This patch fixes the following issues:
- Interface link-local address is not reachable within the
node that owns the interface, this is due to the mismatch
in address scope as the result of the installed interface
address loopback route. Therefore for each interface
address loopback route, the rt_gateway field (of AF_LINK
type) will be used to track which interface a given
address belongs to. This will aid the address source to
use the proper interface for address scope/zone validation.
- The loopback address is not reachable. The root cause is
the same as the above.
- Empty nd6 entries are created for the IPv6 loopback addresses
only for validation reason. Doing so will eliminate as much
of the special case (loopback addresses) handling code
as possible, however, these empty nd6 entries should not
be returned to the userland applications such as the
"ndp" command.
Since both of the above issues contain common files, these
files are committed together.
This patch fixes an address scope violation. Considering the
scenario where an anycast address is assigned on one interface,
and a global address with the same scope is assigned on another
interface. In other words, the interface owns the anycast
address has only the link-local address as one other address.
Without this patch, "ping6" the anycast address from another
station will observe the source address of the returned ICMP6
echo reply has the link-local address, not the global address
that exists on the other interface in the same node.
MFC r196866:
In the NEXTADDR macro use SA_SIZE() rather than directly using
sizeof(), as introduced in r186119, for advancing the current
position into the buffer.
See comment in net/route.h for a description of the difference.
This makes ndp -s work again.
Fix regression introduced with NFSv4 ACL support - make acl_to_text(3)
and acl_calc_mask(3) return error instead of crashing when acl passed
to them is NULL.
Submitted by: markus
Reviewed by: rwatson
Approved by: re (kib)
MFC r196529:
Rather than having enabled/disabled, implement a max queue depth.
While usually not an issue, this firewalls bugs in the code that may
run us out of memory.
Fix a memory exhaustion in the case where devctl was disabled, but the
link was bouncing. The check to queue was in the wrong place.
Implement a new sysctl hw.bus.devctl_queue to control the depth. Make
compatibility hacks for hw.bus.devctl_disable to ease transition.
This patch seperates the control of header split from LRO (which it
was previously dependent on), LRO gets turned off when bridging but
its been found that header split is still a performance win in that case.
Secondly, there was some interface specific control in stats code that
has been missing, and a logic error that resulted in bogus reporting.
Thanks to Manish and John of LineRateSystems for the report and help in
this code.
MFC r196721:
Make sure rx descriptor ring align on 16 bytes. I guess the
alignment requirement could be multiple of 4 bytes but I think
using descriptor size would make intention clearer.
Previously the size of rx descriptor was not power of 2 so it
caused panic in bus_dmamem_alloc(9).
Reported by: Jeff Blank (jb000003 <> mr-happy dot com)
Approved by: re (kib)
Add clarifications to the kproc and kthread manpages and link
the kthread_create(9) man page to the kproc(9) page as it has migrated and
people looking for it may need a hand to find its new name.
MFC 196705 and 196707:
- Improve pmap_change_attr() on i386 so that it is able to demote a large
(2/4MB) page into 4KB pages as needed. This should be fairly rare in
practice.
- Simplify pmap_change_attr() a bit:
- Always calculate the cache bits instead of doing it on-demand.
- Always set changed to TRUE rather than only doing it if it is false.
MFC r196738:
In case an upper layer protocol tries to send a packet but the
L2 code does not have the ethernet address for the destination
within the broadcast domain in the table, we remember the
original mbuf in `la_hold' in arpresolve() and send out a
different packet with an arp request.
In case there will be more upper layer packets to send we will
free an earlier one held in `la_hold' and queue the new one.
Once we get a packet in, with which we can perfect our arp table
entry we send out the original 'on hold' packet, should there
be any.
Rather than continuing to process the packet that we received,
we returned without freeing the packet that came in, which
basically means that we leaked an mbuf for every arp request
we sent.
Rather than freeing the received packet and returning, continue
to process the incoming arp packet as well.
This should (a) improve some setups, also proxy-arp, in case it was an
incoming arp request and (b) resembles the behaviour FreeBSD had
from day 1, which alignes with RFC826 "Packet reception" (merge case).
Rename 'm0' to 'hold' to make the code more understandable as
well as diffable to earlier versions more easily.
Handle the link-layer entry 'la' lock comepletely in the block
where needed and release it as early as possible, rather than
holding it longer, down to the end of the function.
Found by: pointyhat, ns1
Bug hunting session with: erwin, simon, rwatson
Tested by: simon on cluster machines
Reviewed by: ratson, kmacy, julian
MFC r196653:
Make sure FreeBSD binaries without .note.ABI-tag section work
correctly and do not match a colliding Debian GNU/kFreeBSD
brandinfo statements.
For this mark the Debian GNU/kFreeBSD brandinfo that it must have
an .note.ABI-tag section and ignore the old EI_OSABI brandinfo
when comparing a possibly colliding set of options.
Due to SYSINIT we add the brandinfo in a non-deterministic order,
so native FreeBSD is not always first. We may want to consider
to force native FreeBSD to come first as well.
The only way a problem could currently be noticed is when running an
i386 binary without the .note.ABI-tag on amd64 and the Debian GNU/kFreeBSD
brandinfo was matched first, as the fallback to ld-elf32.so.1 does
not exist in that case.
Reported and tested by: ticso
In collaboration with: kib
MFC after: 3 days
Approved by: re (rwatson)
Fix the conformance of poll(2) for sockets after r195423 by
returning POLLHUP instead of POLLIN for several cases. Now, the
tools/regression/poll results for FreeBSD are closer to that of the
Solaris and Linux.
Also, improve the POSIX conformance by explicitely clearing POLLOUT
when POLLHUP is reported in pollscan(), making the fix global.
Submitted by: bde
Reviewed by: rwatson
MFC r196556
Fix poll() on half-closed sockets, while retaining POLLHUP for fifos.
This reverts part of r196460, so that sockets only return POLLHUP if both
directions are closed/error. Fifos get POLLHUP by closing the unused
direction immediately after creating the sockets.
The tools/regression/poll/*poll.c tests now pass except for two other
things:
- if POLLHUP is returned, POLLIN is always returned as well instead of
only when there is data left in the buffer to be read
- fifo old/new reader distinction does not work the way POSIX specs it
Reviewed by: kib, bde
MFC r196554
Add some tests for poll(2)/shutdown(2) interaction.
MFC 196637:
Mark the fake pages constructed by the OBJT_SG pager valid. This was
accidentally lost at one point during the PAT development. Without this
fix vm_pager_get_pages() was zeroing each of the pages.
marius [Mon, 31 Aug 2009 19:16:58 +0000 (19:16 +0000)]
Add a temporary workaround which just lets init die instead of
causing a panic if it is killed due to a unsolved stack overflow
seen very late during shutdown on sparc64 when the gmirror worker
process exists, which is a regression introduced in 8.0.
cperciva [Mon, 31 Aug 2009 13:02:21 +0000 (13:02 +0000)]
MFC r196558: Don't try to mmap the contents of empty files. This behaviour
was harmless prior to r195693, when mmap(2) changed from silently ignoring
requests for mapping zero bytes to returning EINVAL; this commit can be seen
as adjusting for the change in mmap(2) in order to make look(1) act like it
did previously.
zec [Mon, 31 Aug 2009 09:44:07 +0000 (09:44 +0000)]
MFC r196633:
Introduce a separate sx lock for protecting lists of vnet sysinit
and sysuninit handlers.
Previously, sx_vnet, which is a lock designated for protecting
the vnet list, was (ab)used for protecting vnet sysinit / sysuninit
handler lists as well. Holding exclusively the sx_vnet lock while
invoking sysinit and / or sysuninit handlers turned out to be
problematic, since some of the handlers may attempt to wake up
another thread and wait for it to walk over the vnet list, hence
acquire a shared lock on sx_vnet, which in turn leads to a deadlock.
Protecting vnet sysinit / sysuninit lists with a separate lock
mitigates this issue, which was first observed with
flowtable_flush() / flowtable_cleaner() in sys/net/flowtable.c.
qingli [Mon, 31 Aug 2009 00:18:17 +0000 (00:18 +0000)]
As part of r196609, a call to "rtalloc" did not take the fib into
account. So call the appropriate "rtalloc_ign_fib()" instead of
calling "rtalloc_ign()".
qingli [Sun, 30 Aug 2009 22:44:12 +0000 (22:44 +0000)]
MFC r196649
Prefix on-link verification is being performed on statically
configured prefixes. Since these statically configured prefixes
do not have any associated advertising routers, these prefixes
are treated as unreachable and those prefix routes are deleted
from the routing table. Therefore bypass prefixes that are not
learned from router advertisements during prefix on-link check.
qingli [Sun, 30 Aug 2009 22:42:32 +0000 (22:42 +0000)]
MFC r196609
In ip_output(), the flow-table module must not try to cache L2/L3
information for interface of IFF_POINTOPOINT or IFF_LOOPBACK type.
Since the L2 information (rt_lle) is invalid for these interface
types, accidental caching attempt will trigger panic when the invalid
rt_lle reference is accessed.
When installing a new route, or when updating an existing route, the
user supplied gateway address may be an interface address (this is
particularly true for point-to-point interface related modules such
as ppp, if_tun, if_gif). Currently the routing command handler always
set the RTF_GATEWAY flag if the gateway address is given as part of the
command paramters. Therefore the gateway address must be verified against
interface addresses or else the route would be treated as an indirect
route, thus making that route unusable.
Reviewed by: kmacy, julian, rwatson
Approved by: re
qingli [Sun, 30 Aug 2009 22:39:49 +0000 (22:39 +0000)]
MFC r196608
Do not try to free the rt_lle entry of the cached route in
ip_output() if the cached route was not initialized from the
flow-table. The rt_lle entry is invalid unless it has been
initialized through the flow-table.
qingli [Sun, 30 Aug 2009 22:36:46 +0000 (22:36 +0000)]
MFC r196569
When multiple interfaces exist in the system, with each interface having
an IPv6 address assigned to it, and if an incoming packet received on
one interface has a packet destination address that belongs to another
interface, the routing table is consulted to determine how to reach this
packet destination. Since the packet destination is an interface address,
the route table will return a host route with the loopback interface as
rt_ifp. The input code must recognize this fact, instead of using the
loopback interface, the input code performs a search to find the right
interface that owns the given IPv6 address.
dougb [Sat, 29 Aug 2009 19:45:03 +0000 (19:45 +0000)]
MFC 196478:
Prior to the dire warning about values of network_interfaces other than
AUTO the biggest mistake users made was leaving lo0 off the list. Since
lo0 is effectively mandatory, check for it and add it to the list if
it's not there.
MFC 196523:
Improve the case test to detect the presence of lo0 in the list of
network_interfaces.
Submitted by: Christoph Mallon <christoph.mallon@gmx.de>
thompsa [Sat, 29 Aug 2009 15:42:06 +0000 (15:42 +0000)]
MFC r196547
It is possible for all the kthreads to exit (hci modules unloaded) which in
turn ends our usb process. This means the proc pointer becomes invalid and will
panic if a new kthread is added. Count the number of threads and clear the proc
pointer on the last one.
simon [Sat, 29 Aug 2009 15:21:50 +0000 (15:21 +0000)]
MFC r196474:
Merge DTLS fixes from vendor-crypto/openssl/dist:
- Fix memory consumption bug with "future epoch" DTLS records.
- Fix fragment handling memory leak.
- Do not access freed data structure.
- Fix DTLS fragment bug - out-of-sequence message handling which could
result in NULL pointer dereference in
dtls1_process_out_of_seq_message().
Note that this will not get FreeBSD Security Advisory as DTLS is
experimental in OpenSSL.
rwatson [Fri, 28 Aug 2009 21:14:04 +0000 (21:14 +0000)]
Merge r196559 from head to stable/8:
Add IFNET_HOLD reserved pointer value for the ifindex ifnet array,
which allows an index to be reserved for an ifnet without making
the ifnet available for management operations. Use this in if_alloc()
while the ifnet lock is released between initial index allocation and
completion of ifnet initialization.
Add ifindex_free() to centralize the implementation of releasing an
ifindex value. Use in if_free() and if_vmove(), as well as when
releasing a held index in if_alloc().
rwatson [Fri, 28 Aug 2009 21:12:38 +0000 (21:12 +0000)]
Merge r196553 from head to stable/8:
Break out allocation of new ifindex values from if_alloc() and if_vmove(),
and centralize in a single function ifindex_alloc(). Assert the
IFNET_WLOCK, and add missing IFNET_WLOCK in if_alloc(). This does not
close all known races in this code.
rwatson [Fri, 28 Aug 2009 21:10:26 +0000 (21:10 +0000)]
Merge r196535 from head to stable/8:
Use locks specific to the lltable code, rather than borrow the ifnet
list/index locks, to protect link layer address tables. This avoids
lock order issues during interface teardown, but maintains the bug that
sysctl copy routines may be called while a non-sleepable lock is held.
mlaier [Fri, 28 Aug 2009 20:26:00 +0000 (20:26 +0000)]
MFC r196551:
Fix argument ordering to memcpy as well as the size of the copy in the
(theoretical) case that pfi_buffer_cnt should be greater than ~_max.
rwatson [Fri, 28 Aug 2009 20:07:38 +0000 (20:07 +0000)]
Merge r196482 from head to stable/8:
Rather than using IFNET_RLOCK() when iterating over (and modifying) the
ifnet list during if_ef load, directly acquire the ifnet_sxlock
exclusively. That way when if_alloc() recurses the lock, it's a write
recursion rather than a read->write recursion.
This code structure is arguably a bug, so add a comment indicating that
this is the case. Post-8.0, we should fix this, but this commit
resolves panic-on-load for if_ef.
rwatson [Fri, 28 Aug 2009 20:06:02 +0000 (20:06 +0000)]
Merge r196481 from head to stable/8:
Rework global locks for interface list and index management, correcting
several critical bugs, including race conditions and lock order issues:
Replace the single rwlock, ifnet_lock, with two locks, an rwlock and an
sxlock. Either can be held to stablize the lists and indexes, but both
are required to write. This allows the list to be held stable in both
network interrupt contexts and sleepable user threads across sleeping
memory allocations or device driver interactions. As before, writes to
the interface list must occur from sleepable contexts.
delphij [Fri, 28 Aug 2009 19:48:06 +0000 (19:48 +0000)]
MFC r196525:
Consider flag == 0 as the same of flag == R_NEXT. This change will restore
a historical behavior that has been changed by revision 190491, and has seen
to break exim.
zec [Fri, 28 Aug 2009 19:18:20 +0000 (19:18 +0000)]
MFC r196504:
When moving ifnets from one vnet to another, and the ifnet
has ifaddresses of AF_LINK type which thus have an embedded
if_index "backpointer", we must update that if_index backpointer
to reflect the new if_index that our ifnet just got assigned.
zec [Fri, 28 Aug 2009 19:15:17 +0000 (19:15 +0000)]
MFC r196505:
When "jail -c vnet" request fails, the current code actually creates and
leaves behind an orphaned vnet. This change ensures that such vnets get
released.
zec [Fri, 28 Aug 2009 19:10:58 +0000 (19:10 +0000)]
MFC r196502:
Introduce a div_destroy() function which takes over per-vnet cleanup tasks
from the existing modevent / MOD_UNLOAD handler, and register div_destroy()
in protosw as per-vnet .pr_destroy() handler for options VIMAGE builds. In
nooptions VIMAGE builds, div_destroy() will be invoked from the modevent
handler, resulting in effectively identical operation as it was prior this
change. div_destroy() also tears down hashtables used by ipdivert, which
were previously left behind on ipdivert kldunloads.
For options VIMAGE builds only, temporarily disable kldunloading of ipdivert,
because without introducing additional locking logic it is impossible to
atomically check whether all ipdivert instances in all vnets are idle, and
proceed with cleanup without opening a race window for a vnet to open an
ipdivert socket while ipdivert tear-down is in progress.
While here, staticize div_init(), because it is not used outside of
ip_divert.c.
In cooperation with: julian
Approved by: re (rwatson), julian (mentor)
zec [Fri, 28 Aug 2009 19:08:56 +0000 (19:08 +0000)]
MFC r196501:
When registering a protocol to an existing protocol domain via
pf_proto_register(), iterate over all existing vnets to call protosw_init()
and thus the appropriate .pr_init() handler in the context of each vnet.
NB in the future we probably want to separate pr_init() handlers into
two, i.e. per-vnet and global, functions.
This change has no impact on nooptions VIMAGE builds.
yongari [Fri, 28 Aug 2009 18:01:37 +0000 (18:01 +0000)]
MFC r196517:
Don't try to power down PHY when alc(4) failed to map the device.
This fixes system crash when mapping alc(4) device failed in device
attach.
Reported by: Jim < stapleton.41 <> gmail DOT com >
Approved by: re (kib)
yongari [Fri, 28 Aug 2009 17:34:22 +0000 (17:34 +0000)]
MFC r196516:
Add RTL8168DP/RTL8111DP device id. While I'm here append "8111D" to
the description of RTL8168D as RL_HWREV_8168D can be either
RTL8168D or RTL8111D.
ed [Fri, 28 Aug 2009 10:25:26 +0000 (10:25 +0000)]
MFC r196508:
Our implementation of granpt(3) could be valid in the future.
When I wrote the pseudo-terminal driver for the MPSAFE TTY code, Robert
Watson and I agreed the best way to implement this, would be to let
posix_openpt() create a pseudo-terminal with proper permissions in place
and let grantpt() and unlockpt() be no-ops.
This isn't valid behaviour when looking at the spec. Because I thought
it was an elegant solution, I filed a bug report at the Austin Group
about this. In their last teleconference, they agreed on this subject.
This means that future revisions of POSIX may allow grantpt() and
unlockpt() to be no-ops if an open() on /dev/ptmx (if the implementation
has such a device) and posix_openpt() already do the right thing.
I'd rather put this in the manpage, because simply mentioning we don't
comply to any standard makes it look worse than it is. Right now we
don't, but at least we took care of it.
dougb [Thu, 27 Aug 2009 17:53:25 +0000 (17:53 +0000)]
MFC 196589:
In the loop through the list of interfaces in network6_interface_setup()
rtsol_interface gets reset to "yes" each time through the loop, but
rtsol_available does not. If a user has lo0 first in their list of
interfaces rtsol_available will get set to "no" the first time through
the loop and subsequent interfaces will not get rtsol'ed when they should.
Therefore change the conditional for the is_wired() test to _interface.
bz [Thu, 27 Aug 2009 17:34:13 +0000 (17:34 +0000)]
MFC r196512:
Fix handling of .note.ABI-tag section for GNU systems [1].
Handle GNU/Linux according to LSB Core Specification 4.0,
Chapter 11. Object Format, 11.8. ABI note tag.
Also check the first word of desc, not only name, according to
glibc abi-tags specification to distinguish between Linux and
kFreeBSD.
Add explicit handling for Debian GNU/kFreeBSD, which runs
on our kernels as well [2].
In {amd64,i386}/trap.c, when checking osrel of the current process,
also check the ABI to not change the signal behaviour for Linux
binary processes, now that we save an osrel version for all three
from the lists above in struct proc [2].
These changes make it possible to run FreeBSD, Debian GNU/kFreeBSD
and Linux binaries on the same machine again for at least i386 and
amd64, and no longer break kFreeBSD which was detected as GNU(/Linux).
PR: kern/135468
Submitted by: dchagin [1] (initial patch)
Suggested by: kib [2]
Tested by: Petr Salinger (Petr.Salinger seznam.cz) for kFreeBSD
Reviewed by: kib
Approved by: re (kensmith)
jhb [Thu, 27 Aug 2009 17:16:23 +0000 (17:16 +0000)]
MFC 196521:
Fix a few issues with the lib32 dist so that it includes ldd32.
- Use a better find invocation to purge empty directories from all the dist
trees during a release build. The previous version did not purge
directories whose contents were all empty directories.
- Explicitly blacklist a few files from the lib32 dist instead of using a
whitelist. A better longterm solution is to fix the few offenders to not
install data files during a lib32 install.
jhb [Thu, 27 Aug 2009 16:34:04 +0000 (16:34 +0000)]
MFC 196520:
Tweak the way that the ACPI and ISA bus drivers match hint devices to
BIOS-enumerated devices:
- Assume a device is a match if the memory and I/O ports match even if the
IRQ or DRQ is wrong or missing. Some BIOSes don't include an IRQ for
the atrtc device for example.
- Add a hack to better match floppy controller devices. Many BIOSes do not
include the starting port of the floppy controller listed in the hints
(0x3f0) in the resources for the device. So far, however, all the BIOS
variations encountered do include the 'port + 2' resource (0x3f2), so
adjust the matching for "fdc" devices to look for 'port + 2'.
brian [Thu, 27 Aug 2009 07:07:38 +0000 (07:07 +0000)]
MFC: When ``ppp -direct'' is invoked by a program that uses pipe(2) to
create stdin and stdout, don't blindly try to use stdin as a bi-directional
channel. Instead, detect the pipe and set up a special exec handler
that indirects write() calls through stdout.
This fixes the problem where ``set device "!ssh -e none host ppp
-direct label"'' no longer works with an openssh-5.2 server side as
that version of openssh ignores the USE_PIPES config setting and
*always* uses pipes (rather than socketpair) for stdin/stdout channels.
dougb [Wed, 26 Aug 2009 22:32:14 +0000 (22:32 +0000)]
MFC r196435:
The svnversion string is only relevant when newvers.sh is called
during the kernel build process, the other places that call the
script do not make use of that information. So restrict execution
of the svnversion-related code to the kernel build context.
dougb [Wed, 26 Aug 2009 21:08:41 +0000 (21:08 +0000)]
MFC 196436;
Move is_wired_interface() from rc.d/wpa_supplicant into network.subr,
simplify it a bit, and make use of that method to determine if an
interface is a candidate for IPv6 rtsol rather than listing all of the
possible wireless interfaces that should _not_ get rtsol'ed.
This change is only relevant for 8.0+ unless the "wlan mandatory" code
gets ported back to RELENG_7.
dougb [Wed, 26 Aug 2009 20:57:21 +0000 (20:57 +0000)]
MFC 196434:
Add a script to create the /var/db/mergemaster.mtree file for new
releases so that when users subsequently update their source trees
they can make use of mergemaster's -U option.
sam [Sun, 23 Aug 2009 16:21:49 +0000 (16:21 +0000)]
MFC r196472:
Enable _DIRENT_HAVE_D_TYPE so wpa_cli scans directories properly
for it's unix domain socket. Before this change wpa_cli would take
the first file in the directory that was not "." or "..".
julian [Fri, 21 Aug 2009 11:23:29 +0000 (11:23 +0000)]
MFC r196423
Fix ipfw's initialization functions to get the correct order of evaluation
to allow vnet and non vnet operation. Move some functions from ip_fw_pfil.c
to ip_fw2.c and mode to mostly using the SYSINIT and VNET_SYSINIT handlers
instead of the modevent handler. Correct some spelling errors in comments
in the affected code. Note this bug fixes a crash in NON VIMAGE kernels when
ipfw is unloaded.
This patch is a minimal patch for 8.0
I have a much larger patch that actually fixes the underlying problems
that will be applied after 8.0
Reviewed by: zec@, rwatson@, bz@(earlier version)
Approved by: re (rwatson)
zec [Fri, 21 Aug 2009 11:17:25 +0000 (11:17 +0000)]
MFC r196421:
Bugfix: all requests for creating vnets via vimage -c were always
reported as failures, even if the actual library / system call
would succeed, because error message would be reported if the return
value from jail_setv() call was >= 0, and if not, then if that same
value was < 0, i.e. always. The correct behavior is to abort (only)
if jail_setv() returns < 0.
jhb [Fri, 21 Aug 2009 03:14:39 +0000 (03:14 +0000)]
MFC 196417:
This patch fixes two bugs in sglist(9) and improves robustness of the API via
better semantics if a request to append an address range to an existing list
fails.
- When cloning an sglist, properly set the length in the new sglist instead of
leaving the new list empty.
- Properly compute the amount of data added to an sglist via
_sglist_append_buf(). This allows sglist_consume_uio() to properly update
uio_resid.
- When a request to append an address range to a scatter/gather list fails,
restore the sglist to the state it had at the start of the function call
instead of resetting it to an empty list.
kensmith [Fri, 21 Aug 2009 01:12:06 +0000 (01:12 +0000)]
MFC r196415:
Fix a boot hang for hptrr(4) caused by changes introduced in r195534.
It is necessary to make sure cpi->transport is set for xpt_scan_bus() to
work properly.
Submitted by: Bernhard Schmidt (scb+freebsd-current <at> techwires
<dot> net)
Reviewed by: scottl
Approved by: re (kib)
jkim [Thu, 20 Aug 2009 23:04:21 +0000 (23:04 +0000)]
MFC: r196412
Check whether the SMBIOS reports reasonable amount of memory. If it is
less than "avail memory", fall back to Maxmem to avoid user confusion.
We use SMBIOS information to display "real memory" since r190599 but
some broken SMBIOS implementation reported only half of actual memory.
zec [Thu, 20 Aug 2009 22:56:29 +0000 (22:56 +0000)]
MFC r196409:
vimage(8) is a legacy CLI interface for managing jails associated with
network stack instances, which is provided for compatibility with
older applications. This change brings it back to life in a followup
to the initial conversion of vimage to use the new jail(4)
userland-kernel API:
- when creating vimages via "vimage -c", by default turn on a few
options expected by legacy applications, such as allow operations on
raw sockets, FS mounts etc, and allow jail-related parameters to be
optionally configured.
- introduce the "-m" modifier which allows for configuring jail
parameters of existing vimages / vnet-jails.
- make "vimage name command ..." actually work.
- when reassigning ifnets to vnets using "vimage -i", attempt to rename
the ifnet as "ethXXX" on arrival in the target vnet. Several legacy
applications are known to depend heavily on such behavior.
- vimage -l lists only jails associated with vnets. The output is
sorted using vimage / jail names as keys.
- vimage -l by default searches only the current level in the jail
hierarchy. Recursive listing can be requested via -r switch.
- vimage -l by default prints only jail names on each line, making
such output suitable for pipelining to other commands. More verbose
output can be obtained via -v switch, and even more jail specific
information will be displayed if -j switch is turned on.
- there's no need to build vimage as statically linked, so update the
Makefile accordingly.
rwatson [Thu, 20 Aug 2009 21:29:49 +0000 (21:29 +0000)]
Merge r196267 from head to stable/8:
Rather than fix questionable ifnet list locking in the implementation of
the kern.polling.enable sysctl, remove the sysctl. It has been deprecated
since FreeBSD 6 in favour of per-ifnet polling flags.
jhb [Thu, 20 Aug 2009 20:53:36 +0000 (20:53 +0000)]
MFC 196404:
Change the 'resid' parameter to sglist_consume_uio() from an int to a
size_t to match the recent type change of the uio_resid member of struct
uio.
avg [Thu, 20 Aug 2009 11:04:31 +0000 (11:04 +0000)]
MFC 196399: fstat: fix fsid comparison when executed on systems with 64-bit long
This affects only fstat on zfs and devfs, only on 64-bit systems
and only when fsid is greater than 2^31 - 1.
When fstat examines a file via stat(2) it takes uint32_t st_dev
and assigns to (signed) (64-bit) long fsid, this results in
a positive value.
When fstat examines opened files it takes int32_t f_fsid.val[0]
and assigns to (signed) (64-bit) long fsid, this results in
a negative value.
So, while initially st_dev and f_fsid.val[0] have the same bit
values they get promoted to different 64-bit values because
of the signed-vs-unsigned difference.
A fix is to use "more natural" positive numbers by introducing
intermediate unsigned cast for f_fsid.val[0].
will [Thu, 20 Aug 2009 02:49:43 +0000 (02:49 +0000)]
MFC r196397 from head:
Fix CARP memory leaks on carp_if's malloc'd using M_CARP. This occurs when
CARP tries to free them using M_IFADDR after the last address for a virtual
host is removed and when detaching from the parent interface.
pjd [Thu, 20 Aug 2009 00:08:58 +0000 (00:08 +0000)]
MFC r196395:
Our libc doesn't implement control method for XDR (only kernel does) and it
will always return failure. Fix this by bringing userland implementation of
xdrmem_control() back. This allow 'zpool import' to work again.
Reported by: Thomas Backman <serenity@exscape.org>
Reviewed by: kmacy
Approved by: re (kib)
simon [Wed, 19 Aug 2009 21:01:32 +0000 (21:01 +0000)]
MFC 196392:
Add support for backing up the old kernel when installing a new kernel
using freebsd-update. This applies to using freebsd-update in "upgrade
mode" and normal freebsd-update on a security branch.
The backup kernel will be written to /boot/kernel.old, if the directory
does not exist, or the directory was created by freebsd-update in a
previous backup. Otherwise freebsd-update will generate a new directory
name for use by the backup. By default symbol files are not backed up
to save diskspace and avoid filling up the root partition.
This feature is fully configurable in the freebsd-update config file,
but defaults to enabled.
kmacy [Wed, 19 Aug 2009 20:17:36 +0000 (20:17 +0000)]
This change fixes a comment and addresses a complaint by kib@ by
moving a frequently executed flowtable syslog statement from being
conditional on bootverbose to conditional on a per-vnet flowtable
sysctl.
delphij [Wed, 19 Aug 2009 18:08:50 +0000 (18:08 +0000)]
MFC r196386:
Temporarily enhance em(4) and igb(4) hack to take account for IFF_NOARP.
Without this changeset there will be no way to prevent these NICs from
sending ARP, which is harmful in server farms that is configured as
"Direct Server Return" behind a load balancer.
A better fix would remove the whole hack completely but it would be
later than 8.0-RELEASE.
jhb [Wed, 19 Aug 2009 17:45:58 +0000 (17:45 +0000)]
MFC 196382:
Explicitly line up the CPU state labels with the calculated starting column
that takes into account the width of the largest CPU ID. On systems with
> 10 CPUs the labels for the first 10 CPUs were not lined up properly
otherwise.
marcel [Wed, 19 Aug 2009 16:40:45 +0000 (16:40 +0000)]
MFC change 196383:
Remove the dependency on the kernel -- in particular the gctl request to
the GEOM_BSD class -- to translate the absolute offsets in the label to
relative ones. This makes bslabel(8) work correctly with GEOM_PART and
also when the BSD label is nested under arbitrary partitioning schemes.
Inspired by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Approved by: re (kib)
raj [Wed, 19 Aug 2009 14:48:59 +0000 (14:48 +0000)]
MFC r196380
Fix USB cache sync operations for platforms with non-coherent DMA.
- usb_pc_cpu_invalidate() is called between [consecutive] reads from a device,
so a sequence of BUS_DMASYNC_POSTREAD and _PREREAD should be used. Note we
cannot use or'ed shorthand ( _POSTREAD | _PREREAD) for BUS_DMASYNC flags, as
the low level bus dma sync operation is implementation dependent and we
cannot assume the required order of operations to be guaranteed.
- usb_pc_cpu_flush() is called before writing to a device, so
BUS_DMASYNC_PREWRITE should be used.
Submitted by: Grzegorz Bernacki
Reviewed by: HPS, arm@, usb@ ML
Tested by: HPS, Mike Tancsa
Approved by: re (kib)
Obtained from: Semihalf
ed [Wed, 19 Aug 2009 14:38:43 +0000 (14:38 +0000)]
MFC r196378:
Small changes to the warning message generated by pty(4):
- Only print the warning once, instead of filling up the screen.
- Use the word "legacy" for the pty_warningcnt description, to prevent
confusion.
- Use log() instead of printf().
Discussed with: rwatson, jhb
Approved by: re (kib)
edwin [Wed, 19 Aug 2009 03:58:12 +0000 (03:58 +0000)]
- Make note of the update of tzdata from 2008h to 2009j
- Make note of the update of tzcode from 2004a to 2009h
Add an extra alert that people who update via source or via
freebsd-update will have to run the tzsetup(8) utility.
mlaier [Wed, 19 Aug 2009 00:17:00 +0000 (00:17 +0000)]
MFC r196372:
If we cannot immediately get the pf_consistency_lock in the purge thread,
restart the scan after acquiring the lock the hard way. Otherwise we
might end up with a dead reference.
stas [Tue, 18 Aug 2009 21:13:00 +0000 (21:13 +0000)]
- MFC r196370.
Do not try to reevaluate current RX production index on each
loop iteration as it can be updated by the card while we
process the RX ring forcing us to process RX descriptors
for which DMA synchronisation operation has not been
performed. This fixes the bug when bge(4) drops packets
under high load.
Discussed with: yongari, marius
Approved by: re (kib)
kmacy [Tue, 18 Aug 2009 20:39:35 +0000 (20:39 +0000)]
MFC 196368
- change the interface to flowtable_lookup so that we don't rely on
the mbuf for obtaining the fib index
- check that a cached flow corresponds to the same fib index as the
packet for which we are doing the lookup
- at interface detach time flush any flows referencing stale rtentrys
associated with the interface that is going away (fixes reported
panics)
- reduce the time between cleans in case the cleaner is running at
the time the eventhandler is called and the wakeup is missed less
time will elapse before the eventhandler returns
- separate per-vnet initialization from global initialization
(pointed out by jeli@)
yongari [Tue, 18 Aug 2009 20:25:02 +0000 (20:25 +0000)]
MFC r196366:
Backout r193289. r193289 restored page select bits to previous
value instead of blindly resetting it to 0. However, it seems page
select bits of some 88E1116 PHY is initialized to invalid one such
that restoring page select bits after programming broke MII
register access. The correct solution would be reset page select
bits to 0 in PHY attach stage but it would require more testing.
Since we're in BETA stage such a change would be dangerous so just
back it out.
This change should fix nfe(4) breakage on NVIDIA MCP55.
Reported by: Ryan Rogers < webmaster <> doghouserepair dot com >
Sam Fourman Jr. < sfourman <> gmail dot com >
Tested by: Ryan Rogers < webmaster <> doghouserepair dot com >
Sam Fourman Jr. < sfourman <> gmail dot com >
Approved by: re (kib)