Warner Losh [Tue, 13 Mar 2018 16:33:00 +0000 (16:33 +0000)]
Prefer uintXX_t to u_intXX_t
A foolish consistency is the hobgoblin of little minds, adored by
little statesmen and philosophers and divines. With consistency a
great soul has simply nothing to do. -- Ralph Waldo Emerson
Nathan Whitehorn [Tue, 13 Mar 2018 15:03:58 +0000 (15:03 +0000)]
Execute PowerPC64/AIM kernel from direct map region when possible.
When the kernel can be in real mode in early boot, we can execute from
high addresses aliased to the kernel's physical memory. If that high
address has the first two bits set to 1 (0xc...), those addresses will
automatically become part of the direct map. This reduces page table
pressure from the kernel and it sets up the kernel to be used with
radix translation, for which it has to be up here.
This is accomplished by exploiting the fact that all PowerPC kernels are
built as position-independent executables and relocate themselves
on start. Before this patch, the kernel runs at 1:1 VA:PA, but that
VA/PA is random and set by the bootloader. Very early, it processes
its ELF relocations to operate wherever it happens to find itself.
This patch uses that mechanism to re-enter and re-relocate the kernel
a second time witha new base address set up in the early parts of
powerpc_init().
Kyle Evans [Tue, 13 Mar 2018 15:01:23 +0000 (15:01 +0000)]
efirtc: Pass a dummy tmcap pointer to efi_get_time_locked
As noted in the comment, UEFI spec claims the capabilities pointer is
optional, but some implementations will choke and attempt to dereference it
without checking. This specific problem was found on a Lenovo Thinkpad X220
that would panic in efirtc_identify.
Roger Pau Monné [Tue, 13 Mar 2018 09:42:33 +0000 (09:42 +0000)]
at_rtc: check in ACPI FADT boot flags if the RTC is present
Or else disable the device. Note that the detection can be bypassed by
setting the hw.atrtc.enable option in the loader configuration file.
More information can be found on atrtc(4).
Sponsored by: Citrix Systems R&D
Reviewed by: ian
Differential revision: https://reviews.freebsd.org/D14399
Brooks Davis [Mon, 12 Mar 2018 23:02:01 +0000 (23:02 +0000)]
Reject ioctls to SCSI enclosures from 32-bit compat processes.
The ioctl objects contain pointers and require translation and some
refactoring of the infrastructure to work. For now prevent opertion
on garbage values. This is very slightly overbroad in that ENCIOC_INIT
is safe.
Brooks Davis [Mon, 12 Mar 2018 22:58:07 +0000 (22:58 +0000)]
Reject CAMIOGET and CAMIOQUEUE ioctl's on pass(4) in 32-bit compat mode.
These take a union ccb argument which is full of kernel pointers.
Substantial translation efforts would be required to make this work.
By rejecting the request we avoid processing or returning entierly
wrong data.
Warner Losh [Mon, 12 Mar 2018 21:39:49 +0000 (21:39 +0000)]
Use the actual struct devdesc at the start of all *_devdesc structs
The current system is fragile and requires very careful layout of all
*_devdesc structures. It also makes it hard to change the base
devdesc. Take a page from CAM and put the 'header' in all the derived
classes and adjust the code to match.
For OFW, move the iHandle h_handle out of a slot conflicting with
d_opendata. Due to quirks in the alignment rules, this worked.
However changing the code to use d_opendata storage now that it's a
pointer is hard, so just have a separate field for it.
All other cleanups were to make the *_devdesc structures match where
they'd taken some liberties that were none-the-less compatible enough
to work.
Warner Losh [Mon, 12 Mar 2018 21:39:38 +0000 (21:39 +0000)]
We can't use d_opendata for blkio storage.
open_disk uses d_opendata for it's own purpse. We can't store blkio
there. Fortunately, blkio is stored elsewhere and we never actually
retrieve blkio from d_opendata. Eliminate it as a source of confusion.
Eliminate all stores of d_opendata in efi since this layer doesn't own
that field.
Warner Losh [Mon, 12 Mar 2018 21:39:27 +0000 (21:39 +0000)]
Minor cosmetic changes.
Make sure { on the same line as struct for all struct *devdesc. Move
some type definitions to next to the dv_type define, since that's what
sets the d_type.
Toomas Soome [Mon, 12 Mar 2018 17:05:53 +0000 (17:05 +0000)]
e1000g: this statement may fall through
The gcc 7 does check for switch statement fall through cases, and if legit,
such complaint can besilenced by /* FALLTHROUGH */ comment. Unfortunately
such comment is quite limited, but will still notify the reader.
This patch is backport from illumos, see
https://www.illumos.org/rb/r/941/
Warner Losh [Mon, 12 Mar 2018 15:17:16 +0000 (15:17 +0000)]
Tighten up periph lock to avoid some races
Make sure the periph lock is held around rmw access to softc data,
espeically flags, including work flags in iosched.
Add asserts for the periph lock where it should be held.
Do not try to reassemble IPv6 fragments in "reass" rule.
ip_reass() expects IPv4 packet and will just corrupt any IPv6 packets
that it gets. Until proper IPv6 fragments handling function will be
implemented, pass IPv6 packets to next rule.
Kyle Evans [Mon, 12 Mar 2018 03:54:38 +0000 (03:54 +0000)]
beri loader: Replace getc/putc with beri_ prefixed versions
This matches a convention that we use, at least in ubldr, to prefix
getc/putc with a loader-specific prefix to avoid collisions. This was
encountered while trying to build the beri loader with MK_LOADER_LUA=yes.
Ian Lepore [Sun, 11 Mar 2018 19:56:07 +0000 (19:56 +0000)]
Remove MTX_NOPROFILE from atrtc_lock, it was inappropriately copy/pasted
from the i8254 driver when I created separate mutexes for each. The i8254
driver could be the active timecounter, leading to recursion during mutex
profiling, but the atrtc driver cannot be a timecounter, so it isn't needed.
Update pfkey_open() function to set socket's write buffer size to
128k and receive buffer size to 2MB. In case if system has bigger
default values, do not lower them.
This should partially solve the problem, when setkey(8) returns
EAGAIN error on systems with many SAs or SPs.
o count in_nomem counter when we have failed to allocate mbuf for
promisc socket;
o count in_msgtarget counter when we have secussfully sent data to socket;
o Since we are sending messages in a loop, returning error on first fail
interrupts the loop, and all remaining sockets will not receive this
message. So, do not return error when we have failed to send data to ALL
or REGISTERED target. Return error only for KEY_SENDUP_ONE case. Now,
when some socket has overfilled its receive buffer, this will not break
other sockets.
Ian Lepore [Sun, 11 Mar 2018 18:20:49 +0000 (18:20 +0000)]
Use separate mutexes for atrtc and i8254 locking. Change all the strange
un-function-like RTC_LOCK/UNLOCK macro usage into normal function calls.
Since there is no longer any need to handle register access from a debugger
context, those function calls can just be regular mutex lock/unlock calls.
Ian Lepore [Sun, 11 Mar 2018 16:57:14 +0000 (16:57 +0000)]
Convert atrtc the new style rtc debugging output. Remove the db show
command handler which provided much the same information. Removing the
possibility of accessing the hardware regs from the debugger context
paves the way for simplifying the locking code in the driver.
Brooks Davis [Sun, 11 Mar 2018 16:17:53 +0000 (16:17 +0000)]
Remove obsolete pcaudioio.h.
Nothing uses the #define's values or the types. (Some NTP code does use
an audio_info_t, but it is in #ifdef'd support for Solaris and is not
this audio_info_t).
Emmanuel Vadot [Sun, 11 Mar 2018 04:37:05 +0000 (04:37 +0000)]
extres/regulators: Add sysctls for regulators
For each regulators create an hw.regulator.<regname>. :
uvolt: Current value
always_on: 1 If the reg is always on
boot_on: 1 If the reg is set at boot time
enable_cnt: Number of consumer(s)
enable_delay: Delay before enabling the regulator
ramp_delay: The Ramp delay
max_uamp: The maximum value of the regulator in uAmps
min_uamp: The minimal value of the regulator in uAmps
max_uvolt: The maximum value of the regulator in uVolts
min_uvolt: The minimal value of the regulator in uVolts
Reviewed by: ian
Differential Revision: https://reviews.freebsd.org/D14578
These parameters may be changed via ifconfig(8); by default,
mgt / mcast rates are lowest possible and ucast rate is not set
(matches previous configuration).
While here, store some variables locally for better readability.
Ian Lepore [Sat, 10 Mar 2018 22:07:57 +0000 (22:07 +0000)]
Make root mount timeout logic work for filesystems other than ufs.
The vfs.mountroot.timeout tunable and .timeout directive in a mount.conf(5)
file allow specifying a wait timeout for the device(s) hosting the root
filesystem to become usable. The current mechanism for waiting for devices
and detecting their availability can't be used for zfs-hosted filesystems.
See the comment #20 in the PR for some expanded detail on these points.
This change adds retry logic to the actual root filesystem mount. That is,
insted of relying on device availability using device name lookups, it uses
the kernel_mount() call itself to detect whether the filesystem can be
mounted, and loops until it succeeds or the configured timeout is exceeded.
These changes are based on the patch attached to the PR, but it's rewritten
enough that all mistakes belong to me.
PR: 208882
X-MFC after: sufficient testing, and hopefully in time for 11.1
Check for duplicates when modifying an iSCSI session. Previously we did
this check on open, but "iscsictl -M", or an iSCSI redirect received by
iscsid(8) could end up with two sessions with the same target name and
portal.
Upstream DTBs don't provide IRQ lines for the RNG. Moreover, harvesting
bytes as often as the RNG interrupt is triggered (87 times per sec) is an
overkill.
For these reasons, get rid of the interrupt mode and make callout mode the
default, with random bits harvested every 4 seconds.
Alan Somers [Sat, 10 Mar 2018 01:50:43 +0000 (01:50 +0000)]
tftpd: reject unknown opcodes
If tftpd receives a command with an unknown opcode, it simply exits 1. It
doesn't send an ERROR packet, and the client will hang waiting for one. Fix
it.
Alan Somers [Sat, 10 Mar 2018 01:43:55 +0000 (01:43 +0000)]
tftpd: Abort on an WRQ access violation
On a WRQ (write request) tftpd checks whether the client has access
permission for the file in question. If not, then the write is prevented.
However, tftpd doesn't reply with an ERROR packet, nor does it abort.
Instead, it tries to receive the packet anyway.
The symptom is slightly different depending on the nature of the error. If
the target file is nonexistent and tftpd lacks permission to create it, then
tftpd will willingly receive the file, but not write it anywhere. If the
file exists but is not writable, then tftpd will fail to ACK to WRQ.
Alan Somers [Sat, 10 Mar 2018 01:35:26 +0000 (01:35 +0000)]
tftpd: Verify world-writability for WRQ when using relative paths
tftpd(8) says that files may only be written if they already exist and are
publicly writable. tftpd.c verifies that a file is publicly writable if it
uses an absolute pathname. However, if the pathname is relative, that check
is skipped. Fix it.
Note that this is not a security vulnerability, because the transfer
ultimately doesn't work unless the file already exists and is owned by user
nobody. Also, this bug does not affect the default configuration, because
the default uses the "-s" option which makes all pathnames absolute.
Mike Karels [Sat, 10 Mar 2018 00:10:47 +0000 (00:10 +0000)]
Change ps(1) output width to unlimited if not interactive
Apply patch submitted with PR 217159 to make ps use unlimited
width when not associated with a terminal (i.e., none of stdout, stdin,
or stderr is a tty). Update comments and man page correspondingly.
This change was requested to work around lack of -ww in scripts from
third-party packages, including Hadoop, and adds a small measure of
Linux compatibility. Hopefully few if any non-interactive scripts
depend on the old default of 79.
John Baldwin [Fri, 9 Mar 2018 23:37:19 +0000 (23:37 +0000)]
Permit sysctl(8) to set an array of numeric values for a single node.
Most sysctl nodes only return a single value, but some nodes return an
array of values (e.g. kern.cp_time). sysctl(8) understand how to display
the values of a node that returns multiple values (it prints out each
numeric value separated by spaces). However, until now sysctl(8) has
only been able to set sysctl nodes to a single value. This change
allows sysctl to accept a new value for a numeric sysctl node that contains
multiple values separated by either spaces or commas. sysctl(8) parses
this list into an array of values and passes the array as the "new" value
to sysctl(2).
Alan Somers [Fri, 9 Mar 2018 23:25:18 +0000 (23:25 +0000)]
tftpd: Flush files as soon as they are fully received
On an RRQ, tftpd doesn't exit as soon as it's finished receiving a file.
Instead, it waits five seconds just in case the client didn't receive the
server's last ACK and decides to resend the final DATA packet.
Unfortunately, this created a 5 second delay from when the client thinks
it's done sending the file, and when the file is available for other
processes.
Fix this bug by closing the file as soon as receipt is finished.
Kyle Evans [Fri, 9 Mar 2018 19:04:06 +0000 (19:04 +0000)]
lualoader: Cache kernel list
With autodetection turned on, hitting the filesystem everytime we need to
calculate choices for the kernel carousel is kind of slow. Cache once on the
first listing and reload it anytime the config is reloaded in case any of
the loader.conf(5) changes that affect this (kernel, kernels,
kernels_autodetect) have changed. This also picks up the case where we've
changed currdev and the autodetected kernels could change.
Bryan Drewery [Fri, 9 Mar 2018 18:51:24 +0000 (18:51 +0000)]
LIB32: Avoid linking in unneeded (and invalid lib32) libz for libmagic build tool.
Usually this is just ignored:
/usr/bin/ld: skipping incompatible /scratch/obj/root/git/freebsd/amd64.amd64/obj-lib32/lib/libz/libz.so when searching for -lz
/usr/bin/ld: skipping incompatible /scratch/obj/root/git/freebsd/amd64.amd64/obj-lib32/lib/libz/libz.a when searching for -lz
However some combination of newer toolchains simply fail here instead:
/usr/bin/ld: error: /home/dstolfa/obj/home/dstolfa/cadets/amd64.amd64/obj-lib32/lib/libz/libz.so is incompatible with /usr/lib/crt1.o
Libz is not needed for mkmagic so just exclude it.
Warner Losh [Fri, 9 Mar 2018 17:54:14 +0000 (17:54 +0000)]
Remove K&R stuff: never use it in new code.
Remove how to format K&R stuff. The project hasn't been using it in
new code for a long time. It's so obsolete, we don't need a statement
to never use it. Add a statement requesting that comments about
parameters be preserved when converting to ASNI style, per Kirk.