec 2019 08:31:23 +0000 (08:31 +0000)]
random(4): Fortuna: Enable concurrent generation by default for 13
Flip the knob added in r349154 to "enabled." The commit message from that
revision and associated code comment describe the rationale, implementation,
and motivation for the new default in detail. I have dog-fooded this
configuration on my own systems for six months, for what that's worth.
For end-users: the result is just as secure. The benefit is a faster, more
responsive system when processes produce significant demand on random(4).
As mentioned in the earlier commit, the prior behavior may be restored by
setting the kern.random.fortuna.concurrent_read="0" knob in loader.conf(5).
This scales the random generation side of random(4) somewhat, although there
is still a global mutex being shared by all cores and rand_harvestq; the
situation is generally much better than it was before on small CPU systems,
but do not expect miracles on 256-core systems running 256-thread full-rate
random(4) read. Work is ongoing to address both the generation-side (in
more depth) and the harvest-side scaling problems.
Philip Paeps [Fri, 20 Dec 2019 03:38:21 +0000 (03:38 +0000)]
riscv/sifive: add SiFive FU540 PRCI driver
The SiFive FU540 Power Reset Clocking Interrupt block contains a PLL
that turns the input crystal (33.3MHz) into a 1-1.5GHz clock.
This clock in turn is divided by two to produce the tlclk, which is fed
into devices such as the SPI and I2C controllers.
Register a new clock device for the PRCI so that those devices can
read the correct clock through the clk framework.
Brandon Bergren [Thu, 19 Dec 2019 22:35:16 +0000 (22:35 +0000)]
[PowerPC] Only move linker sets to .data on ELFv1
In r268055, powerpc64 was special cased regarding linker sets to not mark
the function pointer as 'const'.
This appears to have been done to ensure the compiler generates the function
descriptors correctly. When non-const, the function descriptors will end up
in the .data.rel.local section, and the linker set symbols will get
relocations pointing to them there.
Since function pointers on ELFv2 are "just" pointers like other platforms,
we can leave them const like they are on every other platform.
Mark Johnston [Thu, 19 Dec 2019 19:34:25 +0000 (19:34 +0000)]
Fix SIGINFO stack collection to ignore threads with swapped-out stacks.
We by definition cannot trace the stack of such a thread. Also remove a
redundant stack_zero() call in the SIGINFO handler, the stack structure
is cleared by the MD stack_capture().
Doug Moore [Thu, 19 Dec 2019 16:39:52 +0000 (16:39 +0000)]
Including <sys/tmpfs.h> into non-kernel software leads to a
compilation error because, without _KERNEL defined, the macro
TMPFS_VALIDATE_DIR is invoked, but never defined. User-level software
that includes sys/tmpfs.h must define _KERNEL to make the definition
of TMPFS_VALIDATE_DIR visible.
This change puts all the inline functions that, directly or
indirectly, invoke MPASS into the scope of the _KERNEL block, allowing
many user-space includers of <sys/tmpfs.h> to stop defining _KERNEL.
Andrew Turner [Thu, 19 Dec 2019 08:52:16 +0000 (08:52 +0000)]
Stop speculation past an eret instruction
On arm64 the eret instruction is used to return from an exception handler.
Some implementations may speculate past this instruction into the next
function. As the user may control many registers in these functions add
a synchronisation barrier sequence after the eret instruction to stop these
CPUs from speculating out of the exception handler.
Mark Peek [Wed, 18 Dec 2019 23:00:56 +0000 (23:00 +0000)]
Remove VMware MSI-X from the PCI blacklist.
First reported against ESXi 5.0, PCI passthrough was not working due to
MSI-X issues. However, this issue was fixed via patch releases against
ESXi 5.5 and 6.0 in 2016. Given ESXi 5.5 and earlier have been EOL, this
patch removes the VMware MSI-X blacklist entries in the quirk table.
The code in questions walks IPv6 tree every 60 seconds and looks into
the routes with non-zero expiration time (typically, redirected routes).
For each such route it sets RTF_PROBEMTU flag at the expiration time.
No other part of the kernel checks for RTF_PROBEMTU flag.
RTF_PROBEMTU was defined 21 years ago, 30 Jun 1999, as RTF_PROTO1.
RTF_PROTO1 is a de-facto standard indication of a route installed
by a routing daemon for a last decade.
Alan Cox [Wed, 18 Dec 2019 18:21:39 +0000 (18:21 +0000)]
When pmap_enter_{l2,pde}() are called to create a kernel mapping, they are
incrementing (and decrementing) the ref_count on kernel page table pages.
They should not do this. Kernel page table pages are expected to have a
fixed ref_count. Address this problem by refactoring pmap_alloc{_l2,pde}()
and their callers. This also eliminates some duplicated code from the
callers.
Correctly implement PMAP_ENTER_NOREPLACE in pmap_enter_{l2,pde}() on kernel
mappings.
Reduce code duplication by defining a function, pmap_abort_ptp(), for
handling a common error case.
Handle a possible page table page leak in pmap_copy(). Suppose that we are
determining whether to copy a superpage mapping. If we abort because there
is already a mapping in the destination pmap at the current address, then
simply decrementing the page table page's ref_count is correct, because the
page table page must have a ref_count > 1. However, if we abort because we
failed to allocate a PV entry, this might be a just allocated page table
page that has a ref_count = 1, so we should call pmap_abort_ptp().
Simplify error handling in pmap_enter_quick_locked().
Warner Losh [Wed, 18 Dec 2019 16:01:15 +0000 (16:01 +0000)]
Drop a sleepable lock when we plan on sleeping
g_io_speedup waits for the completion of the speedup request before proceeding
using biowait(), but check_clear_deps is called with the softdeps lock held
(which is non-sleepable). It's safe to drop this lock around the call to
speedup, so do that.
Conrad Meyer [Wed, 18 Dec 2019 06:22:28 +0000 (06:22 +0000)]
acpi(4): Add _CID to PNP info string
While a given ACPI device may have 0-N compatibility IDs, in practice most
seem to have 0 or 1. If one is present, emit it as part of the PNP info
string associated with a device. This could enable MODULE_PNP_INFO-based
automatic kldload for ACPI drivers associated with a given _CID (but without
a good _HID or _UID identifier).
Kyle Evans [Wed, 18 Dec 2019 02:29:27 +0000 (02:29 +0000)]
bcm2835_vcbus: add legacy compat mappings
I've opted for just duplicating the two entries needed for this, rather than
writing any other mechanism for maintaining two root compat entries to map
to one config, for simplicity. We'll eventually declare these legacy DTB
unsupported, but let's not do that yet while there's no real burden.
Kyle Evans [Tue, 17 Dec 2019 23:01:37 +0000 (23:01 +0000)]
arm: add SOC_BRCM_BCM2837 option, include it in GENERIC
We use armv7/GENERIC for the RPI2 images. The original RPI2 is actually a
32-bit BCM2836, but v1.2 was upgraded to the 64-bit BCM2837. The project
continues to provide the RPI2 image as armv7, as it's the lowest common
denominator of the two. Historically, we've just kind of implicitly
acknowledged this by including some bcm2837 bits on a SOC_BCM2836 kernel
config -- this worked until r354875 added code that actually cared.
Acknowledge formally that BCM2837 is valid in arm32.
This name is inconsistent with the other BCM* SOC on !arm64 for two reasons:
1. It's a pre-existing option on arm64, and
2. the naming convention on arm/ should've arguably changed to include BRCM
#1 seems to be a convincing enough argument to maintain the existing name
for it.
John Baldwin [Tue, 17 Dec 2019 22:58:07 +0000 (22:58 +0000)]
Update the crypto(4) and crypto(9) manpages.
There are probably bits that are still wrong, but this fixes some
things at least:
- Add named arguments to the functions in crypto(9).
- Add missing algorithms.
- Don't mention arguments that don't exist in crypto_register.
- Add CIOGSESSION2.
- Remove CIOCNFSESSION.
- Clarify some stale language that assumed an fd had only one sesson.
- Note that you have to use CRIOGET and add a note in BUGS lamenting
that one has to use CRIOGET.
- Various other cleanups.
Warner Losh [Tue, 17 Dec 2019 21:53:22 +0000 (21:53 +0000)]
Revert r355833
While it works on nda, it fails on ada and/or da for at least zfs with a modify
after free issue on a trim BIO. Revert while I rework it to fix those devices.
Mark Johnston [Tue, 17 Dec 2019 21:34:38 +0000 (21:34 +0000)]
an(4): Require privileges for all SIOCGAIRONET requests.
SIOCGAIRONET allows userspace to query an(4) for various device
properties and configuration, which appears to potentially include
sensitive information such as WEP keys (an(4) seems to predate WPA).
Also avoid races by copying in the request structure to a temporary
buffer before locking and modifying the device softc.
Reported by: Ilja Van Sprundel <ivansprundel@ioactive.com>
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Randall Stewart [Tue, 17 Dec 2019 16:08:07 +0000 (16:08 +0000)]
This commit is a bit of a re-arrange of deck chairs. It
gets both rack and bbr ready for the completion of the STATs
framework in FreeBSD. For now if you don't have both NF_stats and
stats on it disables them. As soon as the rest of the stats framework
lands we can remove that restriction and then just uses stats when
defined.
Sponsored by: Netflix Inc.
Differential Revision: https://reviews.freebsd.org/D22479
Ian Lepore [Tue, 17 Dec 2019 15:56:48 +0000 (15:56 +0000)]
Update owc_gpiobus (one-wire over gpio) to the modern gpio_pin interface.
It used to be required that a device be a child of gpiobus(4) to manipulate
gpio pins. That requirement didn't work well for FDT-based systems with many
cross-hierarchy users of gpio, so a more modern framework was created that
removed the old hierarchy requirement.
These changes adapt the owc_gpiobus driver to use the newer gpio_pin_*
functions to acquire, release, and manipulate gpio pins. This allows a
single driver to work for both hinted-attachment and fdt-based systems, and
removes the requirement that any one-wire fdt nodes must appear at the root
of the devicetree.
Emmanuel Vadot [Tue, 17 Dec 2019 10:57:31 +0000 (10:57 +0000)]
arm64: rockchip: rk_gpio: Fix pin number
The maxpin counter starts at 0, fix one by one error.
This is still not totally correct for some banks in some SoC that have
fewer pins but this will be dealt with in another commit.
Emmanuel Vadot [Tue, 17 Dec 2019 10:55:28 +0000 (10:55 +0000)]
arm64: rockchip: rk_pinctrl: Fix clear bits in SYSCON_MODIFY
r351187 change the SYSCON_WRITE to SYSCON_MODIFY but didn't changed the
mask variable that used to hold the bitmask in the upper 16 bits of the
register that control which bits are changed. So we ended up clearing
bit from the upper 16bits half which are always 0 after a read.
Use the correct bit mask for bits that we want to clear.
Toomas Soome [Tue, 17 Dec 2019 08:30:11 +0000 (08:30 +0000)]
loader.efi: efi_readkey_ex needs to key despite the shift status or toggle status
From UEFI specification 2.8, page 434:
"It should also be noted that certain input devices may not be able to produce
shift or toggle state information, and in those cases the high order bit in
the respective Toggle and Shift state fields should not be active."
But we still need to check for ScanCode and UnicodeChar.
Kyle Evans [Tue, 17 Dec 2019 03:30:49 +0000 (03:30 +0000)]
kbd: const'ify a couple of keyboard_driver fields
Nothing modifies these things, but const'ify out of an abundance of caution.
If we could const'ify the definition in each keyboard driver, I likely
would- improper mutations here can lead to misbehavior or slightly more
annoying to debug state.
Warner Losh [Tue, 17 Dec 2019 03:20:37 +0000 (03:20 +0000)]
Two minor issues:
(1) Don't define load/store 64 atomics for o32. They aren't atomic
there.
(2) Add comment about why we need 64 atomic define on n32 only.
Warner Losh [Tue, 17 Dec 2019 00:13:45 +0000 (00:13 +0000)]
Implement bio_speedup
React to the BIO_SPEED command in the cam io scheduler by completing
as successful BIO_DELETE commands that are pending, up to the length
passed down in the BIO_SPEEDUP cmomand. The length passed down is a
hint for how much space on the drive needs to be recovered. By
completing the BIO_DELETE comomands, this allows the upper layers to
allocate and write to the blocks that were about to be trimmed. Since
FreeBSD implements TRIMSs as advisory, we can eliminliminate them and
go directly to writing.
The biggest benefit from TRIMS coomes ffrom the drive being able t
ooptimize its free block pool inthe log run. There's little nto no
bene3efit in the shoort term. , sepeciall whn the trim is followed by
a write. Speedup lets us make this tradeoff.
Warner Losh [Tue, 17 Dec 2019 00:13:40 +0000 (00:13 +0000)]
Add BIO_SPEEDUP signalling to UFS
When we have a resource shortage in UFS, send down a BIO_SPEEDUP to
give the CAM I/O scheduler a heads up that we have a resource shortage
and that it should bias its decisions knowing that.
Warner Losh [Tue, 17 Dec 2019 00:13:35 +0000 (00:13 +0000)]
Add BIO_SPEEDUP
Add BIO_SPEEDUP bio command and g_io_speedup wrapper. It tells the
lower layers that the upper layers are dealing with some shortage
(dirty pages and/or disk blocks). The lower layers should do what they
can to speed up anything that's been delayed.
The first use will be to tell the CAM I/O scheduler that any TRIM
shaping should be short-circuited because the system needs
blocks. We'll also call it when there's too many resources used by
UFS.
Warner Losh [Tue, 17 Dec 2019 00:13:30 +0000 (00:13 +0000)]
Eliminate the TRIM_ACTIVE flag.
Rather than a trim active flag, have a counter that can be used to
have a absolute limit on the number of trims in flight independent of
any I/O limiting factors.
Warner Losh [Tue, 17 Dec 2019 00:13:21 +0000 (00:13 +0000)]
Add rate limiters to TRIM.
Add rate limiters to trims. Trims are a bit different than reads or
writes in that they can be combined, so some care needs to be taken
where we rate limit them. Additional work will be needed to push the
working rate limit below the I/O quanta rate for things like IOPS.
Warner Losh [Tue, 17 Dec 2019 00:11:48 +0000 (00:11 +0000)]
NVME trim stuff.
Add two sysctls to control pacing of nvme
trims. kern.cam.nda.X.goal_trim is the number of upper layer
BIO_DEELETE requests to try to collecet before sending TRIM down too
the nvme drive. trim_ticks is the number of ticks, at mosot, to wait
for at least goal_trim BIOS_DELEETE requests to come in.
Trim pacing is useful when a large number off disjoint trims are
comoing in from the upper layers. Since we have no way to chain
toogether trims from the upper layers that are sent down, this acts as
a hueristic to group trims into reasonable sized chunks. What's
reasonable varies from drive to drive.
Brooks Davis [Tue, 17 Dec 2019 00:10:19 +0000 (00:10 +0000)]
Avoid a tautological bitwise compare.
This looks like a bit of debugging code that sliped into the initial
import of the new ATA framework. This changes the behavior to omit a
line of output that appears to have been intended for omission.
Adrian Chadd [Tue, 17 Dec 2019 00:00:03 +0000 (00:00 +0000)]
[atheros] [mips] Add the GPIO driver (back) to the TL-WDR3600/TL-WDR4300 kernel.
So it turns out that sometime in the past I removed the GPIO bits here
and was going to move it into a module in order to save a little space.
However, it turns out that was a mistake on this particular AP - it
uses a pair of GPIO lines to control the two receive LNAs on the 2GHz
radio and without them enabled the radio is a LOT DEAF.
With this re-introduced (and some replacement userland tools to save
space, *cough* cpio/libarchive) I can actually use these chipsets
again as a 2G station. Without the LNA the AP was seeing a per-radio
RSSI upstairs here of around 3-5dB, with the LNA on it's around 15dB,
more than enough to actually use wifi upstairs and also in line with
the other Atheros / Intel devices I have up here.