Rick Macklem [Sat, 6 Nov 2021 20:26:43 +0000 (13:26 -0700)]
vfs: Add "ioflag" and "cred" arguments to VOP_ALLOCATE
When the NFSv4.2 server does a VOP_ALLOCATE(), it needs
the operation to be done for the RPC's credential and not
td_ucred. It also needs the writing to be done synchronously.
This patch adds "ioflag" and "cred" arguments to VOP_ALLOCATE()
and modifies vop_stdallocate() to use these arguments.
The VOP_ALLOCATE.9 man page will be patched separately.
The ifp (struct ifnet) backpointer in the e1000 private ifnet
data is not used anymore since the iflib transition.
Remove it so that developers are not tempted to use it and
get a NULL pointer dereference.
Dimitry Andric [Wed, 15 Dec 2021 19:56:12 +0000 (20:56 +0100)]
Apply fix for clang incorrectly optimizing part of dns/bind916
Merge commit e5a8af7a90c6 from llvm git (by Gulfem Savrun Yeniceri):
[Passes] Fix relative lookup table converter pass
This patch fixes the relative table converter pass for the lookup table
accesses that are resulted in an instruction sequence, where gep is not
immediately followed by a load, such as gep being hoisted outside the loop
or another instruction is inserted in between them. The fix inserts the
call to load.relative.instrinsic in the original place of load instead of gep.
Issue is reported by FreeBSD via https://bugs.freebsd.org/259921.
Rick Macklem [Sat, 4 Dec 2021 22:38:55 +0000 (14:38 -0800)]
nfsd: Fix Verify for attributes like FilesAvail
When the Verify operation calls nfsv4_loadattr(), it provides
the "struct statfs" information that can be used for doing a
compare for FilesAvail, FilesFree, FilesTotal, SpaceAvail,
SpaceFree and SpaceTotal. However, the code erroneously
used the "struct nfsstatfs *" argument that is NULL.
This patch fixes these cases to use the correct argument
structure. For the case of FilesAvail, the code in
nfsv4_fillattr() was factored out into a separate function
called nfsv4_filesavail(), so that it can be called from
nfsv4_loadattr() as well as nfsv4_fillattr().
In fact, most of the code in nfsv4_filesavail() is old
OpenBSD code that does not build/run on FreeBSD, but I
left it in place, in case it is of some use someday.
I am not aware of any extant NFSv4 client that does Verify
on these attributes.
Alexander Motin [Sat, 11 Dec 2021 04:18:52 +0000 (23:18 -0500)]
Make msgbuf_peekbytes() not return leading zeroes.
Introduce new MSGBUF_WRAP flag, indicating that buffer has wrapped
at least once and does not keep zeroes from the last msgbuf_clear().
It allows msgbuf_peekbytes() to return only real data, not requiring
every consumer to trim the leading zeroes after doing pointless copy.
The most visible effect is that kern.msgbuf sysctl now always returns
proper zero-terminated string, not only after the first buffer wrap.
ocs_fc: Fix CAM status reporting in ocs_fc(4) when no data is returned.
In ocs_scsi_initiator_io_cb(), if the SCSI command that is
getting completed had a residual equal to the transfer length,
it was setting the CCB status to CAM_REQ_CMP.
That breaks the expected behavior for commands like READ ATTRIBUTE.
For READ ATTRIBUTE, if the first attribute requested doesn't exist,
the command is supposed to return an error (Illegal Request,
Invalid Field in CDB). The broken behavior for READ ATTRIBUTE
caused LTFS tape formatting to fail. It looks for attribute
0x1623, and expects to see an error if the attribute isn't present.
In addition, if the residual is negative (indicating an overrun),
only set the CCB status to CAM_DATA_RUN_ERR if we have not already
reported an error. The SCSI sense data will have more detail about
what went wrong.
sys/dev/ocs_fc/ocs_cam.c:
In ocs_scsi_initiator_io_cb(), don't set the status to
CAM_REQ_CMP if the residual is equal to the transfer length.
Also, only set CAM_DATA_RUN_ERR if we didn't get SCSI
status.
Andriy Gapon [Fri, 26 Nov 2021 09:48:21 +0000 (11:48 +0200)]
twsi: support more message combinations in transfers
Most prominently, add support for a transfer where a write with no-stop
flag is followed by a write with no-start flag. Logically, it's a
single larger write, but consumers may want to split it like that
because one part can be a register ID and the other part can be data to
be written to (or starting at) that register.
Such a transfer can be created by i2c tool and iic(4) driver, e.g., for
an EEPROM write at specific offset:
i2c -m tr -a 0x50 -d w -w 16 -o 0 -c 8 -v < /dev/random
This should be fixed by new code that handles the end of data transfer
for both reads and writes. It handles two existing conditions and one
new. Namely:
- the last message has been completed -- end of transfer;
- a message has been completed and the next one requires the start
condition;
- a message has been completed and the next one should be sent without
the start condition.
In the last case we simply switch to the next message and start sending
its data. Reads without the start condition are not supported yet,
though. That's because we NACK the last byte of the previous message,
so the device stops sending data. To fix this we will need to add a
look-ahead at the next message when handling the penultimate byte of the
current one.
This change also fixed a bug where msg_idx was not incremented after a
read message. Apparently, typically a read message is a last message in
a transfer, so the bug did not cause much trouble.
Andriy Gapon [Fri, 26 Nov 2021 08:34:42 +0000 (10:34 +0200)]
twsi: make data receiving code safer
Assert that we are not receiving data beyond the requested length.
Assert that we have not NACK-ed incoming data prematurely.
Abort the current transfer if the incoming data is NACK-ed or not
NACK-ed unexpectedly.
Add debug logging of received data to complement logging of sent data.
Andriy Gapon [Fri, 26 Nov 2021 08:07:27 +0000 (10:07 +0200)]
twsi: move handling of TWSI_CONTROL_ACK into the state machine
Previously the code set TWSI_CONTROL_ACK in twsi_transfer() based on
whether the first message had a length of one. That was done regardless
of whether the message was a read or write and what kind of messages
followed it.
Now the bit is set or cleared while handling TWSI_STATUS_ADDR_R_ACK
state transition based on the current (read) message.
The old code did not correctly work in a scenario where a single byte
was read from an EEPROM device with two byte addressing.
For example:
i2c -m tr -a 0x50 -d r -w 16 -o 0 -c 1 -v
The reason is that the first message (a write) has two bytes, so
TWSI_CONTROL_ACK was set and never cleared.
Since the controller did not send NACK the EEPROM sent more data resulting
in a buffer overrun.
While working on TWSI_STATUS_ADDR_R_ACK I also added support for
the zero-length read access and then I did the same for zero-length write
access.
While rare, those types of I2C transactions are completely valid and are
used by some devices.
Andriy Gapon [Tue, 30 Nov 2021 13:23:23 +0000 (15:23 +0200)]
kern_tc: unify timecounter to bintime delta conversion
There are two places where we convert from a timecounter delta to
a bintime delta: tc_windup and bintime_off.
Both functions use the same calculations when the timecounter delta is
small. But for a large delta (greater than approximately an equivalent
of 1 second) the calculations were different. Both functions use
approximate calculations based on th_scale that avoid division. Both
produce values slightly greater than a true value, calculated with
division by tc_frequency, would be. tc_windup is slightly more
accurate, so its result is closer to the true value and, thus, smaller
than bintime_off result.
As a consequence there can be a jump back in time when time hands are
switched after a long period of time (a large delta). Just before the
switch the time would be calculated with a large delta from
th_offset_count in bintime_off. tc_windup does the switch using its own
calculations of a new th_offset using the large delta. As explained
earlier, the new th_offset may end up being less than the previously
produced binuptime. So, for a period of time new binuptime values may
be "back in time" comparing to values just before the switch.
Such a jump must never happen. All the code assumes that the uptime is
monotonically nondecreasing and some code works incorrectly when that
assumption is broken. For example, we have observed sleepq_timeout()
ignoring a timeout when the sbinuptime value obtained by the callout
code was greater than the expiration value, but the sbinuptime obtained
in sleepq_timeout() was less than it. In that case the target thread
would never get woken up.
The unified calculations should ensure the monotonic property of the
uptime.
The problem is quite rare as normally tc_windup should be called HZ
times per second (typically 1000 or 100). But it may happen in VMs on
very busy hypervisors where a VM's virtual CPU may not get an execution
time slot for a second or more.
Alexander Motin [Thu, 2 Dec 2021 23:01:02 +0000 (18:01 -0500)]
APEI: Improve multiple error sources handling.
Some AMD systems I have report 8 NMI and 3591 polled error sources.
Previous code could handle only one NMI source and used separate
callout for each polled source. New code can handle multiple NMIs
and groups polled sources by power of 2 of the polling period.
Dimitry Andric [Sun, 12 Dec 2021 20:11:40 +0000 (21:11 +0100)]
Revert clang change that breaks CTF on aarch64
Revert commit e655e74a318e from llvm git (by Peter Collingbourne):
AST: Create __va_list in the std namespace even in C.
This ensures that the mangled type names match between C and C++,
which is significant when using -fsanitize=cfi-icall. Ideally we
wouldn't have created this namespace at all, but it's now part of
the ABI (e.g. in mangled names), so we can't change it.
As reported by Jessica in https://reviews.llvm.org/D104830#3129527, this
upstream change is implemented in such a way that it breaks DTrace's
CTF. Since a proper fix has not yet been forthcoming, and we are
unaffected by the (CFI-related) problem upstream was trying to address,
revert the change for now.
Mark Johnston [Mon, 15 Nov 2021 17:52:03 +0000 (12:52 -0500)]
amd64: Reduce the amount of cpuset copying done for TLB shootdowns
We use pmap_invalidate_cpu_mask() to get the set of active CPUs. This
(32-byte) set is copied by value through multiple frames until we get to
smp_targeted_tlb_shootdown(), where it is copied yet again.
Avoid this copying by having smp_targeted_tlb_shootdown() make a local
copy of the active CPUs for the pmap, and drop the cpuset parameter,
simplifying callers. Also leverage the use of the non-destructive
CPU_FOREACH_ISSET to avoid unneeded copying within
smp_targeted_tlb_shootdown().
Reviewed by: alc, kib
Tested by: pho
Sponsored by: The FreeBSD Foundation
Kornel Duleba [Tue, 23 Nov 2021 08:13:56 +0000 (09:13 +0100)]
pci: Don't try to read cfg registers of non-existing devices
Instead of returning 0xffs some controllers, such as Layerscape generate
an external exception when someone attempts to read any register
of config space of a non-existing device other than PCIR_VENDOR.
This causes a kernel panic.
Fix it by bailing during device enumeration if a device vendor register
returns invalid value. (0xffff)
Use this opportunity to replace some hardcoded values with a macro.
I believe that this change won't have any unintended side-effects since
it is safe to assume that vendor == 0xffff -> hdr_type == 0xffff.
Alexander Motin [Wed, 8 Dec 2021 17:29:15 +0000 (12:29 -0500)]
mca: Switch to using taskqueue_enqueue_timeout_sbt().
Previously it was not allowed on fast taskqueues. It was fixed in 4730a8972b1f. This should make no functional change, just a bit
cleaner and efficient code.
Rick Macklem [Wed, 1 Dec 2021 21:46:41 +0000 (13:46 -0800)]
nfsd: Do not try to cache a reply for NFSERR_BADSLOT
When nfsrv_checksequence() replies NFSERR_BADSLOT,
the value of nd_slotid is not valid. As such, the
reply cannot be cached in the session.
Do not set ND_HASSEQUENCE for this case.
Rick Macklem [Wed, 1 Dec 2021 21:55:17 +0000 (13:55 -0800)]
nfsd: Sanity check the ACL attribute
When an ACL is presented to the NFSv4 server in
Setattr or Verify, parsing of the ACL assumed a
sane acecnt and sane sizes for the "who" strings.
This patch adds sanity checks for these.
The patch also fixes handling of an error
return from nfsrv_dissectacl() for one broken
case.
Alan Somers [Mon, 29 Nov 2021 01:53:31 +0000 (18:53 -0700)]
fusefs: update atime on reads when using cached attributes
When using cached attributes, whether or not the data cache is enabled,
fusefs must update a file's atime whenever it reads from it, so long as
it wasn't mounted with -o noatime. Update it in-kernel, and flush it to
the server on close or during the next setattr operation.
The downside is that close() will now frequently trigger a FUSE_SETATTR
upcall. But if you care about performance, you should be using
-o noatime anyway.
Alan Somers [Sat, 25 Sep 2021 16:16:20 +0000 (10:16 -0600)]
fusefs: fix intermittency in the dev_fuse_poll test
The DevFusePoll::access/select test would occasionally segfault. The
cause was a file descriptor that was shared between two threads. The
first thread would kill the second and close the file descriptor. But
it was possible that the second would read the file descriptor before it
shut down. That did not cause problems for kqueue, poll, or blocking
operation, but it triggered segfaults in select's macros.
Andrew Turner [Mon, 22 Nov 2021 10:25:01 +0000 (10:25 +0000)]
Move the arm64 identify_cpu SYSINIT earlier
It is used by late ifunc resolvers so needs to be at an earlier stage
of the boot. Previously it was at the same stage so may not have run
before the ifunc resolvers.
Andrew Turner [Tue, 2 Nov 2021 11:31:17 +0000 (11:31 +0000)]
Use a builtin where possible in msun
Some of the functions in msun can be implemented using a compiler
builtin function to generate a small number of instructions. Implement
this support in fma, fmax, fmin, and sqrt on arm64.
Care must be taken as the builtin can be implemented as a function
call on some architectures that lack direct support. In these cases
we need to use the original code path.
As we don't set errno on failure build with -fno-math-errno so the
toolchain doesn't convert a builtin into a function call when it
detects a failure, e.g. gcc will add a call to sqrt when the input
is negative leading to an infinite loop.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32801
Andrew Turner [Mon, 1 Nov 2021 13:06:56 +0000 (13:06 +0000)]
Switch to Arm Optimized Routines for mem* & str*
These are the updated version of the older Cortex Strings Library we
previously used. The Arm Optimized Routines also support CPU features
that are currently in development on FreeBSD, e.g. Branch Target
Identification (BTI). Rather than add BTI support to the old code it's
easier to just use the maintained version.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32774
Andrew Turner [Fri, 12 Nov 2021 18:28:18 +0000 (18:28 +0000)]
Move KHELP_DECLARE_MOD_UMA later in the boot
Both KHELP_DECLARE_MOD_UMA and the kernel linker SYSINIT to find
in-kernel modules run at SI_SUB_KLD, SI_ORDER_ANY. As the former
depends on the latter running first move it later in the boot,
to the new SI_SUB_KHELP. This ensures KHELP_DECLARE_MOD_UMA
module SYSINIT functions will be after the kernel linker.
Previously we may have received a panic similar to the following if
the order was incorrect:
panic: module_register_init: module named ertt not found
Reported by: bob prohaska <fbsd AT www.zefox.net>
Discussed with: imp, jhb
Sponsored by: The FreeBSD Foundation
Andrew Turner [Mon, 1 Nov 2021 11:19:57 +0000 (11:19 +0000)]
Print the correct register for the arm64 elr
In 7ec86b6609912 ("Also print symbols when printing arm64 registers")
a new function was created to print most registers. Unfortunately the
Link Register (LR) was being printed when we should have printed the
Exception Link Register (ELR).
Andrew Turner [Wed, 20 Oct 2021 09:19:55 +0000 (10:19 +0100)]
Only change the fadt revision in acpidump on i386
There is a workaround in acpidump for an old IBM laptop. This is being
hit on a modern arm64 system causing acpidump to use the wrong field
when reading a later address.
As the laptop has a 32-bit CPU the only FreeBSD support for it is i386.
As such limit the workaround to that architecture.
Reviewed by: emaste, jkim, jhb (all earlier version)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32573
Andrew Turner [Mon, 18 Oct 2021 09:04:06 +0000 (10:04 +0100)]
Pass the ACPI ID when reading the ACPI domain
The ACPI ID may not be the same as the FreeBSD CPU id. Use the former
when finding the CPU domain as there is no requirement for it to be
identical to the latter.
Reported by: dch, kevans
Reviewed by: kevans
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32546
Andrew Turner [Tue, 12 Oct 2021 11:39:14 +0000 (12:39 +0100)]
Stop reading the arm64 domain when it's known
There is no need to read the domain on arm64 when there is only one
in the ACPI tables. This can also happen when the table is missing
as it is unneeded.
Reported by: dch
Sponsored by: The FreeBSD Foundation