jhb [Thu, 22 Mar 2012 12:23:32 +0000 (12:23 +0000)]
Mark the 'lapics' and 'ioapics' arrays here static since they are
private to this file. The 'lapics' array was actually shadowing a
completely different 'lapics' array that is private to local_apic.c.
stas [Thu, 22 Mar 2012 08:48:42 +0000 (08:48 +0000)]
- Update FreeBSD Heimdal distribution to version 1.5.1. This also brings
several new kerberos related libraries and applications to FreeBSD:
o kgetcred(1) allows one to manually get a ticket for a particular service.
o kf(1) securily forwards ticket to another host through an authenticated
and encrypted stream.
o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1)
and other user kerberos operations. klist and kswitch are just symlinks
to kcc(1) now.
o kswitch(1) allows you to easily switch between kerberos credentials if
you're running KCM.
o hxtool(1) is a certificate management tool to use with PKINIT.
o string2key(1) maps a password into key.
o kdigest(8) is a userland tool to access the KDC's digest interface.
o kimpersonate(8) creates a "fake" ticket for a service.
We also now install manpages for some lirbaries that were not installed
before, libheimntlm and libhx509.
- The new HEIMDAL version no longer supports Kerberos 4. All users are
recommended to switch to Kerberos 5.
- Weak ciphers are now disabled by default. To enable DES support (used
by telnet(8)), use "allow_weak_crypto" option in krb5.conf.
- libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings
disabled due to the function they use (krb5_get_err_text(3)) being
deprecated. I plan to work on this next.
- Heimdal's KDC now require sqlite to operate. We use the bundled version
and install it as libheimsqlite. If some other FreeBSD components will
require it in the future we can rename it to libbsdsqlite and use for these
components as well.
- This is not a latest Heimdal version, the new one was released while I was
working on the update. I will update it to 1.5.2 soon, as it fixes some
important bugs and security issues.
alc [Thu, 22 Mar 2012 04:52:51 +0000 (04:52 +0000)]
Handle spurious page faults that may occur in no-fault sections of the
kernel.
When access restrictions are added to a page table entry, we flush the
corresponding virtual address mapping from the TLB. In contrast, when
access restrictions are removed from a page table entry, we do not
flush the virtual address mapping from the TLB. This is exactly as
recommended in AMD's documentation. In effect, when access
restrictions are removed from a page table entry, AMD's MMUs will
transparently refresh a stale TLB entry. In short, this saves us from
having to perform potentially costly TLB flushes. In contrast,
Intel's MMUs are allowed to generate a spurious page fault based upon
the stale TLB entry. Usually, such spurious page faults are handled
by vm_fault() without incident. However, when we are executing
no-fault sections of the kernel, we are not allowed to execute
vm_fault(). This change introduces special-case handling for spurious
page faults that occur in no-fault sections of the kernel.
In collaboration with: kib
Tested by: gibbs (an earlier version)
I would also like to acknowledge Hiroki Sato's assistance in
diagnosing this problem.
alc [Thu, 22 Mar 2012 04:40:22 +0000 (04:40 +0000)]
Change pv_entry_count to a long. During the lifetime of FreeBSD 10.x,
physical memory sizes at the high-end will likely reach a point that
the number of pv entries could overflow an int.
jmallett [Wed, 21 Mar 2012 10:27:12 +0000 (10:27 +0000)]
o) Don't keep drive parameters in a global, put them in the softc.
o) Don't report a bogus stripesize.
o) Eliminate a nearby gratuitous "proxy" indirection.
marius [Wed, 21 Mar 2012 08:57:15 +0000 (08:57 +0000)]
Remove remnants of ATA_LOCKING uses in the ATA_CAM case and wrap it
along with functions, SYSCTLs and tunables that are not used with
ATA_CAM in #ifndef ATA_CAM, similar to the existing #ifdef'ed ATA_CAM
code for the other way around. This makes it easier to understand
which parts of ata(4) actually are used in the new world order and
to later on remove the !ATA_CAM bits. It also makes it obvious that
there is something fishy with the C-bus front-end as well as in the
ATP850 support, as these used ATA_LOCKING which is defunct in the
ATA_CAM case. When fixing the former, ATA_LOCKING probably needs to
be brought back in some form or other.
glebius [Wed, 21 Mar 2012 08:43:38 +0000 (08:43 +0000)]
in6_pcblookup_local() still can return a pcb with NULL
inp_socket. To avoid panic, do not dereference inp_socket,
but obtain reuse port option from inp_flags2, like this
is done after next call to in_pcblookup_local() a few lines
down below.
ed [Wed, 21 Mar 2012 08:38:42 +0000 (08:38 +0000)]
Remove pty(4) from our kernel configurations.
As of FreeBSD 8, this driver should not be used. Applications that use
posix_openpt(2) and openpty(3) use the pts(4) that is built into the
kernel unconditionally. If it turns out high profile depend on the
pty(4) module anyway, I'd rather get those fixed. So please report any
issues to me.
The pty(4) module is still available as a kernel module of course, so a
simple `kldload pty' can be used to run old-style pseudo-terminals.
davidxu [Wed, 21 Mar 2012 07:12:52 +0000 (07:12 +0000)]
Use version 2 of semaphore provided by kernel umtx code, now if there is
no waiters, we still increase and decrease count in user mode without
entering kernel, once there is a waiter, sem_post will enter kernel to
increase count and wake thread up, this is atomicy and allow us to
gracefully destroy semaphore after sem_wait returned.
glebius [Wed, 21 Mar 2012 07:02:17 +0000 (07:02 +0000)]
Fix a sentence in a paragraph that describes time and interval based
trimming. This sentence vaguely can be interpreted as if it was speaking
about time and size interaction, while it wasn't about it.
alc [Wed, 21 Mar 2012 04:00:58 +0000 (04:00 +0000)]
Eliminate vm.pmap.shpgperproc and vm.pmap.pv_entry_max because they no
longer serve any purpose. Prior to r157446, they served a purpose
because there was a fixed amount of kernel virtual address space
reserved for pv entries at boot time. However, since that change pv
entries are accessed through the direct map, and so there is no limit
imposed by a fixed amount of kernel virtual address space.
jkim [Tue, 20 Mar 2012 20:37:23 +0000 (20:37 +0000)]
Fix another witness panic. We cannot enter critical section at all because
AcpiEnterSleepState() executes (optional) _GTS method since ACPICA 20120215
(r231844). To evaluate the method, we need malloc(9), which may sleep.
kib [Tue, 20 Mar 2012 13:20:49 +0000 (13:20 +0000)]
Fix several problems with our ELF filters implementation.
Do not relocate twice an object which happens to be needed by loaded
binary (or dso) and some filtee opened due to symbol resolution when
relocating need objects. Record the state of the relocation
processing in Obj_Entry and short-circuit relocate_objects() if
current object already processed.
Do not call constructors for filtees loaded during the early
relocation processing before image is initialized enough to run
user-provided code. Filtees are loaded using dlopen_object(), which
normally performs relocation and initialization. If filtee is
lazy-loaded during the relocation of dso needed by the main object,
dlopen_object() runs too earlier, when most runtime services are not
yet ready.
Postpone the constructors call to the time when main binary and
depended libraries constructors are run, passing the new flag
RTLD_LO_EARLY to dlopen_object(). Symbol lookups callers inform
symlook_* functions about early stage of initialization with
SYMLOOK_EARLY. Pass flags through all functions participating in
object relocation.
Use the opportunity and fix flags argument to find_symdef() in
arch-specific reloc.c to use proper name SYMLOOK_IN_PLT instead of
true, which happen to have the same numeric value.
Reported and tested by: theraven
Reviewed by: kan
MFC after: 2 weeks
raj [Tue, 20 Mar 2012 13:08:57 +0000 (13:08 +0000)]
Improve device tree blob (DTB) handling in loader(8).
Enable using the statically embedded blob from the kernel, if present. The KLD
loaded DTB takes precedence, but they are both recognized and handled in the
same way.
adrian [Tue, 20 Mar 2012 04:50:25 +0000 (04:50 +0000)]
Delay sequence number allocation for A-MPDU until just before the frame
is queued to the hardware.
Because multiple concurrent paths can execute ath_start(), multiple
concurrent paths can push frames into the software/hardware TX queue
and since preemption/interrupting can occur, there's the possibility
that a gap in time will occur between allocating the sequence number
and queuing it to the hardware.
Because of this, it's possible that a thread will have allocated a
sequence number and then be preempted by another thread doing the same.
If the second thread sneaks the frame into the BAW, the (earlier) sequence
number of the first frame will be now outside the BAW and will result
in the frame being constantly re-added to the tail of the queue.
There it will live until the sequence numbers cycle around again.
This also creates a hole in the RX BAW tracking which can also cause
issues.
This patch delays the sequence number allocation to occur only just before
the frame is going to be added to the BAW. I've been wanting to do this
anyway as part of a general code tidyup but I've not gotten around to it.
This fixes the PR.
However, it still makes it quite difficult to try and ensure in-order
queuing and dequeuing of frames. Since multiple copies of ath_start()
can be run at the same time (eg one TXing process thread, one TX completion
task/one RX task) the driver may end up having frames dequeued and pushed
into the hardware slightly/occasionally out of order.
And, to make matters more annoying, net80211 may have the same behaviour -
in the non-aggregation case, the TX code allocates sequence numbers
before it's thrown to the driver. I'll open another PR to investigate
this and potentially introduce some kind of final-pass TX serialisation
before frames are thrown to the hardware. It's also very likely worthwhile
adding some debugging code into ath(4) and net80211 to catch when/if this
does occur.
jhb [Mon, 19 Mar 2012 21:09:12 +0000 (21:09 +0000)]
Retire the IF_ADDR_LOCK() and IF_ADDR_UNLOCK() compat macros from HEAD.
The new [RW]LOCK macros are merged back to 8.x so should be suitable for
new code in HEAD even if it is to be MFC'd.
dim [Mon, 19 Mar 2012 19:17:55 +0000 (19:17 +0000)]
Fix the following warning from clang trunk:
usr.sbin/dconschat/dconschat.c:163:65: error: format specifies type 'size_t' (aka 'unsigned int') but the argument has type 'off_t' (aka 'long long') [-Werror,-Wformat]
snprintf(buf, PAGE_SIZE, "\r\n[dconschat reset target(addr=0x%zx)...]\r\n", dc->reset);
~~^ ~~~~~~~~~
%llx
Silence this by casting dc->reset to intmax_t, and using the appropriate
length modifier. While here, wrap the line to a 80 character margin.
dim [Mon, 19 Mar 2012 19:01:34 +0000 (19:01 +0000)]
Add explicit braces to avoid dangling else in stl_tree.h. This silences
the following warning produced by clang trunk:
In file included from /usr/src/sbin/devd/devd.cc:91:
In file included from /usr/obj/usr/src/tmp/usr/include/c++/4.2/map:64:
/usr/obj/usr/src/tmp/usr/include/c++/4.2/bits/stl_tree.h:987:2: error: add explicit braces to avoid dangling else [-Werror,-Wdangling-else]
else
^
jhb [Mon, 19 Mar 2012 18:47:34 +0000 (18:47 +0000)]
Fix madvise(MADV_WILLNEED) to properly handle individual mappings larger
than 4GB. Specifically, the inlined version of 'ptoa' of the the 'int'
count of pages overflowed on 64-bit platforms. While here, change
vm_object_madvise() to accept two vm_pindex_t parameters (start and end)
rather than a (start, count) tuple to match other VM APIs as suggested
by alc@.
jhb [Mon, 19 Mar 2012 18:43:44 +0000 (18:43 +0000)]
Alter the previous commit to use vm_size_t instead of vm_pindex_t.
vm_pindex_t is not a count of pages per se, it is more like vm_ooffset_t,
but a page index instead of a byte offset.
ae [Mon, 19 Mar 2012 13:14:44 +0000 (13:14 +0000)]
Add new GEOM_PART_LDM module that implements the Logical Disk Manager
scheme. The LDM is a logical volume manager for MS Windows NT and it
is also known as dynamic volumes. It supports about 2000 partitions
and also provides the capability for software RAID implementations.
This version implements only partitioning scheme capability and based
on the linux-ntfs project documentation and several publications across
the Web. NOTE: JBOD, RAID0 and RAID5 volumes aren't supported.
An access to the LDM metadata is read-only. When LDM is on the disk
partitioned with MBR we can also destroy metadata. For the GPT
partitioned disks destroy action is not supported.
kib [Mon, 19 Mar 2012 09:34:22 +0000 (09:34 +0000)]
If we ever allow for managed fictitious pages, the pages shall be
excluded from superpage promotions. At least one of the reason is
that pv_table is sized for non-fictitious pages only.
Consistently check for the page to be non-fictitious before accesing
superpage pv list.
Sponsored by: The FreeBSD Foundation
Reviewed by: alc
MFC after: 2 weeks
glebius [Mon, 19 Mar 2012 09:30:40 +0000 (09:30 +0000)]
Rotate auth.log and messages at the beginning of a year. Otherwise,
daily security checks 800.loginfail and 900.tcpwrap may produce
false positive alerts.
yongari [Mon, 19 Mar 2012 02:10:40 +0000 (02:10 +0000)]
Do not change current media when driver is already running. If
driver is running driver would have already completed flow control
configuration. This change removes unnecessary media changes in
controller reconfiguration cases such that it does not trigger link
reestablishment for configuration change requests like promiscuous
mode change.
Reported by: Many
Tested by: Mike Tancsa <mike <> sentex dot net>
MFC after: 1 week
eadler [Mon, 19 Mar 2012 00:36:32 +0000 (00:36 +0000)]
- Clean up timestamps in msgbuf code. The timestamps should now be
inserted after the priority token thus cleaning up the output.
- Remove the needless double internal do_add_char function.
- Resolve a possible deadlock if interrupts are
disabled and getnanotime is called
jilles [Sun, 18 Mar 2012 21:46:27 +0000 (21:46 +0000)]
fts(3): Mention that FTS_NOCHDIR imposes {PATH_MAX} limits on the returned
pathnames.
With the current API (no *at functions), FTS_NOCHDIR requires that the
fts_accpath start with the original path passed to fts_open(); therefore,
the depth that can be reached is limited by the {PATH_MAX} constraint on
this pathname.
tijl [Sun, 18 Mar 2012 19:06:38 +0000 (19:06 +0000)]
Copy i386 reg.h to x86 and merge with amd64 reg.h. Replace i386/amd64/pc98
reg.h with stubs.
The tREGISTER macros are only made visible on i386. These macros are
deprecated and should not be available on amd64.
The i386 and amd64 versions of struct reg have been renamed to struct
__reg32 and struct __reg64. During compilation either __reg32 or __reg64
is defined as reg depending on the machine architecture. On amd64 the i386
struct is also available as struct reg32 which is used in COMPAT_FREEBSD32
code.
nwhitehorn [Sun, 18 Mar 2012 13:22:42 +0000 (13:22 +0000)]
Remove acquisition of VM page queues lock from pmap_protect(). Any actual
manipulation of the pvo_vlink and pvo_olink entries is already protected
by the table lock, so most remaining instances of the acquisition of the
page queues lock can likely be replaced with the table lock, or removed
if the table lock is already held.
bz [Sun, 18 Mar 2012 11:23:40 +0000 (11:23 +0000)]
Hide kernel option ROUTETABLES evaluations in the implementation
rather than the header file. With this also move RT_MAXFIBS and
RT_NUMFIBS into the implemantion to avoid further usage in other
code. rt_numfibs is all that should be needed.
This allows users to change the number of FIBs from 1..RT_MAXFIBS(16)
dynamically using the tunable without the need to change the kernel
config for the maximum anymore. This means that thet multi-FIB
feature is now fully available with GENERIC kernels.
The kernel option ROUTETABLES can still be used to set the default
numbers of FIBs in absence of the tunable.
marius [Sun, 18 Mar 2012 02:19:30 +0000 (02:19 +0000)]
Declare some variables static in order to reduce the object size and
redo r232822 in a less hackish way. The latter now no longer breaks
compiling the x86 boot2 with clang.
gonzo [Sun, 18 Mar 2012 01:43:41 +0000 (01:43 +0000)]
- Fix logic for detection if further processing of PMC should be performed.
pmc_intr returns one if one of the counters actually triggered the IRQ
- style(9) fixed
davidxu [Sun, 18 Mar 2012 00:22:29 +0000 (00:22 +0000)]
Some software think a mutex can be destroyed after it owned it, for
example, it uses a serialization point like following:
pthread_mutex_lock(&mutex);
pthread_mutex_unlock(&mutex);
pthread_mutex_destroy(&muetx);
They think a previous lock holder should have already left the mutex and
is no longer referencing it, so they destroy it. To be maximum compatible
with such code, we use IA64 version to unlock the mutex in kernel, remove
the two steps unlocking code.
kib [Sat, 17 Mar 2012 23:03:20 +0000 (23:03 +0000)]
Add sysctl vfs.nfs.nfs_keep_dirty_on_error to switch the nfs client
behaviour on error from write RPC back to behaviour of old nfs client.
When set to not zero, the pages for which write failed are kept dirty.