gjb [Mon, 19 Nov 2018 15:49:39 +0000 (15:49 +0000)]
MFS12 r340630:
Remove debugging options from amd64 MINIMAL [1] and riscv GENERIC
kernel configuration files. This should have been turned off when
stable/12 branched.
Submitted by: Harry Schmalzbauer [1]
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation
asomers [Thu, 15 Nov 2018 19:06:07 +0000 (19:06 +0000)]
MFC r340314:
libjail: fix handling of allow.mount.fusefs in jailparam_init
fusefs is inconsistently named. The kernel module is named "fuse", but the
mount helper is named "mount_fusefs" and the jail(8) parameter is named
"allow.mount.fusefs". Special case it in libjail.
Reviewed by: jamie
Approved by: re (gjb)
Differential Revision: https://reviews.freebsd.org/D17929
vmaffione [Thu, 15 Nov 2018 18:51:37 +0000 (18:51 +0000)]
MFC :r340436
vtnet: fix netmap support
netmap(4) support for vtnet(4) was incomplete and had multiple bugs.
This commit fixes those bugs to bring netmap on vtnet in a functional state.
Changelist:
- handle errors returned by virtqueue_enqueue() properly (they were
previously ignored)
- make sure netmap XOR rest of the kernel access each virtqueue.
- compute the number of netmap slots for TX and RX separately, according to
whether indirect descriptors are used or not for a given virtqueue.
- make sure sglist are freed according to their type (mbufs or netmap
buffers)
- add support for mulitiqueue and netmap host (aka sw) rings.
- intercept VQ interrupts directly instead of intercepting them in txq_eof
and rxq_eof. This simplifies the code and makes it easier to make sure
taskqueues are not running for a VQ while it is in netmap mode.
- implement vntet_netmap_config() to cope with changes in the number of queues.
Sponsored by: Sunny Valley Networks
Differential Revision: https://reviews.freebsd.org/D17916
Approved by: re (gjb)
tuexen [Thu, 15 Nov 2018 17:25:32 +0000 (17:25 +0000)]
MFC r340361:
Fix printing of 64-bit counters on 32-bit ppc platforms.
Several statistic counters are uint64_t values and are printed by systat
using %lu. This results in displaying wrong numbers. Use PRIu64 instead.
While there, print variables of size_t using %zd.
Approved by: re (gjb@)
Differential Revision: https://reviews.freebsd.org/D17838
gjb [Thu, 15 Nov 2018 16:42:59 +0000 (16:42 +0000)]
MFC r340406:
The roff ascii.gz documentation installed to /usr/share/doc
was removed in r318881 when roff was removed from the base
system.
This results in the doc.txz distribution set containing a
single directory (./) which is empty.
Remove the "Additional documentation" option from the menu
selection of bsdinstall(8), as the plain-text documentation
installed in /usr/share/doc is installed as part of the
packageworld target.
The doc entry has not been removed from EXTRA_DISTRIBUTIONS
in Makefile.inc1, in case its removal triggers an issue with
freebsd-update(8), which is currently aware of the world/doc
component, so the empty doc.txz continues to be created as
a precaution.
Approved by: re (rgrimes)
Sponsored by: The FreeBSD Foundation
kevans [Thu, 15 Nov 2018 16:03:52 +0000 (16:03 +0000)]
MFC r340334: libbe(3): Set canmount properly when activating a new BE
The previously activated BE should have canmount=noauto set on it upon
activation of the new BE, but we previously did not touch canmount on either
old or new BE.
vangyzen [Wed, 14 Nov 2018 21:31:26 +0000 (21:31 +0000)]
MFC r340425 (by cem)
amdsmn(4)/amdtemp(4): Attach to Ryzen 2 hostbridges
As reported, tested, and patch supplied by Johannes.
There may be future work to do to support multiple sensors, but for now, any
sensor at all is a strict improvement for Ryzen 2 systems.
PR: 228480
Submitted by: Johannes Lundberg <johalun0 AT gmail.com> (earlier version)
Reported by: deischen@, Johannes, and numerous others
Early MFC approved by: cem
Approved by: re (kib)
Relnotes: yes
se [Wed, 14 Nov 2018 20:35:04 +0000 (20:35 +0000)]
MFC S340428: Prepare move of ctm from base to a port (misc/ctm) by:
- Adding a note to UPDATING
- Adding a note to the history section of the manpage ctm.1
- Adding a message printed to STDERR to the ctm program
This version is meant for release in FreeBSD-12.0 and should remain in
FreeBSD-12 over its life-time.
A follow-up commit will remove ctm from -CURRENT after the MFC to 12
has happened.
Approved by: re
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D17969
brooks [Mon, 12 Nov 2018 21:51:36 +0000 (21:51 +0000)]
MFC r340302:
Fix freebsd32 mknod(at).
As dev_t is now a 64-bit integer, it requires special handling as a
system call argument. 64-bit arguments are split between two 64-bit
integers due to the way arguments are promoted to allow reuse of most
system call implementations. They must be reassembled before use.
Further, 64-bit arguments at an odd offset (counting from zero) are
padded and slid to the next slot on powerpc and mips. Fix the
non-COMPAT11 system call by adding a freebsd32_mknodat() and
appropriately padded declerations.
The COMPAT11 system calls are fully compatible with the 64-bit
implementations so remove the freebsd32_ versions.
Use uint32_t consistently as the type of the old dev_t. This matches
the old definition.
brooks [Mon, 12 Nov 2018 18:23:51 +0000 (18:23 +0000)]
Regen after r340377: MFC r340272, r340274, r340294
r340272: Make __sysctl follow the freebsd32_foo convention.
r340274: Make freebsd32_umtx_op follow the freebsd32_foo convention.
r340294: Fix a number of bugs in freebsd32's capabilities.conf.
brooks [Mon, 12 Nov 2018 18:21:17 +0000 (18:21 +0000)]
MFC r340272, r340274, r340294
r340272:
Make __sysctl follow the freebsd32_foo convention.
Sponsored by: DARPA, AFRL
r340274:
Make freebsd32_umtx_op follow the freebsd32_foo convention.
Sponsored by: DARPA, AFRL
r340294:
Fix a number of bugs in freebsd32's capabilities.conf.
Bugs range from failure to update after changing syscall implementaion
names to using the wrong name. Somewhat confusingly, the name in
capabilities.conf is exactly the string that appears in syscalls.master,
not the name with a COMPAT* prefix which is the actual function name.
Found while making a change to use the default capabilities.conf.
shurd [Mon, 12 Nov 2018 16:28:07 +0000 (16:28 +0000)]
MFC r340310:
Fix first-packet completion
The first packet after the ring is initialized was never
completed as isc_txd_credits_update() would not include it in the
count of completed packets. This caused netmap to never complete
a batch. See PR 233022 for more details.
PR: 233022
Reported by: lev
Reviewed by: lev
Approved by: re (kib)
Sponsored by: Limelight Networks
Differential Revision: https://reviews.freebsd.org/D17931
shurd [Mon, 12 Nov 2018 16:08:14 +0000 (16:08 +0000)]
MFC r340236:
Fix rxcsum issue introduced in r338838
r338838 attempted to fix issues with rxcsum and rxcsum6.
However, the rxcsum bits were set as though if_setcapenablebit() was
being called, not if_togglecapenable() which is in use. As a result,
it was not possible to disable rxcsum when rxcsum6 was supported.
PR: 233004
Reported by: lev
Reviewed by: lev
Approved by: re (kib)
Sponsored by: Limelight Networks
Differential Revision: https://reviews.freebsd.org/D17881
dteske [Sun, 11 Nov 2018 06:05:28 +0000 (06:05 +0000)]
MFC r339971: Add new rc keywords: enable, disable, delete
This adds new keywords to rc/service to enable/disable a service's
rc.conf(5) variable and "delete" to remove the variable.
When the "service_delete_empty" variable in rc.conf(5) is set to "YES"
(default is "NO") an rc.conf.d file (in /etc/ or /usr/local/etc) is
deleted if empty after modification using "service $foo delete".
hselasky [Sat, 10 Nov 2018 10:30:01 +0000 (10:30 +0000)]
MFC r340212:
Sometimes the complete split packet may be queued too early and the
transaction translator will return a NAK. Ignore this message and
retry the complete split instead.
Approved by: re (kib)
Sponsored by: Mellanox Technologies
MFC r340100:
Do not use bzero() for the O_ICMP6TYPE opcode.
The buffer is already zeroed in compile_rule() function, and also it
may contain configured F_NOT flag in o.len field. This fixes the
filling for "not icmp6types" opcode.
MFC r340175:
Do not print "ip6" keyword in print_icmp6types() for O_ICMP6TYPE opcode.
It produces incompatibility when rules listing is used again to
restore saved ruleset, because "ip6" keyword produces separate opcode.
The kernel already has the check and only IPv6 packets will be checked
for matching.
jhb [Thu, 8 Nov 2018 22:39:38 +0000 (22:39 +0000)]
MFC 340164,340168,340170: Add custom cpu_lock_delay() for x86.
340164:
Add a KPI for the delay while spinning on a spin lock.
Replace a call to DELAY(1) with a new cpu_lock_delay() KPI. Currently
cpu_lock_delay() is defined to DELAY(1) on all platforms. However,
platforms with a DELAY() implementation that uses spin locks should
implement a custom cpu_lock_delay() doesn't use locks.
340168:
Add a delay_tsc() static function for when DELAY() uses the TSC.
This uses slightly simpler logic than the existing code by using the
full 64-bit counter and thus not having to worry about counter
overflow.
340170:
Add a custom implementation of cpu_lock_delay() for x86.
Avoid using DELAY() since it can try to use spin locks on CPUs without
a P-state invariant TSC. For cpu_lock_delay(), always use the TSC if
it exists (even if it is not P-state invariant) to delay for a
microsecond. If the TSC does not exist, read from I/O port 0x84 to
delay instead.
gjb [Thu, 8 Nov 2018 21:58:23 +0000 (21:58 +0000)]
MFC r340260 (emaste):
Avoid buffer underwrite in icmp_error
icmp_error allocates either an mbuf (with pkthdr) or a cluster depending
on the size of data to be quoted in the ICMP reply, but the calculation
failed to account for the additional padding that m_align may apply.
Include the ip header in the size passed to m_align. On 64-bit archs
this will have the net effect of moving everything 4 bytes later in the
mbuf or cluster. This will result in slightly pessimal alignment for
the ICMP data copy.
Also add an assertion that we do not move m_data before the beginning of
the mbuf or cluster.
Approved by: re (kib)
Security: CVE-2018-17156
Sponsored by: The FreeBSD Foundation
tijl [Thu, 8 Nov 2018 19:56:29 +0000 (19:56 +0000)]
MFC r340181, r340185:
On amd64 both Linux compat modules, linux.ko and linux64.ko, provide
linux_ioctl_(un)register_handler that allows other driver modules to
register ioctl handlers. The ioctl syscall implementation in each Linux
compat module iterates over the list of handlers and forwards the call to
the appropriate driver. Because the registration functions have the same
name in each module it is not possible for a driver to support both 32 and
64 bit linux compatibility.
Move the list of ioctl handlers to linux_common.ko so it is shared by
both Linux modules and all drivers receive both 32 and 64 bit ioctl calls
with one registration. These ioctl handlers normally forward the call
to the FreeBSD ioctl handler which can handle both 32 and 64 bit.
Keep the special COMPAT_LINUX32 ioctl handlers in linux.ko in a separate
list for now and let the ioctl syscall iterate over that list first.
Later, COMPAT_LINUX32 support can be added to the 64 bit ioctl handlers
via a runtime check for ILP32 like is done for COMPAT_FREEBSD32 and then
this separate list would disappear again. That is a much bigger effort
however and this commit is meant to be MFCable.
This enables linux64 support in x11/nvidia-driver*.
emaste [Wed, 7 Nov 2018 18:04:19 +0000 (18:04 +0000)]
MFC r340137: rtld: move relro enforcement after ifunc processing
Previously the combination of relro (implicit), -z now and ifunc use
resulted in a segfault when applying ifuncs after relro (test binary
here just calls amd64_get_fsbase()):
des [Wed, 7 Nov 2018 16:22:18 +0000 (16:22 +0000)]
MFH (r339812): add default value for local_unbound_tls
MFH (r339995): run unbound-anchor if root.key is empty (PR 232555)
MFH (r340037): turn off so-reuseport by default
shurd [Tue, 6 Nov 2018 20:46:00 +0000 (20:46 +0000)]
MFC r339861:
Drain grouptaskqueue of the gtask before detaching it.
taskqgroup_detach() would remove the task even if it was running or
enqueued, which could lead to panics (see D17404). With this change,
taskqgroup_detach() drains the task and sets a new flag which prevents the
task from being scheduled again.
I've added grouptask_block() and grouptask_unblock() to allow control
over the flag from other locations as well.
gjb [Mon, 5 Nov 2018 21:28:32 +0000 (21:28 +0000)]
Switch the dvd1.iso pkg(8) configuration to use the quarterly
branch, now that the package sets are now available. This
normally would have been after BETA1, however there were issues
preventing package builds to succeed.
Switch the default pkg(8) repository to the quarterly branch
as well, to prevent 'pkg upgrade' from downgrading packages
as the 12.0-RELEASE cycle progresses.
These changes will be reverted after releng/12.0 is branched.
This is a direct commit to stable/12.
MFC after: 2 weeks
MFC note: fake MFC timeframe as a reminder to revert
Approved by: re (delphij)
Sponsored by: The FreeBSD Foundation
Most easily reproducible by attempting to activate the currently activated
BE, one would get a "not a cloned filesystem" error instead of success or a
sane message.
carpstats are the last virtualised variable in the file and end up at the
end of the vnet_set. The generated code uses an absolute relocation at
one byte beyond the end of the carpstats array. This means the relocation
for the vnet does not happen for carpstats initialisation and as a result
the kernel panics on module load.
This problem has only been observed with carp and only on i386.
We considered various possible solutions including using linker scripts
to add padding to all kernel modules for pcpu and vnet sections.
While the symbols (by chance) stay in the order of appearance in the file
adding an unused non-file-local variable at the end of the file will extend
the size of set_vnet and hence make the absolute relocation for carpstats
work (think of this as a single-module set_vnet padding).
This is a (tmporary) hack. It is the least intrusive one as we need a
timely solution for the upcoming release. We will revisit the problem in
HEAD. For a lot more information and the possible alternate solutions
please see the PR and the references therein.
The previous iteration of try_include attempted to be 'friendly' and error()
out if we hit an error that wasn't ENOENT. This was semi-OK, but fragile as
it relied on pattern matching the error message.
Move the responsibility for handling failure to the caller. Following
a common lua pattern, we'll return the return value of the underlying
require() on success, or false and an error message.
gjb [Wed, 31 Oct 2018 23:54:36 +0000 (23:54 +0000)]
MFC r339873:
Set OPTIONS_UNSET in the argument list to env(1), and add
AVAHI to the list. This fixes the textproc/docproj build
seemingly following FLAVORS being added.
Specifically, the problem with the dependency chain here is:
- textproc/docproj depends on print/cups, which sets AVAHI=on
by default;
- net/avahi-app depends on devel/gobject-introspection, which
requires python3+;
- graphics/netpbm depends on graphics/mesa-libs, which can
only be built with python2.7;
- textproc/docproj depends on a number of graphics ports for
font rendering, etc.
MFC r339875:
Pass _BRANCH in the reldoc target to ensure the correct
src branch is used when generating the hardware.html page.
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation
r339677:
lualoader: unload upon kernel change if a kernel was previously loaded
In the majority of cases, a kernel is not loaded before we hit the menu.
However, if a password is set, we'll trigger autoboot and have loadelf'd
beforehand. We also need to take into account one dropping to the loader
prompt and twiddling with things manually; if they try to toggle through
kernels, we'll assume they mean it.
r339678:
menu.lua: Abort autoboot sequence on failed command
Currently, a timeout in the menu autoboot sequence would effectively do
nothing. We would return from the autoboot handling, then begin processing
the menu without redrawing it.
This change makes the behavior a little more friendly. Returning the user to
the menu can't have any good effects, so abort the autoboot sequence and
drop to the loader prompt.
- Maintain historical behavior more accurately w.r.t verbose_loading;
verbose_loading strictly prints "${module_name...}" and later "failed!"
or "ok" based on load success
- With or without verbose_loading, dump command_errbuf on load failure.
This usually happens prior to ok/failed if we're verbose_loading
r339805:
lualoader: Always return a proper dictionary for blacklist
If module_blacklist isn't specified, we have an empty blacklist; effectively
the same as if module_blacklist="" were specified in loader.conf(5).
This was reported when switching to a BE that predated the module_blacklist
introduction, but the problem is valid all the same and likely to be tripped
over in other scenarios.
glebius [Wed, 31 Oct 2018 18:01:02 +0000 (18:01 +0000)]
MFhead r339596:
If we lost race or were migrated during bucket allocation for the per-CPU
cache, then we put new bucket on generic bucket cache. However, code didn't
honor UMA_ZONE_NOBUCKETCACHE flag, so potentially we could start a cache
on a zone that clearly forbids that. Fix this.
bz [Wed, 31 Oct 2018 14:03:48 +0000 (14:03 +0000)]
MFC r339931,r339933:
As a follow-up to r339930 (r339951 in stable/12) and various reports
implement logging in case we fail during module load because the pcpu
or vnet module sections are full.
We did return a proper error but not leaving any indication to the
user as to what the actual problem was.
Even worse, on 12/13 currently we are seeing an unrelated error (ENOSYS
instead of ENOSPC, which gets skipped over in kern_linker.c) to be
printed which made problem diagnostics even harder.
bz [Wed, 31 Oct 2018 12:50:39 +0000 (12:50 +0000)]
MFC r339930:
With more excessive use of modules, more kernel parts working with
VIMAGE, and feature richness and global state increasing the 8k of
vnet module space are no longer sufficient for people and loading
multiple modules, e.g., pf(4) and ipl(4) or ipsec(4) will fail on
the second module.
Increase the module space to 8 * PAGE_SIZE which should be enough
to hold multiple firewalls, ipsec, multicast (as in the old days was
a problem), epair, carp, and any kind of other vnet enabled modules.
Sadly this is a global byte array part of the vnet_set, so we cannot
dynamically change its size; otherwise a TUNABLE would have been
a better solution.
PR: 228854
Reported by: Ernie Luzar, Marek Zarychta
bz [Wed, 31 Oct 2018 12:05:45 +0000 (12:05 +0000)]
MFC r339586:
In bhyve's fbuf emulation improve the overall "usage" message and
for the vga option, rather than printing the entire option string,
only print vga (as we do for everything else).
MFC r339681:
Allow the bhyve VNC server to listen on IPv6 for incoming connections.
Alternatively to IPv4 address:port this will allow to listen on IPv6
link-local (incl. scope), a specific address, or ::. Addresses have
to be given in RFC2732 format so that [::]:port parsing will work.
This patch also starts to introduce WITH_INET/INET6_SUPPORT to bhyve.
PR: 232018
Submitted by: Dave Rush (northwoodlogic.free gmail.com) (original)
Reviewed by: Dave Rush (updated verison)
delphij [Tue, 30 Oct 2018 15:11:34 +0000 (15:11 +0000)]
Restore backward compatibility for "attach" verb.
In r332361 and r333439, two new parameters were added to geli attach
verb using gctl_get_paraml, which requires the value to be present.
This would prevent old geli(8) binary from attaching geli(4) device
as they have no knowledge about the new parameters.
Restore backward compatibility by treating the absense of these two
values as seeing the default value supplied by userland.
PR: 232595
Reviewed by: oshogbo
Approved by: re (rgrimes)
vmaffione [Tue, 30 Oct 2018 08:36:36 +0000 (08:36 +0000)]
MFC r339639:
netmap: align codebase to the current upstream (sha 8374e1a7e6941)
Changelist:
- Move large parts of VALE code to a new file and header netmap_bdg.[ch].
This is useful to reuse the code within upcoming projects.
- Improvements and bug fixes to pipes and monitors.
- Introduce nm_os_onattach(), nm_os_onenter() and nm_os_onexit() to
handle differences between FreeBSD and Linux.
- Introduce some new helper functions to handle more host rings and fake
rings (netmap_all_rings(), netmap_real_rings(), ...)
- Added new sysctl to enable/disable hw checksum in emulated netmap mode.
- nm_inject: add support for NS_MOREFRAG
np [Tue, 30 Oct 2018 05:04:18 +0000 (05:04 +0000)]
MFC r339626:
cxgbe(4): Use automatic cidx updates with ofld and ctrl queues.
The bits that explicitly request cidx updates do not work reliably with
all possible WRs that can be sent over the queue. The F_FW_WR_EQUIQ
requests that still remain may also have to be replaced with explicit
credit flush WRs in the future.
hselasky [Mon, 29 Oct 2018 13:17:41 +0000 (13:17 +0000)]
MFC r339588:
Resolve deadlock between epoch(9) and various network interface
SX-locks, during if_purgeaddrs(), by not allowing to hold the epoch
read lock over typical network IOCTL code paths. This is a regression
issue after r334305.
hselasky [Mon, 29 Oct 2018 12:08:15 +0000 (12:08 +0000)]
MFC r339587:
Added support for formula-based arbitrary baud rates, in contrast to
the current fixed values, which enables use of rates above 1 Mbps.
Improved the detection of HXD chips, and the status flag handling as
well.
Submitted by: Gabor Simon <gabor.simon75@gmail.com>
PR: 225932
Approved by: re (kib)
Differential revision: https://reviews.freebsd.org/D16639
Sponsored by: Mellanox Technologies
yuripv [Sat, 27 Oct 2018 21:17:01 +0000 (21:17 +0000)]
MFC r339489:
Add -b/-l options to localedef(1) to specify output endianness and use
it appropriately when building share/ctypedef and share/colldef.
This makes the resulting locale data in EL->EB (amd64->powerpc64) cross
build and in the native EB build match. Revert the changes done to libc
in r308170 as they are no longer needed.
jhibbits [Sat, 27 Oct 2018 03:16:32 +0000 (03:16 +0000)]
MFC r339514:
powerpcspe: Implement SPE exception handling
The Signal Processing Engine (SPE) found in Freescale e500 cores (and
others) offloads IEEE-754 compliance (NaN, Inf handling, overflow,
underflow) to software, most likely as a means of simplifying the APU
silicon. Some software, like AbiWord, needs full IEEE-754 compliance,
including NaN handling. Implement the necessary bits to enable it.
brooks [Thu, 25 Oct 2018 17:00:39 +0000 (17:00 +0000)]
MFC r339703:
Deprecate a number of less used 10 and 10/100 Ethernet devices.
The current deprecated list is: ae, bm, cs, de, dme, ed, ep, ex, fe,
pcn, sf, sn, tl, tx, txp, vx, wb, xe
The list was defined as part of FCP-0101. Per the FCP, devices may be
removed from the deprecation list if enough users are found or they are
converted to iflib.
tijl [Thu, 25 Oct 2018 16:01:10 +0000 (16:01 +0000)]
MFC r339618:
Define linuxkpi readq for 64-bit architectures. It is used by drm-kmod.
Currently the compiler picks up the definition in machine/cpufunc.h.
Add compiler memory barriers to read* and write*. The Linux x86
implementation of these functions uses inline asm with "memory" clobber.
The Linux x86 implementation of read_relaxed* and write_relaxed* uses the
same inline asm without "memory" clobber.
Implement ioread* and iowrite* in terms of read* and write* so they also
have memory barriers.
Qualify the addr parameter in write* as volatile.
Like Linux, define macros with the same name as the inline functions.
Only define 64-bit versions on 64-bit architectures because generally
32-bit architectures can't do atomic 64-bit loads and stores.
Regroup the functions a bit and add brief comments explaining what they do:
- __raw_read*, __raw_write*: atomic, no barriers, no byte swapping
- read_relaxed*, write_relaxed*: atomic, no barriers, little-endian
- read*, write*: atomic, with barriers, little-endian
Add a comment that says our implementation of ioread* and iowrite*
only handles MMIO and does not support port IO.