jkim [Mon, 16 May 2016 22:42:09 +0000 (22:42 +0000)]
Hide OPENSSL_cpuid_setup and OPENSSL_ia32cap_P symbols from libcrypto.so.
Note this is a direct commit because it is merged from OpenSSL upstream and
head (OpenSSL 1.0.2 branch) already has the same change:
jkim [Mon, 16 May 2016 19:30:27 +0000 (19:30 +0000)]
- Make libcrypto.so position independent on i386.
- Enable linker error when libcrypto.so contains a relocation against text.
- Add "Do not modify" comment to generated source files.
- Set CC environment variable for Perl scripts to enable AVX instructions.
- Update __FreeBSD_version to indicate libcrypto.so is position independent.
Note this is a direct commit because head has OpenSSL 1.0.2 branch but based
on r299389, r299462, r299464, r299479, and r299480.
- (r299263) Update MPI headers to version 42.
- (r299265) Several style changes and add copyrights for 2016.
- (r299266) Add support for the Broadcom (Avago/LSI) 9305 16 and 24 port HBA's.
- (r299267) No log bit in IOCStatus and endian-safe changes.
Use MPI2_IOCSTATUS_MASK when checking IOCStatus to mask off the log bit, and
make a few more things endian-safe.
- (r299268) Change logging level for a debug string to use MPR_LOG instead of
MPR_INFO.
- (r299269) Fix possible use of invalid pointer.
It was possible to use an invalid pointer to get the target ID value. To fix
this, initialize a local Target ID variable to an invalid value and change that
variable to a valid value only if the pointer to the Target ID is not NULL.
- (r299270) No need to set the MPRSAS_SHUTDOWN flag because it's never used.
- (r299271) Use callout_reset_sbt() instead of callout_reset() if FreeBSD ver
is >= 1000029
- (r299272) done_ccb pointer can be used if it is NULL.
To prevent this, move check for done_ccb == NULL to before done_ccb is used in
mprsas_stop_unit_done().
- (r299274) Disks can go missing until a reboot is done in some cases.
This is due to the DevHandle not being released, which causes the Firmware to
not allow that disk to be re-added.
- (r299275) Bump version of mpr driver to 13.00.00.00-fbsd
asomers [Mon, 16 May 2016 17:23:57 +0000 (17:23 +0000)]
MFC r298072
Don't corrupt ZFS label's physpath attribute when booting while a disk is
missing
Prior to this change, vdev_geom_open_by_path would call vdev_geom_attach
prior to verifying the device's GUIDs. vdev_geom_attach calls
vdev_geom_attrchange to set the physpath in the vdev object. The result is
that if the disk could not be found, then the labels for other disks in the
same TLD would overwrite the missing disk's physpath with the physpath of
whichever disk currently has the same devname as the missing one used to
have.
pfg [Mon, 16 May 2016 16:29:56 +0000 (16:29 +0000)]
MFC r298901:
restore: promote some getfiles() parameters to size_t.
This is based on a change from OpenBSD:
"Fix restore so that it can actually restore files larger than 4GB by
changing the type of "size" to off_t in getfiles() plus little dependent
type cleanup, from Daniel Lucq."
It is an important for machines with 32 bit longs.
While here unsign the flags, also from OpenBSD.
kib [Mon, 16 May 2016 02:23:58 +0000 (02:23 +0000)]
MFC r298922:
Issue NOTE_EXTEND when a directory entry is added to or removed from
the monitored directory as the result of rename(2) operation. The
renames staying in the directory are not reported.
dim [Sat, 14 May 2016 10:18:27 +0000 (10:18 +0000)]
MFC r275385 (by bapt):
Sync the svn template with the one from ports
MFC r289180 (by peter):
Update from svn-1.8.14 to 1.9.2.
Formal release notes are available:
https://subversion.apache.org/docs/release-notes/1.9.html
Of particular note, the client checkout format has *not* changed so
upgrades should *not* be required.
When reading a repository (file:// or running as a local server), an
improved fsfs version 7 is available with significant performance
improvements. An optional upgrade is possible to use the new features.
Without the upgrade, this is fully read/write compatible with the
version 6 fsfs as in svn-1.8.
MFC r298845:
Update from subversion 1.9.2 to 1.9.4.
This contains only bug fixes, no new features. The repository format is
also unchanged from 1.9.2. Full list of changes between 1.9.4 and
earlier versions:
Note that the two security issues fixed in 1.9.4 (CVE-2016-2167 and
CVE-2016-2168) do not affect the version of Subversion in the FreeBSD
base system, since neither SASL nor Apache modules are enabled.
MFC r298996:
Re-sync the FreeBSD-specific Subversion template with the one from
ports.
ngie [Fri, 13 May 2016 09:52:39 +0000 (09:52 +0000)]
MFC r298839:
Fix memory allocation edgecases in kvm_argv(..)
- Don't leak nbufp on realloc failure in kvm_argv
- Catch malloc errors with bufp
- Set buflen last in the "buflen == 0" case to ensure that
bufp/nbufp is properly reallocated on the next go around
ngie [Fri, 13 May 2016 09:14:43 +0000 (09:14 +0000)]
MFC r298462:
Return `ret` in op_ifentry(..) to mute a -Wunused-but-set-variable warning
This will also now detect error conditions with
value->var.subs[sub - 1] == LEAF_ifPhysAddress where `string_get(..)`
could fail if iifp->physaddr and/or iifp->physaddrlen were deemed
invalid.
ngie [Fri, 13 May 2016 09:06:52 +0000 (09:06 +0000)]
MFC r298665:
r298665 (by cem):
aacraid(4): Fix some mostly trivial buffer overruns
strcpy(3) emits a trailing nul byte, trampling fields after the intended
destination. Instead, use strncpy(3), intentionally leaving these fields
not nul-terminated.
ngie [Fri, 13 May 2016 09:05:29 +0000 (09:05 +0000)]
MFC r298670:
r298670 (by cem):
ciss(4): Fix overrun of array
The softc member 'ciss_logical' is an array of 'ciss_max_logical_bus' members.
Most of the time it is iterated correctly. This patch fixes the two instances
where the driver iterated off the end of the array.
ngie [Fri, 13 May 2016 08:54:08 +0000 (08:54 +0000)]
MFC r298671,r298672:
r298671 (by cem):
g_part_bsd64: Check for valid on-disk npartitions value
This value is u32 on disk, but assigned to an int in memory. After we do the
implicit conversion via assignment, check that the result is at least one[1]
(non-negative[2]).
1. The subsequent for-loop iterates from gpt_entries minus one, down, until
reaching zero. A negative or zero initial index results in undefined signed
integer overflow.
2. It is also used to index into arrays later.
In practice, we expected non-malicious disks to contain small positive values.
ngie [Fri, 13 May 2016 08:41:09 +0000 (08:41 +0000)]
MFC r298337:
r298337 (by cem):
pty(4): Use strlcpy to guarantee destination buffer isn't overrun
The devtoname() name is strcpyed into a small stack buffer. Sure, we always
expect the name to be ttyXX (or ptyXX). If that's the case, strlcpy() doesn't
hurt.
ism_stop() already destroys and frees 'sp', including a call to ic_destroy().
Don't dereference 'sp' after ism_stop() and don't invoke ic_destroy() on the
freed memory either.
ngie [Fri, 13 May 2016 08:17:42 +0000 (08:17 +0000)]
MFC r298333:
r298333 (by cem):
Make Racct macro slightly more gracious given RACCT_UNDEFINED
rctl_string_to_rule could previously index below the zeroth element of
racct_types via the macro. Maybe it shouldn't use the macro on
RACCT_UNDEFINED. But given every other RACCT_ definition is non-negative, it
seems pretty easy to foot-shoot this one without the check.
The facility_initialized and facility arrays are the same size and were
intended to be indexed the same. I believe this mismatch was just a
typo/braino in r208731.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Paul Dagnelie <pcd@delphix.com>
Author: Alexander Motin <mav@FreeBSD.org>
Improve speculative prefetch of indirect blocks.
Scalability of many operations on wide ZFS pool can be limited by
requirement to prefetch indirect blocks first. Recently added
asynchronous indirect block read partially helped, but did not
solve the problem completely. This patch extends existing prefetcher
functionality to explicitly work with indirect blocks.
Before this change prefetcher issued reads for up to 8MB of data in
advance. With this change it also issues indirect block reads
for up to 64MB of data in advance, so that when it will be time to
actually read those data, it can be done immediately. Alike effect
can be achieved by just increasing maximal data prefetch distance,
but at higher memory cost.
Also this change introduces indirect block prefetch for rewrite
operations, that was never done before. Previously ARC miss for
Indirect blocks regularly blocked rewrites, converting perfectly
aligned asynchronous operations into synchronous read-write pairs,
significantly reducing maximal rewrite speed.
While being there this issue was also fixed:
- prefetch was done always, even if caching for the dataset was
completely disabled.
Testing on FreeBSD with zvol on top of 6x striped 2x mirrored pool
of 12 assorted HDDs shown me such performance numbers:
------- BEFORE --------
Write 491363677 bytes/sec
Read 312430631 bytes/sec
Rewrite 97680464 bytes/sec
-------- AFTER --------
Write 493524146 bytes/sec
Read 438598079 bytes/sec
Rewrite 277506044 bytes/sec
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Dan Kimmel <dan.kimmel@delphix.com>
Reviewed by: Paul Dagnelie <pcd@delphix.com>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Approved by: Robert Mustacchi <rm@joyent.com>
Author: Eli Rosenthal <eli.rosenthal@delphix.com>
mav [Wed, 11 May 2016 11:31:51 +0000 (11:31 +0000)]
MFC r297507: MFV r297504:
6681 zfs list burning lots of time in dodefault() via dsl_prop_*
Reviewed by: Patrick Mooney <patrick.mooney@joyent.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Approved by: Matthew Ahrens <mahrens@delphix.com>
Author: Alex Wilson <alex.wilson@joyent.com>
mav [Wed, 11 May 2016 11:24:59 +0000 (11:24 +0000)]
MFC r297763: MFV r297760: 6418 zpool should have a label clearing command
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: George Wilson <george.wilson@delphix.com>
Author: Will Andrews <will@firepipe.net>
mav [Wed, 11 May 2016 11:23:22 +0000 (11:23 +0000)]
MFC r297508: MFV r297505:
6739 userland version of cv_timedwait_hires() always assumes absolute time
Reviewed by: Paul Dagnelie <pcd@delphix.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
Author: George Wilson <george.wilson@delphix.com>
asomers [Tue, 10 May 2016 17:34:35 +0000 (17:34 +0000)]
MFC 294923
Fix grep_test:recurse with ZFS and TMPFS tmpdirs
contrib/netbsd-tests/usr.bin/grep/t_grep.sh
Fix grep_test:recurse when /tmp is either zfs or tmpfs. The test was
relying on an implicit ordering of directory recursion which happens to
be true when using UFS. grep's specification requires no such ordering.
The solution is to ignore the order of grep's results.
asomers [Tue, 10 May 2016 16:49:50 +0000 (16:49 +0000)]
MFC 297868
Fix rare double free in vdev_geom_attrchanged
sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
Don't drop the g_topology_lock before freeing old_physpath. That
opens up a race where one thread can call vdev_geom_attrchanged,
set old_physpath, drop the g_topology_lock, then block trying to
acquire the SCL_STATE lock. Then another thread can come into
vdev_geom_attrchanged, set old_physpath to the same value, and
proceed to free it. When the first thread resumes, it will free
the same location.
It turns out that the SCL_STATE lock isn't needed. It was
originally added by gibbs to protect vd->vdev_physpath while
updating the same. However, the update process subsequently was
switched to an atomic operation (a pointer swap). Now, there is
no need for the SCL_STATE lock, and hence no need to drop the
g_topology_lock.
jhb [Tue, 10 May 2016 03:42:18 +0000 (03:42 +0000)]
MFC 299205: Restore name=value format of PCI location strings.
When devctl was added, the location string for PCI devices was changed to
use the PCI "selector" that pciconf and devctl accept. However, devd
assumes that location strings are formatted as a list of name=value pairs.
As a result, devd is no longer parsing any of the values out of PCI
device events. Restore the previous format of the PCI location strings
to restore the location and slot keywords in case any devd scripts are
using this. Add the "selector" as a new 'dbsf' location variable.
davidcs [Tue, 10 May 2016 02:26:26 +0000 (02:26 +0000)]
MFC r298294
1. modify fwdump (a.k.a grcdump) so that grcdump memory is allocated
and freed on as needed basis.
2. grcdump can be taken at failure points by invoking bxe_grc_dump()
when trigger_grcdump sysctl flag is set. When grcdump is taken
grcdump_done sysctl flag is set.
3. grcdump_done can be monitored by the user to retrieve the grcdump
hselasky [Mon, 9 May 2016 13:09:41 +0000 (13:09 +0000)]
MFC r298771:
Add function to detect the presence of a port module and use this
function to error out early when no port module is present and doing
eeprom access. This also prevents error codes from filling up in
dmesg.
kib [Sun, 8 May 2016 09:02:51 +0000 (09:02 +0000)]
MFC r298890:
Make it explicit that D_MEM cdevsw d_flag is to signify that the
driver is (or behaves identically to) /dev/mem. Remove the D_MEM flag
from random drivers.
rmacklem [Sat, 7 May 2016 20:17:23 +0000 (20:17 +0000)]
MFC: r298523
Allow the NFSv4 server to reply NFSERR_WRONGSEC for the SetClientID operation.
It was reported via email that a Linux client couldn't do a Kerberized
NFS mount when only "sec=krb5" was specified for the exports. The Linux
client attempted a mount via krb5i and the server replied NFSERR_SERVERFAULT.
Although NFSERR_WRONGSEC isn't listed as an error for SetClientID, I
think it is the correct reply, so this patch enables that.
I do not know if this fixes the mount attempt, but adding "krb5i" to the
list of allowed security flavours does allow the mount to work.
rmacklem [Sat, 7 May 2016 20:09:15 +0000 (20:09 +0000)]
MFC: r298495
Fix a LOR in the NFSv4.1 server.
The ordering of acquisition of the state and session mutexes was
reversed in two cases executed when an NFSv4.1 client created/freed
a session. Since clients will typically do this only when mounting
and dismounting, the likelyhood of causing a deadlock was low but possible.
This can only occur for NFSv4.1 mounts, since the others do not
use sessions.
This was detected while testing the pNFS server/client where the
client crashed during dismounting.
The patch also reorders the unlocks, although that isn't necessary
for correct operation.
dchagin [Sat, 7 May 2016 19:05:39 +0000 (19:05 +0000)]
MFC r295856 (by des@):
Implement /proc/$$/limits.
MFC r297781 (by dchagin@):
More complete implementation of /proc/self/limits.
Fix the way the code accesses process limits struct - pointed out by mjg@.
MFC r298318, 298319 (by cem@):
Don't print uninitialized values and initialize error return before use.
dchagin [Sat, 7 May 2016 08:30:21 +0000 (08:30 +0000)]
MFC r298519:
Fix streams and svr4 module dependency. Both modules are complaining about
undefined symbol svr4_delete_socket which was moved from streams to the svr4 module
in r160558 that created a two-way dependency between them.
MFC r298520:
Allow to build svr4 module with SYSV support separatelly from the kernel build.
rmacklem [Sat, 7 May 2016 00:02:28 +0000 (00:02 +0000)]
MFC: r297869
If the VOP_SETATTR() call that saves the exclusive create verifier failed,
the NFS server would leave the newly created vnode locked. This could
result in a file system that would not unmount and processes wedged,
waiting for the file to be unlocked.
Since this VOP_SETATTR() never fails for most file systems, this bug
doesn't normally manifest itself. I found it during testing of an
exported GlusterFS file system, which can fail.
This patch adds the vput() and changes the error to the correct NFS one.
rmacklem [Fri, 6 May 2016 23:44:24 +0000 (23:44 +0000)]
MFC: r297837
Bruce Evans reported that there was a performance regression between
the old and new NFS clients. He did a good job of isolating the problem
which was caused by the new NFS client not setting the post write mtime
correctly. The new NFS client code was cloned from the old client, but
was incorrect, because the mtime in the nfs vnode's cache wasn't yet
updated. This patch fixes this problem. The patch also adds missing mutex
locking.
bcr [Fri, 6 May 2016 17:55:11 +0000 (17:55 +0000)]
MFC r298893:
Provide an example to the kqueue man page, showing
a basic usage example. Although it is an
untypical example for the use of kqueue, it is
better than nothing and should get people started.