emaste [Tue, 3 Jan 2017 15:59:39 +0000 (15:59 +0000)]
MFC r309411: Retire long-broken/unused static rtld support
rtld-elf has some vestigial support for building as a static executable.
r45501 introduced a partial implementation with a prescient note that it
"might never be enabled." r153515 introduced ELF symbol versioning
support, and removed part of the unused build infrastructure for static
rtld.
GNU ld populates rela relocation addends and GOT entries with the same
values, and rtld's run-time dynamic executable check relied on this.
Alternate toolchains may not populate the GOT entries, which caused
RTLD_IS_DYNAMIC to return false. Simplify rtld by just removing the
unused check.
If we want to restore static rtld support later on we ought to introduce
a build-time #ifdef flag.
emaste [Tue, 3 Jan 2017 15:57:47 +0000 (15:57 +0000)]
MFC r310634: elfcopy: fix PE object section name corruption and crash
Fixed a bug that the PE object section names are generated incorrectly
using the section name table found in the original input ELF object
instead of the intermediate ELF object.
Ticket: #541
Do not try to copy section content from a NULL d_buf when creating
uninitialized data COFF section for PE object.
Fixed vendor issues (relevant to FreeBSD)
#825, #832: Add sanity check of tar "uid, "gid" and "mtime" fields
#830, #831, #833, #846: Spelling fixes
#850: Fix issues with reading certain jar files
Fixed issues found by Google OSS-Fuzz:
OSS-Fuzz #15: Fix heap-buffer-overflow in archive_le16dec()
OSS-Fuzz #16: Fix possible hang in uudecode_filter_read()
OSS-Fuzz #139, #145, #152: Fix heap-buffer-overflow in uudecode_bidder_bid()
OSS-Fuzz #220: Reject an 'ar' filename table larger than 1GB or a filename
larger than 1MB
OSS-Fuzz #227, #230, #239: Fix possible memory leak in archive_read_free()
OSS-Fuzz #237: Fix heap buffer overflow when reading invalid ar archives
OSS-Fuzz #286: Bugfix in archive_strncat_l()
More information:
https://github.com/libarchive/libarchive/issues/[libarchive_issue_number]
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=[oss_fuzz_issue_number]
arybchik [Sun, 1 Jan 2017 19:11:31 +0000 (19:11 +0000)]
MFC r310749
sfxge(4): use correct port number in sensor decoding
The port mask used for per-port sensors in mcdi_sensor_map
assumes zero-based port numbering. The port mask used in
the code is based on the one-based MCDI port number.
Fix this to lookup the correct per-port sensors, and to
allow reporting of sensor events from higher port numbers.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
ngie [Sun, 1 Jan 2017 04:45:06 +0000 (04:45 +0000)]
MFC r310996:
Look for list.h in ${.CURDIR} to unbreak the build with a ports-based copy
of llvm38 on ^/stable/11 (oh, the bugs you find when you set CC,CXX,CPP
manually and it skips the bootstrap stage for the toolchain...)
jhb [Sat, 31 Dec 2016 17:05:09 +0000 (17:05 +0000)]
MFC 310336:
Don't spin in pause() during early boot for kthreads other than thread0.
pause() uses a spin loop to simulate a sleep during early boot. However,
we only need this for thread0 to get far enough in the boot process to
enable timers (at which point pause() can sleep). For other kthreads,
sleeping in pause() is ok as the callout will be scheduled and will
eventually fire once thread0 initializes timers.
cache: put all negative entry management code into dedicated functions
==
cache: manage negative entry list with a dedicated lock
Since negative entries are managed with a LRU list, a hit requires a
modificaton.
Currently the code tries to upgrade the global lock if needed and is
forced to retry the lookup if it fails.
Provide a dedicated lock for use when the cache is only shared-locked.
==
cache: defer freeing entries until after the global lock is dropped
This also defers vdrop for held vnodes.
==
cache: improve scalability by introducing bucket locks
An array of bucket locks is added.
All modifications still require the global cache_lock to be held for
writing. However, most readers only need the relevant bucket lock and in
effect can run concurrently to the writer as long as they use a
different lock. See the added comment for more details.
This is an intermediate step towards removal of the global lock.
==
cache: get rid of the global lock
Add a table of vnode locks and use them along with bucketlocks to provide
concurrent modification support. The approach taken is to preserve the
current behaviour of the namecache and just lock all relevant parts before
any changes are made.
Lookups still require the relevant bucket to be locked.
==
cache: ignore purgevfs requests for filesystems with few vnodes
purgevfs is purely optional and induces lock contention in workloads
which frequently mount and unmount filesystems.
In particular, poudriere will do this for filesystems with 4 vnodes or
less. Full cache scan is clearly wasteful.
Since there is no explicit counter for namecache entries, the number of
vnodes used by the target fs is checked.
The default limit is the number of bucket locks.
== (by kib)
Limit scope of the optimization in r306608 to dounmount() caller only.
Other uses of cache_purgevfs() do rely on the cache purge for correct
operations, when paths are invalidated without unmount.
==
cache: split negative entry LRU into multiple lists
This splits the ncneg_mtx lock while preserving the hit ratio at least
during buildworld.
Create N dedicated lists for new negative entries.
Entries with at least one hit get promoted to the hot list, where they
get requeued every M hits.
Shrinking demotes one hot entry and performs a round-robin shrinking of
regular lists.
==
cache: fix up a corner case in r307650
If no negative entry is found on the last list, the ncp pointer will be
left uninitialized and a non-null value will make the function assume an
entry was found.
Fix the problem by initializing to NULL on entry.
== (by kib)
vn_fullpath1() checked VV_ROOT and then unreferenced
vp->v_mount->mnt_vnodecovered unlocked. This allowed unmount to race.
Lock vnode after we noticed the VV_ROOT flag. See comments for
explanation why unlocked check for the flag is considered safe.
==
cache: fix a race between entry removal and demotion
The negative list shrinker can demote an entry with only hotlist + neglist
locks held. On the other hand entry removal possibly sets the NCF_DVDROP
without aformentioned locks held prior to detaching it from the respective
netlist., which can lose the update made by the shrinker.
==
cache: plug a write-only variable in cache_negative_zap_one
==
cache: ensure that the number of bucket locks does not exceed hash size
The size can be changed by side effect of modifying kern.maxvnodes.
Since numbucketlocks was not modified, setting a sufficiently low value
would give more locks than actual buckets, which would then lead to
corruption.
arybchik [Sat, 31 Dec 2016 11:23:43 +0000 (11:23 +0000)]
MFC r310715
sfxge(4): fix GET_RXDP_CONFIG usage for multi-PF on Medford
On Medford, using MC_CMD_GET_RXDP_CONFIG to query the RX end
padding setting is in the ADMIN group, and so fails for
unprivileged functions. In that case, assume the largest size
supported by Medford hardware (256bytes) to prevent overrun.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
arybchik [Sat, 31 Dec 2016 11:23:03 +0000 (11:23 +0000)]
MFC r310714
sfxge(4): support Medford bootcfg partition layout in common code
For Siena and Huntington, the per-port bootcfg (aka expcfg) is
stored in a dedicated 4Kbyte partition for each port.
For Medford, the per-PF bootcfg is stored in a 2Kbyte sector
within a single shared partition. Update the common code to support
the new bootcfg layout.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
loos [Sat, 31 Dec 2016 01:54:48 +0000 (01:54 +0000)]
MFC r309345:
The RX_FREEBUFFER registers are a write to increment field.
Writing the full queue size to it every time was makeing it overflow with a
lot of bogus values.
This fixes the interrupt storms on irq 40.
MFC r309347:
MDIO_PHYACCESS_ACK is only valid for read access, remove it from
miibus_writereg.
Reduce the DELAY() between reads while waiting for MII access.