Alan Somers [Tue, 3 Jul 2018 17:37:16 +0000 (17:37 +0000)]
auditd(8): register signal handlers interrutibly
auditd_wait_for_events() relies on read(2) being interrupted by signals,
but it registers signal handlers with signal(3), which sets SA_RESTART.
That breaks asynchronous signal handling. It means that signals don't
actually get handled until after an audit(8) trigger is received.
Symptoms include:
* Sending SIGTERM to auditd doesn't kill it right away; you must send
SIGTERM and then send a trigger with auditon(2).
* Same with SIGHUP
* Zombie child processes don't get reaped until auditd receives a trigger
sent by auditon. This includes children created by expiring audit trails
at auditd startup.
John Baldwin [Tue, 3 Jul 2018 17:31:45 +0000 (17:31 +0000)]
Clean up the vcs ID strings in libc's gen/ directory.
- Move CSRG IDs into __SCCSID().
- When a file has been copied, consistently use 'From: <tag>' for strings
referencing the version of the source file copied from in the license
block comment.
- Some of the 'From:' tags were using $FreeBSD$ that was being expanded on
each checkout. Fix those to hardcode the FreeBSD tag from the file that
was copied at the time of the copy.
- When multiple strings are present list them in "chronological" order,
so CSRG (__SCCSID) before FreeBSD (__FBSDID). If a file came from
OtherBSD and contains a CSRG ID from the OtherBSD file, use the order
CSRG -> OtherBSD -> FreeBSD.
John Baldwin [Tue, 3 Jul 2018 16:45:49 +0000 (16:45 +0000)]
Strip __RCSID() and __SCCSID() strings by default when building libc.
This is in preparation for changes to update the various ID strings in
libc's source. CSRG ID strings will use __SCCSID() and there are some
existing uses of __RCSID() for NetBSD ID strings already. These are
generally under either an explicit #if 0 or an #ifdef LIBC_SCCS so are
off by default and this change preserves that existing behavior.
Sean Bruno [Tue, 3 Jul 2018 16:17:59 +0000 (16:17 +0000)]
Reset indentiation of ata_suspend() such that its clear we fall through
this function and that we aren't supposed to be controlled by the first
if() conditional. Found with gcc.
No functional change is intended with this commit.
Sean Bruno [Tue, 3 Jul 2018 15:56:22 +0000 (15:56 +0000)]
Reset indentation of this flag. No functional change intended.
Found with gcc.
sys/dev/ata/chipsets/ata-siliconimage.c: In function 'ata_cmd_ch_attach':
sys/dev/ata/chipsets/ata-siliconimage.c:187:5:
warning: this 'if' clause does not guard... [-Wmisleading-indentation]
if (ctlr->chip->cfg2 & SII_INTR)
^~
sys/dev/ata/chipsets/ata-siliconimage.c:190:2:
note: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'
ch->flags |= ATA_NO_ATAPI_DMA;
John Baldwin [Tue, 3 Jul 2018 15:24:09 +0000 (15:24 +0000)]
Don't specify the desired march/mabi for RISC-V in ACFLAGS.
ACFLAGS is only used in addition to CFLAGS, so setting the options in
both was redundant. However, ACFLAGS is added to the command line
after CFLAGS, so the settings from ACFLAGS were applied for assembly
files in kernel modules after the kernel-specific march/abi in CFLAGS.
As a result, the hard-float ACFLAGS in bsd.cpu.mk was overriding the
soft-float CFLAGS.gcc in sys/conf/kern.mk. In particular,
dtrace_asm.o was compiled as hard-float and the linker refused to link
dtrace.ko since its object files contained a mix of hard and soft
float.
pfctl: Don't retrieve interface list if '-n' is set
If '-n' is set we don't use the list of skip interfaces, so don't retrieve it.
This fixes issues if 'pfctl -n' is used before the pf module is loaded. This
was broken by r333181.
Reported by: Jakub Chromy <hicks AT cgi.cz>
MFC after: 1 week
Update bsnmp to version 1.13. This does not bring user-visible changes.
For developers gensnmptree can now generate functions for enums to convert
between enums and strings and to check the validity of a value.
The sources in FreeBSD are now in sync with the upstream which allows to
bring in IPv6 modifications.
When toggling the display using the "m" command to toggle from 'cpu'
mode to 'io' mode, an artifact remains because the buffer is not
"finished" with a NULL terminator using sbuf_finish().
An example of this is, when the "m" command is entered, the title line
will contain COMMANDND instead of COMMAND. This commit fixes this.
Matt Macy [Tue, 3 Jul 2018 01:55:09 +0000 (01:55 +0000)]
make critical_{enter, exit} inline
Avoid pulling in all of the <sys/proc.h> dependencies by
automatically generating a stripped down thread_lite exporting
only the fields of interest. The field declarations are type checked
against the original and the offsets of the generated result is
automatically checked.
kib has expressed disagreement and would have preferred to simply
use genassym style offsets (which loses type check enforcement).
jhb has expressed dislike of it due to header pollution and a
duplicate structure. He would have preferred to just have defined
thread in _thread.h. Nonetheless, he admits that this is the only
viable solution at the moment.
The impetus for this came from mjg's D15331:
"Inline critical_enter/exit for amd64"
Reviewed by: jeff
Differential Revision: https://reviews.freebsd.org/D16078
Ian Lepore [Mon, 2 Jul 2018 22:58:04 +0000 (22:58 +0000)]
Move the passphrase and iteration count into variables.
This is purely to make it easier to tweak them locally; the machine I have
for testing takes forever to do 50,000 pw strengthening iterations, and
we're not testing the strength of geli's anti-pw-guessing logic here
(especially given that our test passphrase is "passphrase", except that
I tend to tweak that also, to 'x', because typing is hard).
Some day these should be settable as cmdline args. But then, some day this
whole script should probably get a rewrite. :)
Alexander Motin [Mon, 2 Jul 2018 20:56:17 +0000 (20:56 +0000)]
Cut currdev dev and path fields for ZFS on the last colon.
Previously the code cut those fields on second colon, that prevented
boot from boot environments with colon in their names. This change
moves the limitation from dev field to path, which is empty by default.
Matt Macy [Mon, 2 Jul 2018 19:48:38 +0000 (19:48 +0000)]
inline atomics and allow tied modules to inline locks
- inline atomics in modules on i386 and amd64 (they were always
inline on other arches)
- allow modules to opt in to inlining locks by specifying
MODULE_TIED=1 in the makefile
Rick Macklem [Mon, 2 Jul 2018 19:33:26 +0000 (19:33 +0000)]
Document the "#mds_path" suffix for the "-p" command line option.
r335871 added support for an optional suffix of "#mds_path" that can be
applied to each entry in the "-p" option argument. This specifies that
the DS should be used to store files for the file system on the MDS
at "mds_path".
This patch documents this optional suffix.
Rick Macklem [Mon, 2 Jul 2018 19:26:31 +0000 (19:26 +0000)]
Add an optional feature to the pNFS server.
Without this patch, the pNFS server distributes the data storage files across
all of the specified DSs.
A tester noted that it would be nice if a system administrator could control
which DSs are used to store the file data for a given exported MDS file system.
This patch adds an optional suffix for each entry in the "-p" option argument
that specifies "store file data for this MDS file system" in this DS.
The patch should only affect sites using the pNFS server (specified via the
"-p" command line option for nfsd.
The interface between the nfsd and the kernel has changed with this patch,
so anyone using the "-p" option needs to rebuild their nfsd from sources
with this patch applied to them.
Rick Macklem [Mon, 2 Jul 2018 19:21:33 +0000 (19:21 +0000)]
Add an optional feature to the pNFS server.
Without this patch, the pNFS server distributes the data storage files across
all of the specified DSs.
A tester noted that it would be nice if a system administrator could control
which DSs are used to store the file data for a given exported MDS file system.
This patch adds the kernel support to do this. It also makes a slight semantic
change to nfsv4_findmirror(), since some uses of it no longer require that
the DS being searched for have a current mirror.
A patch that will be committed in a few minutes will modify the nfsd daemon
to support this feature.
The patch should only affect sites using the pNFS server (specified via the
"-p" command line option for nfsd.
Allan Jude [Mon, 2 Jul 2018 18:19:08 +0000 (18:19 +0000)]
stand/common/disk.c: Read partition table relative to the start of the disk
If a disk is of an oddball size, like the 200mb + 512b used in rootgen.sh,
when disk_open() is called on a GELI encrypted partition, attempts to read
the partition table fail, as they pass through the decryption process which
turns the already plaintext data into jibberish.
When reading the partition table, always pass a slice and partition setting
of -1, and an offset of 0. Setting the slice to -1 prevents a false
positive when checking the slice against the cache of GELI encrypted
slices.
Reviewed by: imp, ian
Sponsored by: Klara Systems
Differential Revision: https://reviews.freebsd.org/D15847
Rick Macklem [Mon, 2 Jul 2018 17:50:46 +0000 (17:50 +0000)]
Fix the server side krpc so that the kernel nfsd threads terminate.
Occationally the kernel nfsd threads would not terminate when a SIGKILL
was posted for the kernel process (called nfsd (slave)). When this occurred,
the thread associated with the process (called "ismaster") had returned from
svc_run_internal() and was sleeping waiting for the other threads to terminate.
The other threads (created by kthread_start()) were still in svc_run_internal()
handling NFS RPCs.
The only way this could occur is for the "ismaster" thread to return from
svc_run_internal() without having called svc_exit().
There was only one place in the code where this could happen and this patch
stops that from happening.
Since the problem is intermittent, I cannot be sure if this has fixed the
problem, but I have not seen an occurrence of the problem with this patch
applied.
Alan Cox [Mon, 2 Jul 2018 17:18:46 +0000 (17:18 +0000)]
Introduce vm_phys_enq_range(), and call it in vm_phys_alloc_npages()
and vm_phys_alloc_seg_contig() instead of vm_phys_free_contig(). In
short, vm_phys_enq_range() is simpler and faster than the more general
vm_phys_free_contig(), and in the case of vm_phys_alloc_seg_contig(),
vm_phys_free_contig() was placing the excess physical pages at the
wrong end of the queues.
In collaboration with: Doug Moore <dougm@rice.edu>
Change the group and the permissions on /dev/acpi, to make "acpiconf"
work when called by members of the 'operator' group. They are already
allowed to eg power off the system (via suid shutdown(8)), so they
might as well be permitted to suspend it.
Ed Schouten [Mon, 2 Jul 2018 10:57:22 +0000 (10:57 +0000)]
Restore the order in which RFC 3164 messages with fac/pri are formatted.
The refactoring of the syslogd code to format messages using iovecs
slightly altered the output of syslogd by placing the facility/priority
after the hostname, as opposed to printing it right before. This change
reverts the behaviour to be consistent with how it was before.
PR: 229457
Reported by: Andre Albsmeier
MFC after: 1 week
Add support for the second channel to bcm2835_pwm driver. Configurable
parameters like mode, period, ratio are exposed as sysctls with postfix '2',
e.g.: dev.pwm.N.mode2, dev.pwm.N.period2, dev.pwm.N.ratio2
Second channel can be enabled in DTB by configuring pwn-2chan overlay
instead of pwm in config.txt. See [1]
[man] Get uhid(4) man page in sync with current API
API documented in previous version of uhid(4) man page has been obsolete
since May 2009 when old USB stack was replaced with USB2 implentation.
Current API has the same set of ioctl calls but uses usb_gen_descriptor
structure to pass data to/from kernel.
There isn't any need to limit the size of the screen. Utilities like
'less -S' don't have a (meaningful) limit anyways. This also makes the
way to dynamically changing the column widths based on the screen width.
This code isn't designed to be particularly portable outside of FreeBSD.
To be more specific it doesn't make much sense to support compiling
find(1) on VMS.
Rick Macklem [Sun, 1 Jul 2018 17:49:02 +0000 (17:49 +0000)]
Add a new "-m" option to pnfsdsfile(8) to prepare a file for mirroring.
When pnfsdscopymr(8) is used to create a mirror of a file on a mirrored
pNFS service, it expects to find an entry in the extended attribute for
IP address 0.0.0.0.
This patch adds a "-m" option which can be used to create these entrie(s).
It also tightens up the checks for use of incompatible command line options.
The '%I' format in the kern.corefile sysctl limits the number of
core files that a process can generate to the number stored in the
debug.ncores sysctl. The '%I' format is replaced by the single digit
index. Previously, if all indexes were taken the kernel would overwrite
only a core file with the highest index in a filename.
Currently the system will create a new core file if there is a free
index or if all slots are taken it will overwrite the oldest one.
Update carp to set DSCP value CS7(Network Traffic) in the flowlabel field of
packets by default. Currently carp only sets TOS_LOWDELAY in IPv4 which was
deprecated in 1998. This also implements sysctl that can revert carp back to
it's old behavior if desired.
This will allow implementation of QOS on modern network devices to make sure
carp packets aren't dropped during interface contention.
Submitted by: Nick Wolff <darkfiberiru AT gmail.com>
Reviewed by: kp, mav (earlier version)
Differential Revision: https://reviews.freebsd.org/D14536
Will Andrews [Sun, 1 Jul 2018 01:16:03 +0000 (01:16 +0000)]
pf: remove unused ioctls.
Several ioctls are unused in pf, in the sense that no base utility
references them. Additionally, a cursory review of pf-based ports
indicates they're not used elsewhere either. Some of them have been
unused since the original import. As far as I can tell, they're also
unused in OpenBSD. Finally, removing this code removes the need for
future pf work to take them into account.
Bryan Drewery [Sat, 30 Jun 2018 19:36:02 +0000 (19:36 +0000)]
META_MODE: Fix clang-tblgen flip-flop building after r335707.
The build of this would have MK_LLVM_TARGET_ALL=yes for bootstrap-tools
but MK_LLVM_TARGET_ALL=no for cross-tools and thus would rebuild between
the two.
Dimitry Andric [Sat, 30 Jun 2018 15:03:22 +0000 (15:03 +0000)]
More follow-up to r335799 (llvm/clang 6.0.1 update), where I forgot to
update mtree files, ObsoleteFiles and a number of other paths. Sorry
about all the breakage.
Pointy hat to: me
MFC after: 2 weeks
X-MFC-With: r335799
Kristof Provost [Sat, 30 Jun 2018 12:51:08 +0000 (12:51 +0000)]
pfsync: Fix state sync during initial bulk update
States learned via pfsync from a peer with the same ruleset checksum were not
getting assigned to rules like they should because pfsync_in_upd() wasn't
passing the PFSYNC_SI_CKSUM flag along to pfsync_state_import.
Rick Macklem [Sat, 30 Jun 2018 12:14:20 +0000 (12:14 +0000)]
Add a safety belt assignment to the nfsd for when "-p" isn't specified.
The kernel code assumes that nfsdargs.addr == NULL and nfsdargs.addrlen == 0
when there is no "-p" argument used for starting the nfsd.
This small patch ensures this is the case. In practice, I believe this always
happened, since "nfsdargs" was the last element on the stack for "main()",
but this little patch ensures it will be the case.
Spotted by inspection while adding a new optional field for "-p".
Kirk McKusick [Fri, 29 Jun 2018 22:24:41 +0000 (22:24 +0000)]
Create um_flags in the ufsmount structure to hold flags for a UFS filesystem.
Convert integer structure flags to use um_flags:
int um_candelete; /* devvp supports TRIM */
int um_writesuspended; /* suspension in progress */
become:
#define UM_CANDELETE 0x00000001 /* devvp supports TRIM */
#define UM_WRITESUSPENDED 0x00000002 /* suspension in progress */
This is in preparation for adding other flags to indicate forcible
unmount in progress after a disk failure and possibly forcible
downgrade to read-only.
Alex Richardson [Fri, 29 Jun 2018 21:15:26 +0000 (21:15 +0000)]
Don't change directory owner to root when building with -DNO_ROOT
Currently the mtree calls in Makefile.inc1 all change the directory owner
to match the spec file. However, we should not be doing this during
distributeworld if -DNO_ROOT is passed. Additionally, when creating the
WORLDTMP directory hierachy there is no need to change the owner to root so
we now always pass the -W flag when populating WORLDTMP.
This is also required for building FreeBSD on Linux/Mac since the required
groups/users will not exist there which is how I discovered this issue.
Alex Richardson [Fri, 29 Jun 2018 21:15:17 +0000 (21:15 +0000)]
Fix missing files in METALOG with -DNO_ROOT
By using INSTALL_LINK instead of calling ln during install the files
end up in the METALOG file as well if we use -DNO_ROOT and will be
included in a disk image when using makefs with METALOG as the input.
The other file that was not included in METALOG was /var/db/services.db
which is now also included for -DNO_ROOT.
Justin Hibbits [Fri, 29 Jun 2018 19:35:25 +0000 (19:35 +0000)]
Support multiple OPAL consoles, and don't crash if uart is not stdout
Summary: If the chosen console is not the OPAL uart, but OPAL uart devices
exist, the console device doesn't attach properly, and faults in the interrupt
handler, with a NULL pointer dereference. To fix this, and as a byproduct, also
support multiple OPAL consoles, refactor to have the console getc callback use
the appropriate softc instead of the global console_sc, which may be NULL in the
case of a different device being the console.
Previously newvers.sh passed --work-tree=${VCSDIR}/.. when invoking git.
When using git worktree .git is actually a file, not a directory, and
.git/.. is not a valid path. Although it appears git handles this
internally (perhaps it normalizes the path first), it is simple enough
for the script to store both the working tree top-level directory and
the VCS (.git) directory, so do so.
Rick Macklem [Fri, 29 Jun 2018 12:41:36 +0000 (12:41 +0000)]
Fix the pNFS server for a case where mirror level equals number of DSs.
If a pNFS service was set up where the number of DSs equals the mirror level
and then a DS was disabled, the service would create files with duplicate
entries for the same DS. This bug occurred because I didn't realize that
TAILQ_FOREACH_FROM() would start at the beginning of the list when the
inital value of the variable was NULL.
This patch also changes the pNFS server DS file creation code so that it
creates entrie(s) with 0.0.0.0 IP address when it cannot create mirror level
files due to lack of DSs.
The patch only affects the pNFS service and only when it was created with
a number of DSs equal to the mirror level and mirroring is enabled.
Alan Somers [Fri, 29 Jun 2018 04:52:27 +0000 (04:52 +0000)]
audit(4): add tests for several more administrative syscalls
Includes ntp_adjtime, auditctl, acct, auditon, and clock_settime. Includes
quotactl, mount, nmount, swapon, and swapoff in failure mode only. Success
tests for those syscalls will follow. Also includes reboot(2) in failure
mode only. That one can't be tested in success mode.
Ian Lepore [Thu, 28 Jun 2018 22:13:32 +0000 (22:13 +0000)]
When being verbose about various leapfile versions, also mention expiration.
The expiration date is actually more of a version number than the version
date, because expiration changes twice a year, whereas the version only
changes when actual leap second events occur (except in USNO leapfiles,
which inappropriately bump the version with every expiration date change).
Ian Lepore [Thu, 28 Jun 2018 22:05:29 +0000 (22:05 +0000)]
Rename variable ntp_tmp_leapfile to have a leading underbar, to distinguish
it from variables with similar names which are set in rc.conf. This will
make more sense as the script grows more similar-name local variables in
some upcoming changes.
Mark Johnston [Thu, 28 Jun 2018 21:40:31 +0000 (21:40 +0000)]
Invalidate the mapping before updating its physical address.
Doing so ensures that all threads sharing the pmap have a consistent
view of the mapping. This fixes the problem described in the commit
log messages for r329254 without the overhead of an extra fault in the
common case. Once other pmap_enter() implementations are similarly
modified, the workaround added in r329254 can be removed, reducing the
overhead of CoW faults.
With this change we can reuse the PV entry from the old mapping,
potentially avoiding a call to reclaim_pv_chunk(). Otherwise, there is
nothing preventing the old PV entry from being reclaimed. In rare
cases this could result in the PTE's page table page being freed,
leading to a use-after-free of the page when the updated PTE is written
following the allocation of the PV entry for the new mapping.
John Baldwin [Thu, 28 Jun 2018 21:27:34 +0000 (21:27 +0000)]
Support 2GB of memory on Malta systems with FreeBSD/mips.
When 2GB of memory is enabled for QEMU's Malta emulation, the physical
memory ends at an address of 2^32 - 1. This causes an integer overflow
to zero when computing the upper bound of the second phys_avail[] range.
As a result, FreeBSD/mips kernels were only using the first 256MB of
RAM and ignoring the remaining 1.75GB. To work around this, truncate
the extended memory size to 2GB minus one page for 32-bit mips kernels.
John Baldwin [Thu, 28 Jun 2018 21:26:14 +0000 (21:26 +0000)]
Remove the various build flag hacks for GCC cross-compile.
The xtoolchain GCC packages have not required these flags since ports
commits r465416 and r466701. The in-tree GCC 4.2.1 has also been patched
in r335716 and r335717 to correctly honor --sysroot when looking for
includes and libraries.
SDHOST is another SD controller that is present on Raspberry Pi (the
other one is SDHC and handled by bcm2835_sdhci driver). Both
controllers are capable of providing interface to SD card, actual
configuration can be set in dtb file. At the moment custom DTBs for
RPi/RPi2 have sdhost node disabled. On RPi3 sdhost is disabled in
snapshot images by applying mmc.dtbo overlay. To enalbe both devices
user has to edit config.txt on FAT partition and remove or comment
"dtoverlay=mmc" line.
When no overlay applied on RPi3 SDHOST controls SD card and SDHC
interface can be used for SDIO. mmc.dtbo overlay disables SDHOST node
and switches SD card over to SDHC. Likewise sdhost.dtbo overlay (not
currently included in snapshot image, but can be obtained from firmare
repo[1]) disabled SDHC node and switch SD card over to SDHOST.