emaste [Fri, 28 Dec 2018 17:00:12 +0000 (17:00 +0000)]
ar: detect and error out on 32-bit symbol table overflow
BSD ar currently does not support the /SYM64/ 64-bit symbol table, and
previously truncated to 32-bits, silently producing corrupted archives
larger than 4GB.
Note that this is only a partial fix; additional checks will come.
PR: 234454
Reported by: Aijaz Baig, imp
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
crees [Fri, 28 Dec 2018 15:11:22 +0000 (15:11 +0000)]
There is no way of escaping literal $ signs in auto_master(5), which
makes for difficulty with hidden Samba shares; shares with $ at the end
of their name. This enables the use of ${DOLLAR} to work around this.
jilles [Fri, 28 Dec 2018 13:32:14 +0000 (13:32 +0000)]
pfind, pfind_any: Correct zombie logic
SVN r340744 erroneously changed pfind() to return any process including
zombies and pfind_any() to return only non-zombie processes.
In particular, this caused kill() on a zombie process to fail with [ESRCH].
There is no direct test case for this but /usr/tests/bin/sh/builtins/kill1.0
occasionally triggers it (as reported by lwhsu).
Conversely, returning zombies from pfind() seems likely to violate
invariants and cause panics, but I have not looked at this.
jhibbits [Fri, 28 Dec 2018 01:34:08 +0000 (01:34 +0000)]
libm: Include float.h to get LDBL_MANT_DIG
The long double aliases of double functions are only exposed as aliases if
LDBL_MANT_DIG is 53 (same as DBL_MANT_DIG). Without float.h included these
files were not exposing weak aliases as expected, leading to link failures
if programs use the *l functions. This should fix editors/calligra on
targets with 64-bit long double, which uses erfl and erfcl. Found on
powerpc64.
will [Thu, 27 Dec 2018 23:27:48 +0000 (23:27 +0000)]
beinstall: try to save progress from pkg updates.
This is primarily aimed at failed updates due to package conflicts, and
affects treatment of failed updates. Whereas before potentially a large
number of packages would need to be synced for each attempt, they can now
be persisted. Requires rsync. There may be better ways to implement this,
e.g. using secondary cache path that is only used on followup attempts and
then wiped on success, which avoids polluting current cache.
mav [Thu, 27 Dec 2018 19:15:24 +0000 (19:15 +0000)]
Switch from mutexes to atomics in GEOM_DEV I/O path.
Mutexes in I/O path there were used twice per I/O to atomically access
several variables to close and/or destroy the device on last request
completion. I found the way to fit all required info into one integer,
suitable for atomic operations. It opened race window on device close,
but addition of timeout to the msleep() there should cover it.
Profiling shows removal of significant spinning time on those mutexes
and IOPS increase from ~600K to >800K to NVMe on 72-core systems.
mav [Thu, 27 Dec 2018 18:28:19 +0000 (18:28 +0000)]
Reimplement nvd(4) detach handling.
Previous code typically crashed in case of NVMe device unplug or even clean
detach while some I/Os are still in flight. To fix this the new code calls
disk_gone() and waits for confirmation of all references gone before calling
disk_destroy(), freeing other resources and allowing controller detach.
While there, fix disk lists locking and reimplement unit numbers assignment.
0mp [Thu, 27 Dec 2018 14:44:01 +0000 (14:44 +0000)]
iscsictl.8: Add missing flag parameters
- Add missing parameters to flags in the description of available options.
- Remove spaces between alternative parameters and "|".
- Align descriptions of options to the longest option.
- Use em dash instead of a hyphen.
andrew [Thu, 27 Dec 2018 14:14:41 +0000 (14:14 +0000)]
Pass VM_PROT_EXECUTE to vm_fault for instruction faults.
We need to tell vm_fault the reason for the fault was because we tried to
execute from the memory location. Without this it may return with success
as we only request read-only memory, then we return to the same location
and try to execute from the same memory address. This leads to an infinite
loop raising the same fault and returning to the same invalid location.
kib [Thu, 27 Dec 2018 13:02:15 +0000 (13:02 +0000)]
Bump sys_errlist size to keep ABI backward-compatible for some time.
Addition of the new errno values requires adding new elements to
sys_errlist array, which is actually ABI-incompatible, since ELF
records the object size. Expand array in advance to 150 elements so
that we have our users to go over the issue only once, at least until
more than 53 new errors are added.
I did not bumped the symbol version, same as it was not done for
previous increases of the array size. Runtime linker only copies as
much data into binary object on copy relocation as the binary'object
specifies. This is not fixable for binaries which access sys_errlist
directly.
While there, correct comment and calculation of the temporary buffer
size for the message printed for unknown error. The on-stack buffer
is used only for the number and delimiter since r108603.
Requested by: mckusick
Reviewed by: mckusick, yuripv
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D18656
danfe [Thu, 27 Dec 2018 08:48:54 +0000 (08:48 +0000)]
Amend the `-i batt' option description and explain that the battery
is specified by its number (index), starting with zero. Previously,
sometimes users would try to literally invoke `acpiconf -i batt' in
their console and become confused as to why this did not work.
mckusick [Thu, 27 Dec 2018 07:18:53 +0000 (07:18 +0000)]
When loading an inode from disk, verify that its mode is valid.
If invalid, return EINVAL. Note that inode check-hashes greatly
reduce the chance that these errors will go undetected.
Reported by: Christopher Krah <krah@protonmail.com>
Reported as: FS-5-UFS-2: Denial Of Service in nmount-3 (ffs_read)
Reviewed by: kib
MFC after: 1 week
Sponsored by: Netflix
M sys/fs/ext2fs/ext2_vnops.c
M sys/kern/vfs_subr.c
M sys/ufs/ffs/ffs_snapshot.c
M sys/ufs/ufs/ufs_vnops.c
avg [Wed, 26 Dec 2018 11:03:14 +0000 (11:03 +0000)]
MFV r342532: 5882 Temporary pool names
Note that this commit brings only formatting changes that were done
during the final review of the illumos change, because FreeBSD got the
main changes before illumos.
https://www.illumos.org/issues/5882
This is an import of the temporary pool names functionality from ZoL:
https://github.com/zfsonlinux/zfs/commit/e2282ef57edc79cdce2a4b9b7e3333c56494a807
https://github.com/zfsonlinux/zfs/commit/26b42f3f9d03f85cc7966dc2fe4dfe9216601b0e
https://github.com/zfsonlinux/zfs/commit/2f3ec9006146844af6763d1fa4e823fd9047fd54
https://github.com/zfsonlinux/zfs/commit/00d2a8c92f614f49d23dea5d73f7ea7eb489ccf1
https://github.com/zfsonlinux/zfs/commit/83e9986f6eefdf0afc387f06407087bba3ead4e9
https://github.com/zfsonlinux/zfs/commit/023bbe6f017380f4a04c5060feb24dd8cdda9fce
It is intended to assist the creation and management of virtual machines
that have their rootfs on ZFS on hosts that also have their rootfs on
ZFS. These situations cause SPA namespace collisions when the standard
name rpool is used in both cases. The solution is either to give each
guest pool a name unique to the host, which is not always desireable, or
boot a VM environment containing an ISO image to install it, which is
cumbersome.
kadesai [Wed, 26 Dec 2018 10:47:52 +0000 (10:47 +0000)]
Problem statement:
Due to hardware errata in Aero controllers, reads to certain
fusion registers could intermittently return all zeroes.
This behavior is transient in nature and subsequent reads will return
valid value.
Fix:
For Aero controllers, any read will retry the read operations
from certain registers for maximum three times, if read returns zero.
kadesai [Wed, 26 Dec 2018 10:47:08 +0000 (10:47 +0000)]
This patch will add support for 32 bit atomic request descriptor for Aero adapters.
For Aero adapters-
1. Driver will use 32 bit atomic descriptor to fire IOs and DCMDs.
2. Driver will use 64 bit request descriptor to fire IOC INIT.
3. If Aero firmware supports 32 bit atomic descriptor, then only driver will use it
otherwise driver will use 64 bit request descriptor.
For rest of adapters(Ventura, Invader and Thunderbolt), driver will use 64 bit request
descriptors only.
kadesai [Wed, 26 Dec 2018 10:46:23 +0000 (10:46 +0000)]
This patch will add support for latest generation MegaRAID adapters- Aero(39xx).
Driver will throw a warning message when a Configurable secure type controller is
encountered.
kadesai [Wed, 26 Dec 2018 10:42:45 +0000 (10:42 +0000)]
On Aero/Sea A0 cards retry MPT Fusion registers reads for max three times
Due to HW Errta on Aero/Sea A0 chipset on secure boot mode & on heavy IO load,
sometimes read operation on MPT Fusion registers will give zero value,
So, as a workaround driver will retry the MPT Fusion register
read operation for max three times upon reading zero value form these
registers.
kadesai [Wed, 26 Dec 2018 10:40:27 +0000 (10:40 +0000)]
Added support for NVMe Task Management
Following list of changes done in the driver as a part of TM handling on the NVMe drives.
Below changes are only applicable on NVMe drives and only when custom NVMe TM handling bit is set to zero by IOC.
1. Issue LUN reset & Target reset TMs with Target reset method field set to Protocol Level reset (0x3),
2. For LUN & target reset TMs use the timeout value as ControllerResetTO value provided by firmware using PCie Device Page 0,
3. If LUN reset fails to terminates the IO then directly escalate to host reset instead of going for target reset TM,
4. For Abort TM use the timeout value as NVMeAbortTO value given by the IOC using Manufacturing Page 11,
5. Log message "PCie Host Reset failed" message up on receiving P
In the above mps_pass_thru structure; Application expects PrtReply buffer
should contain both MPI reply followed by sense data. So, updated driver
to copy sense data at PtrReply + sizeof(MPI2 reply) location where
application wants the driver to copy back the sense data info.
https://www.illumos.org/issues/9630
Rename and destroy are very useful operations that deserve to be in
libzfs_core. And they are not hard to implement too.
kevans [Tue, 25 Dec 2018 15:18:41 +0000 (15:18 +0000)]
bectl: use jail id as the default jail name for a boot environment
By default, bectl is setting the jail 'name' parameter to the boot
environment name, which causes an error when the boot environment name is
not a valid jail name. With the attached fix, when no name is supplied, the
default jail name will be the jail id - this is is the same behavior as the
jail command.
Additionally, this commit addresses two other bugs that prevented unjailing
in scenarios where the jail name does not match the boot environment name:
1. In 'bectl_locate_jail', 'mountpoint' is used to resolve the boot
environment path, but really 'mounted' should be used. 'mountpoint' is the
path where the zfs dataset will be mounted. 'mounted' is the path where
the dataset is actually mounted.
2. in 'bectl_search_jail_paths', 'jail_getv' would fail after the first
call. Which is fine, if the boot environment you're unjailing is the next
one up. According to 'man jail_getv', it's expecting name and value
strings. 'jail_getv' is being passed an integer for the lastjid, so amend
that to use a string instead.
Test cases have been amended to reflect the bugs found.
PR: 233637
Submitted by: Rob <rob.fx907_gmail.com>
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D18607
mav [Mon, 24 Dec 2018 23:52:35 +0000 (23:52 +0000)]
Increase MTX_POOL_SLEEP_SIZE from 128 to 1024.
This value remained unchanged for 15 years, and now this bump reduces
lock spinning in GEOM and BIO layers while doing ~1.6M IOPS to 4 NVMe
on 72-core system from ~25% to ~5% by the cost of additional 28KB RAM.
While there, align struct mtx_pool fields to cache lines.
mav [Mon, 24 Dec 2018 23:28:11 +0000 (23:28 +0000)]
Remove CAM SIM lock from NVMe SIM.
CAM does not require SIM lock since FreeBSD 10.4, and NVMe code never
required it at all, using per-queue locks instead. This formally allows
parallel request submission in CAM mode as much as single per-device and
per-queue locks of CAM allow.
scottl [Mon, 24 Dec 2018 05:54:36 +0000 (05:54 +0000)]
Commands for user-initated device resets should come from the high-priority
allocator. Prior to this change, they would leak from the normal allocator.
scottl [Mon, 24 Dec 2018 05:05:38 +0000 (05:05 +0000)]
First step in refactoring and fixing the error recovery and task management
code in the mpr and mps drivers. Eliminate duplicated code and fix some
comments.
cy [Mon, 24 Dec 2018 01:12:43 +0000 (01:12 +0000)]
Remove an empty #if block.
The interesting thing is that looking through Darren's commit logs,
the line containing an extern ppsratecheck() definition was removed
from the v5-1-RELEASE branch but not from HEAD (I have taken his
CVS tree and converted it to GIT). There is a commit adding an
additional #if defined to the empty block. I can only assume that
this was intentional for something later. Looking through HEAD the
extern ppsratecheck() is there. However if we put it back it would
conflict with a static ppsratecheck() definition in fil.c when
building ipftest.
Therefore we remove this empty block.
ppsratecheck() is a function in the FreeBSD kernel. However ipftest
cannot call the ppsratecheck() in the kernel. Therefore one exists in
fil.c for use when building the userland ipftest utility which
approximates the packet filter in userland for testing of ipfilter
rules against packets captured with tcpdump.
kib [Sun, 23 Dec 2018 18:52:02 +0000 (18:52 +0000)]
Properly test for vmio buffer in bnoreuselist().
The presence of allocated v_object does not imply that the buffer is
necessary VMIO kind. Buffer might has been allocated before the
object created, then the buffer is malloced. Although we try to avoid
such situation, it seems to be still legitimate.
Reported and tested by: pho
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
pfg [Sun, 23 Dec 2018 18:15:48 +0000 (18:15 +0000)]
gai_strerror() - Update string error messages according to RFC 3493.
Error messages in gai_strerror(3) vary largely among OSs.
For new software we largely replaced the obsoleted EAI_NONAME and
with EAI_NODATA but we never updated the corresponding message to better
match the intended use. We also have references to ai_flags and ai_family
which are not very descriptive for non-developer end users.
Bring new new error messages based on informational RFC 3493, which has
obsoleted RFC 2553, and make them consistent among the header adn
manpage.
cy [Sun, 23 Dec 2018 05:10:36 +0000 (05:10 +0000)]
Remove NETBSD_PF. NETBSD_PF is a flag that defines whether the pfil(9)
framework is available. pfil(9) has been in FreeBSD since FreeBSD 5
and according to svn log was first committed to HEAD in 2000, therefore
it is safe to say the check is no longer needed in FreeBSD.
pfil(9) first appeared in NetBSD 1.3 (hence the name NETBSD_PF).
Therefore it is safe to say that it is supported by every NetBSD system
today. The framework also exists in illumos.
As ipfilter code is shared and exchanged between FreeBSD and NetBSD, and
at some point in the future illumos too, and as all three platforms have
pfil(9), the redundant NETBSD_PF #defines and #ifdefs are removed.
bde [Sat, 22 Dec 2018 22:59:11 +0000 (22:59 +0000)]
Fix devstat on md devices, second attempt. r341765 depends on
g_io_deliver() finishing initialization of the bio, but g_io_deliver()
actually destroys the bio. INVARIANTS makes the bug obvious by
overwriting the bio with garbage.
Restore the old order for calling devstat (except don't restore not calling
it for the error case), and translate to the devstat KPI so that this order
works.
vmaffione [Sat, 22 Dec 2018 16:23:42 +0000 (16:23 +0000)]
netmap: fix txsync check in netmap poll
To check if txsync can be skipped, it is necessary to look for
unseen TX space. However, this means comparing ring->cur
against ring->tail, rather than ring->head against ring->tail
(like nm_ring_empty() does).
This change also adds some more comments to explain the optimization
performed at the beginning of netmap_poll().
MFC after: 3 days
Sponsored by: Sunny Valley Networks
vmaffione [Sat, 22 Dec 2018 15:15:45 +0000 (15:15 +0000)]
netmap: fix bug in netmap_poll() optimization
The bug was introduced by r339639, although it is present in the upstream
netmap code since 2015. It is due to resetting the want_rx variable to
POLLIN, rather than resetting it to POLLIN|POLLRDNORM.
It only affects select(), which uses POLLRDNORM. poll() is not affected,
because it uses POLLIN.
Also, it only affects FreeBSD, because Linux skips the optimization
implemented by the piece of code where the bug occurs.
MFC after: 3 days
Sponsored by: Sunny Valley Networks
eugen [Sat, 22 Dec 2018 11:38:54 +0000 (11:38 +0000)]
ifconfig.4, lagg.4: fix documentation bug: -use_flowid needs to be used
to force local hash computation and disable usage of RSS hash
provided by driver.
bde [Sat, 22 Dec 2018 09:31:55 +0000 (09:31 +0000)]
Oops, rounddown() for the start was misspelled roundup() in r342295,
so only aligned starts worked. This broke releasing caches in most
cases where the i/o size is smaller than the fs block size.
kevans [Sat, 22 Dec 2018 06:08:06 +0000 (06:08 +0000)]
config(8): Remove all instances of an option when opting out
Quick follow-up to r342362: options can appear multiple times now, so
clean up all of them as needed. For non-OPTIONS options, this has no effect
since they're already de-duplicated.
kevans [Sat, 22 Dec 2018 06:02:34 +0000 (06:02 +0000)]
config(8): Allow duplicate options to be specified
config(8)'s option handling has been written to allow duplicate options; if
the value changes, then the latest value is used and an informative message
is printed to stderr like so:
/usr/src/sys/amd64/conf/TEST: option "VERBOSE_SYSINIT" redefined from 0 to 1
Currently, this is only a possibility for cpu types, MAXUSERS, and
MACHINE_ARCH. Anything else duplicated in a config file will use the first
value set and error about duplicated options on subsequent appearances,
which is arguably unfriendly since one could specify:
include GENERIC
nooptions VERBOSE_SYSINIT
options VERBOSE_SYSINIT
imp [Fri, 21 Dec 2018 23:22:37 +0000 (23:22 +0000)]
Try the first 256 units with nvmecontrol devlist.
The nvmecontrol code that did the devlist assumed that we had a
tightly-packed allocation of units. Since pci writing exists, this
isn't the case. Loop over the first 256 units, which is a reasonable
number of possible units.
bde [Fri, 21 Dec 2018 21:17:45 +0000 (21:17 +0000)]
Fix clobbering of the fatchain cache for clustered i/o's when full
clustering is not done. The bug caused extreme slowness for large
files in some cases.
There is no way to tell VOP_BMAP() how many blocks are wanted, so for
all file systems it has to waste time in some cases by searching for
more contiguous blocks than will be accessed. For msdosfs, it also
clobbered the fatchain cache in these cases by advancing the cache to
point to the chain entry for block that won't be read. This makes
the cache useless for the next sequential i/o (or VOP_BMAP()), so the
fat chain is searched from the beginning. The cache only has 1 relevant
entry, so it is similarly useless for random i/o.
Fix this by only advancing the cache to point to the chain entry for
the first block that will be read. Clustering uses results from
VOP_BMAP(), so when more than 1 block is read by clustering, the cache
is not advanced as optimally as before, but it is at most 1 cluster
size behind and searching the chain through the blocks for this cluster
doesn't take too long.
cem [Fri, 21 Dec 2018 20:30:52 +0000 (20:30 +0000)]
mps(4), mpr(4): remove SATA ID command cancellation hack
Add a generic mechanism to override mp?_wait_command's timeout behavior,
which continues to invoke reinit by default. Invokers who set
cm_timeout_handler may avoid automatic reinit and do their own handling.
Adapt mp?sas_get_sata_identify to this mechanism and remove its callout
hack.
cem [Fri, 21 Dec 2018 20:29:16 +0000 (20:29 +0000)]
mps(4), mpr(4): Fix lifetime of command buffer for mp?sas_get_sata_identify
In the event that the ID command timed out, mps(4)/mpr(4) did not free the
command until it could be cancelled. However, it freed the associated
buffer (cm_data). Fix the lifetime issue by freeing the associated buffer
only after Abort Task or controller reset.
bde [Fri, 21 Dec 2018 20:12:43 +0000 (20:12 +0000)]
Quick fix for initialization of mnt_iosize_max. (This limit controls
mainly clustering and read-ahead.) Copy the initialization from ffs,
and also copy a couple of lines of ffs's nearby style for initialization
order and whitespace.
A correct fix would de-duplicate the initialization and fix bitrot in it
instead of adding another instance of the duplication. Complications to
use the size preferred by the device have been reduced to hard-coding
slightly pessimal and/or inconsistent defaults, using large code that was
almost needed to support the complications.
For msdosfs, the result was that mnt_iosize_max was DFTLPHYS (64K) but is
now MAXPHYS (128K).
vmaffione [Fri, 21 Dec 2018 13:56:57 +0000 (13:56 +0000)]
netmap: nmreplay: import various fixes from upstream (2704a51839906)
Changelist:
- General reformatting
- Fix packet duplication in cons(). Whenever cons() reached the
burst limit it would send all pending packets without advancing
head. This caused the last injected packet to be sent again in
the next round.
- Fix full-speed transmissions after first loop.
vmaffione [Fri, 21 Dec 2018 11:50:14 +0000 (11:50 +0000)]
netmap: move buf_size validation code to its own function
This code validates the netmap buf_size against the interface MTU
and maximum descriptor size, to make sure the values are consistent.
Moving this functionality to its own function is needed because this
function is also called by Linux-specific code.
bde [Fri, 21 Dec 2018 08:15:31 +0000 (08:15 +0000)]
Use VOP_ADVISE() with POSIX_FADV_DONTNEED instead of IO_DIRECT to
implement not double-caching for reads from vnode-backed md devices.
Use VOP_ADVISE() similarly instead of !IO_DIRECT unsimilarly for writes.
Add a "cache" option to mdconfig to allow changing the default of not
caching.
This depends on a recent commit to fix VOP_ADVISE(). A previous version
had optimizations for sequential i/o's (merge the i/o's and only uncache
for discontiguous i/o's and for full blocks), but optimizations and
knowledge of block boundaries belong in VOP_ADVISE(). Read-ahead should
also be handled better, by supporting it in md and discarding it in
VOP_ADVISE().
POSIX_FADV_DONTNEED is ignored by zfs, but so is IO_DIRECT.
POSIX_FADV_DONTNEED works better than IO_DIRECT if it is not ignored,
since it only discards from the buffer cache immediately, while
IO_DIRECT also discards from the page cache immediately.
IO_DIRECT was not used for writes since it was claimed to be too slow,
but most of the slowness for writes is from doing them synchronously by
default. Non-synchronous writes still deadlock in many cases.
IO_DIRECT only has a special implementation for ffs reads with DIRECTIO
configured. Otherwise, if it is not ignored than it uses the buffer and
page caches normally except for discarding everything after each i/o,
and then it has much the same overheads as POSIX_FADV_DONTNEED. The
overheads for reading with ffs and DIRECTIO were similar in tests of md.
bde [Fri, 21 Dec 2018 04:57:59 +0000 (04:57 +0000)]
Fix rounding in vop_stdadvise() for POSIX_FADV_NOREUSE (really
POSIX_FADV_DONTNEED). The most broken case was for applications that
advise for the whole file and then do block-aligned i/o's 1 block at
a time. Then advice is sent to VOP_ADVISE() 1 block at a time, but
in vop_stdadvise() the 1-block advice was turned into 0-block advice
for the buffer cache part.
The bugs were caused partly by callers representing the region as
(a_start, a_end), where a_end is actually the maximum, and everything
else representing the region as (start, end) where 'end' is actually
the end (1 after the maximum). The maximum a_end must be rounded up,
but was rounded down. Also, rounding to page boundaries was inconsistent.
The bugs and fixes have no effect for zfs and other file systems that
don't use the buffer cache or the page cache. Most or all file systems
currently use the default VOP_FADVISE(), but it finds a null buffer cache
and a null page cache for file systems that don't use normal methods.
mckusick [Fri, 21 Dec 2018 01:09:25 +0000 (01:09 +0000)]
Some filesystems (like cd9660 and ext3) require that VFS_STATFS()
be called before VFS_ROOT() is called. Move the call for VFS_STATFS()
so that it is done after VFS_MOUNT(), but before VFS_ROOT().
This change actually improves the robustness of the mount system
call because it returns an error rather than failing silently
when VFS_STATFS() returns failure.
rmacklem [Thu, 20 Dec 2018 22:21:41 +0000 (22:21 +0000)]
Fix the NFSv4 server to obey vfs.nfsd.nfs_privport.
When the NFSv4 server was coded, I believed that the specification authors
did not want NFSv4 servers to require a client to use a reserved port#.
However, recently it has been noted that the Linux NFSv4 server does support
a check for a reserved port#.
Since both the FreeBSD and Linux NFSv4 clients use a reserved port# by
default, enabling vfs.nfsd.nfs_privport to require a reserved port# for
NFSv4 the same as it does for NFSv2, 3 seems reasonable.
The only case where this could cause a POLA violation is a FreeBSD NFSv4
server with vfs.nfsd.nfs_privport set, but with NFSv4 clients doing mounts
without using a reserved port# (< 1024).
cem [Thu, 20 Dec 2018 20:55:33 +0000 (20:55 +0000)]
tpm(4): Fix GCC build after r342084 (TPM 2.0 driver commit)
Move static variable definition (cdevsw) to a more conventional location
(the C file it is used in), rather than a header.
This fixes the GCC warning, -Wunused-variable ("defined but not used") when
the tpm20.h header is included in files other than tpm20.c (e.g.,
tpm_tis.c).
bcran [Thu, 20 Dec 2018 19:39:37 +0000 (19:39 +0000)]
Rework UEFI ESP generation
Currently, the installer uses pre-created 800KB FAT12 filesystems that
it dd's onto the ESP partition.
This changeset improves that by having the installer generate a FAT32
filesystem directly onto the ESP using newfs_msdos and then copying
loader.efi into /EFI/freebsd.
For live installs it then runs efibootmgr to add a FreeBSD boot entry
in the BIOS.
bcran [Thu, 20 Dec 2018 19:27:46 +0000 (19:27 +0000)]
Wait a maximum of 300 seconds for network send/recv in libsa
The reason for this change is that currently, a send/recv
takes many hours to time out.
This is suboptimal in the bootloader because it means for example
that NFS will take hours to fail before allowing subsequent access
methods such as gzip to be tried.
Setting MAXWAIT to 300 seconds (5 minutes) still allows slow
connections of 1Mb to be used to download a 30MB kernel file.
tuexen [Thu, 20 Dec 2018 16:05:30 +0000 (16:05 +0000)]
Fix a regression in the TCP handling of received segments.
When receiving TCP segments the stack protects itself by limiting
the resources allocated for a TCP connections. This patch adds
an exception to these limitations for the TCP segement which is the next
expected in-sequence segment. Without this patch, TCP connections
may stall and finally fail in some cases of packet loss.
Reported by: jhb@
Reviewed by: jtl@, rrs@
MFC after: 3 days
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D18580
mw [Thu, 20 Dec 2018 01:05:09 +0000 (01:05 +0000)]
Fix obtaining RSP address in TPM CRB for non-amd64 platforms
On amd64 the RSP address can be read in single 8-byte transaction,
which is obviously not possible on 32-bit platforms. Fix that
by performing 2 4-byte read on them.
imp [Wed, 19 Dec 2018 23:15:49 +0000 (23:15 +0000)]
32-bit mips SMP is unsupported
Per discussions on mips@, 32-bit mips SMP is now unsupported. The
files in the tree will compile for a while longer, but when the
atomic_swap_64 or similar atomic enters into the MI part of the tree,
as currently foreseen sometime next year, these ports will start to no
longer link. The JZ4780 is the only such system we have.
The UP version of this chip is unaffected by this, and will remain
supported.
imp [Wed, 19 Dec 2018 22:56:31 +0000 (22:56 +0000)]
Fix the date
The first part of the mips pruning has been commited. This part
is uncontested. Fix the date in the UPDATING file to reflect when
I made the commit. The contested parts will be committed (or not)
once those discussions complete.