Ravi Pokala [Fri, 19 Jun 2020 05:54:15 +0000 (05:54 +0000)]
MFC r362078:
Decode the "LACP Fast Timeout" LAGG option flag
r286700 added the "lacp_fast_timeout" option to `ifconfig', but we forgot to
include the new option in the string used to decode the option bits. Add
"LACP_FAST_TIMO" to LAGG_OPT_BITS.
Also, s/LAGG_OPT_LACP_TIMEOUT/LAGG_OPT_LACP_FAST_TIMO/g , to be clearer that
the flag indicates "Fast Timeout" mode.
Alexander Motin [Fri, 19 Jun 2020 00:43:44 +0000 (00:43 +0000)]
MFC r361816: Limit AHCI to only one MSI if more is not needed.
My AMD Ryzen system has 4 AHCI controllers, each supporting 16 MSI vectors.
Since two of the controllers have only one SATA port, limit to single MSI
saves system 30 interrupt vectors for free.
It may be possible to also limit number of MSI vectors to 4 and 8 for the
other two controllers, but according to the AHCI specification after that
controllers may revert to only one vector, that would be a bigger loss to
risk.
Emmanuel Vadot [Thu, 18 Jun 2020 23:31:56 +0000 (23:31 +0000)]
MFC r358555, r358799-r358800
r358555:
cpufreq_dt: Improve multiple opp support
When looking for cpu with the same OPP starts from the root /cpus node
so each instance of cpufreq_dt will now each cpu with the same operating
point.
Also test that the node we are testing have the property "device_type" set
to be equal to "cpu".
While here add more debug printfs (off by defaults).
r358799:
cpufreq_dt: Fix r358555
Before skipping the current cpu when trying to find the ones that
have the same opp, record that this one have this opp.
Emmanuel Vadot [Thu, 18 Jun 2020 23:23:21 +0000 (23:23 +0000)]
MFC r356888, r356891
r356888:
arm: allwinner: Fix padconf for interrupts information
Add a eint_bank member to the allwinner_pins structure.
On Allwinner SoCs not all pins can do interrupt.
Older SoC (A10/A13 and A20) there is a maximum number of interrupts
set to 32 and all the configuration is done in the same registers.
While on "newer" SoCs (>=A31) interrupts registers are splitted per
pin bank (i.e. all interrupts available in bank B will be configured
with a sets of registers and the one in bank G in another set).
While here set the names to all interrupts function to
pX_eintY where X is the bank name and Y the interrupt number.
To whom ever in the future look at the H5 manual and notice that the bank F
have interrupts support : This isn't true, trust me.
r356891:
arm: allwinner: Add GPIO Interrupt support
Not all pins in Allwinner have interrupts support so we rely
on the padconf data to add the proper caps when pin_getcaps is called.
The pin is switch to the specific "eint" function during setup_intr and
switched back to its old function in teardown_intr.
Only INTR_MAP_DATA_GPIO is supported for now.
This is needed when the driver is compiled into the kernel.
When compiled as a module this will be called from another
code path as we also depend on ofw_spibus.
r356609:
twsi: Rework how we handle the i2c messages
We use to handle each message separately in i2c_transfer but that cannot
work with message with NOSTOP as it confuses the controller that we disable
the interrupts and start a new message.
Handle every message in the interrupt handler and fire a new start condition
if the previous message have NOSTOP, the controller understand this as a
repeated start.
This fixes booting on Allwinner A10/A20 platform where before the i2c controller
used to write 0 to the PMIC register that control the regulators as it though that
this was the continuation of the write message.
Tested on: A20 BananaPi, Cubieboard 1 (kevans)
Reported by: kevans
This overlays can be used on A64 board to use spigen and spi(8)
on the spi0 pins.
Tested On: Pine64-LTS, A64-Olinuxino
Submitted by: Gary Otten <gdotten@gmail.com>
r356798:
axp8xx: Add missing voltage regulators offset
This lead to writing the desired voltage value to the wrong register.
r356799:
axp8xx: Add a regnode_init method
This method will set the desired voltaged based on values in the DTS.
It will not enable the regulator, this is the job of either a consumer
or regnode_set_constraint SYSINIT if the regulator is boot_on or always_on.
r356800:
arm: allwinner: Add support for bank supply
Each GPIO bank is powered by a different pin and so can be powered at different
voltage from different regulators.
Add a new config that now hold the pinmux data and the banks available on each
SoCs.
Since the aw_gpio driver being also the pinmux one it's attached before the PMIC
so add a config_intrhook_oneshot function that will enable the needed regulators
when the system is fully functional.
r356802:
arm: allwinner: ahci: target-supply is optional
The target-supply regulator is optional so don't fail if it's not present.
While here disable the clock on detach.
Emmanuel Vadot [Thu, 18 Jun 2020 23:18:47 +0000 (23:18 +0000)]
MFC r353528-r353529
r353528:
arm64: allwinner: Add Allwinner H6 Support
This adds support for H6 SoC.
Add a CCU driver for H6 that support all PLLs and most of the clocks
that we are intersted in for now (i2c, mmc, usb, etc ...)
r349584:
Since r349571 we need all the accessor to be present for set or get
otherwise we panic.
dwmmc don't handle VCCQ (voltage for the IO line of the SD/eMMC) or
TIMING.
Add the needed accessor in the {read,write}_ivar functions.
Reviewed by: imp (previous version)
r349728 by imp:
Implement missing MMCBR ivars
All MMCBR bridges have to implement all the MMCBR variables. This
implements them for everybody that currently doesn't.
A common routine for this should be written.
r349731 by imp:
Fix cut-and-pasto that slipped through my testing.
r350440 by br:
Add support for the SD/MMC controller found in Terasic DE10-Pro
(an Intel Stratix 10 GX/SX FPGA Development Kit).
Set the bus speed manually due to lack of clock management support.
Sponsored by: DARPA, AFRL
r350443 by br:
Fix MMCCAM kernel build.
Sponsored by: DARPA, AFRL
r351185 by mmel:
Enhance support of extres in dwmmc driver.
Handle all clocks, regulators and resets defined by dwmmc bindings.
r353493 by br:
Fix the driver attachment in cases when the external resource devices
(resets, regulators, clocks) are not available.
Rely on a system initialization done by a bootloader in that cases.
This fixes operation on Terasic DE10-Pro (an Intel Stratix 10
development kit).
Sponsored by: DARPA, AFRL
r353575 by br:
Fix dwmmc(4) driver attachment when ext_resources are not present.
Ignore only ENOENT (no DTS properties found) and ENODEV (driver not
present) non-zero return values from ext_resources.
Reviewed by: manu
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D22043
r355625:
dwmmc: Add a detach method
This method will disable the regulators, clocks and assert the reset of
the module. It will also detach it's children (the mmc device) and release
it's resources.
While here enable the regulators on attach as we need them to power up
the sdcard or emmc.
r355627:
dwmmc: Handle the card detect interrupt
The driver used to always add the mmc device as it's child even
it no card was detected. Add a function that will detect if the
card is present or not and that will attach/detach the mmc device.
The function is either call on attach (as we won't have the interrupt
fired) or from two taskqueues. The first taskqueue will directly call
the function when the sdcard was present and is now removed and the other
one will delay a bit the attach when we didn't had a card and now have one.
This is mostly based on comments from the sdhci driver where it describe
a situation when the CD pin is detected before the others pins are connected.
r355629:
dwmmc: Use device_delete_children
Instead of first detaching the children(s) and then delete them,
use the device_delete_children function that does all of that.
Suggested by: ian
r356813:
dwmmc: Remove max_hz from the softc
We never use it so directly set the value to the mmc host structure.
MFC r352925: xen/ctrl: acknowledge all control requests
MFC r357616: xen/console: fix priority of Xen console
MFC r361274: dev/xenstore: fix return with locks held
Note this should be dev/evtchn not dev/xenstore.
MFC r361578: xenpv: do not use low 1MB for Xen mappings on i386
MFC r361580: xen/control: short circuit xctrl_on_watch_event on spurious event
Those are all Xen related fixes or minor improvements that have been sitting on
current for a reasonable time without complaints.
MFC r361828:
Ensure pci_channel_offline() actually queries the PCI register space,
and not only the software cache of that register. Else
pci_channel_offline() won't detect that the PCI device is gone when
using the LinuxKPI.
This function returns NULL if the ring identified by
queue id and direction is in netmap mode. Otherwise
return the corresponding kring.
Use this function to replace vtnet_netmap_queue_on().
If execve fails with ENOEXEC, execvp is expected to rebuild the command
with /bin/sh instead and try again.
The previous version did this, but overlooked two details:
argv[0] can conceivably be NULL, in which case memp would never get
terminated. We must allocate no less than three * sizeof(char *) so we can
properly terminate at all times. For the non-NULL argv standard case, we
count all the non-NULL elements and actually skip the first argument, so we
end up capturing the NULL terminator in our bcopy().
The second detail is that the spec is actually worded such that we should
have been preserving argv[0] as passed to execvp:
"[...] executed command shall be as if the process invoked the sh utility
using execl() as follows:
where <shell path> is an unspecified pathname for the sh utility, file is
the process image file, and for execvp(), where arg0, arg1, and so on
correspond to the values passed to execvp() in argv[0], argv[1], and so on."
So we make this change at this time as well, while we're already touching
it. We decidedly can't preserve a NULL argv[0] as this would be incredibly,
incredibly fragile, so we retain our legacy behavior of using "sh" for
argv[] in this specific instance.
Some light tests are added to try and detect some components of handling the
ENOEXEC fallback; posix_spawnp_enoexec_fallback_null_argv0 is likely not
100% reliable, but it at least won't raise false-alarms and it did result in
useful failures with pre-change libc on my machine.
This is a secondary change in D25038.
r361996:
execvPe: obviate the need for potentially large stack allocations
Some environments in which execvPe may be called have a limited amount of
stack available. Currently, it avoidably allocates a segment on the stack
large enough to hold PATH so that it may be mutated and use strsep() for
easy parsing. This logic is now rewritten to just operate on the immutable
string passed in and do the necessary math to extract individual paths,
since it will be copying out those segments to another buffer anyways and
piecing them together with the name for a full path.
Additional size is also needed for the stack in posix_spawnp(), because it
may need to push all of argv to the stack and rebuild the command with sh in
front of it. We'll make sure it's properly aligned for the new thread, but
future work should likely make rfork_thread a little easier to use by
ensuring proper alignment.
Some trivial cleanup has been done with a couple of error writes, moving
strings into char arrays for use with the less fragile sizeof().
r361999:
Add missing shell script from r361995
r362111:
posix_spawn: fix for some custom allocator setups
libc cannot assume that aligned_alloc and free come from jemalloc, or that
any application providing its own malloc and free is actually providing
aligned_alloc.
Switch back to malloc and just make sure we're passing a properly aligned
stack into rfork_thread, as an application perhaps can't reasonably replace
just malloc or just free without headaches.
This unbreaks ksh93 after r361996, which provides malloc/free but no
aligned_alloc.
r347929:
pci: ecam: Do not warn on mismatch of bus_end
We cannot know the bus end number before parsing the MCFG table
so don't set the bus_end before that. If the MCFG table doesn't
exist we will set the configuration base address based on the _CBA
value and set the bus_end to the maximal number allowed by PCI.
Emmanuel Vadot [Tue, 16 Jun 2020 20:22:56 +0000 (20:22 +0000)]
MFC r346332:
ofw_graph: Add functions for graph bindings
Those functions are helpers to work on graph bindings.
graphs are mostly use with video related devices.
See https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/devicetree/bindings/graph.txt?id=4436a3711e3249840e0679e92d3c951bcaf25515
Kyle Evans [Tue, 16 Jun 2020 12:21:55 +0000 (12:21 +0000)]
MFC r361977: libusb: improve compatibility
Specifically, add LIBUSB_CLASS_PHYSICAL and the libusb_has_capability API.
Descriptions and functionality for these derived from the
documentation at [0]. The current set of capabilities are all supported by
libusb.
These were detected as missing after updating net/freerdp to 2.1.1, which
attempted to use both.
[evdev] Add AT translated set1 scancodes for F-unlocked F1-12 keys.
"F lock" is a switch between two sets of scancodes for function keys F1-F12
found on some Logitech and Microsoft PS/2 keyboards [1]. When "F lock" is
pressed, then F1-F12 act as function keys and produce usual keyscans for
these keys. When "F lock" is depressed, F1-F12 produced the same keyscans
but prefixed with E0.
Some laptops use [2] E0-prefixed F1-F12 scancodes for non-standard keys.
CVE-2020-11655: SQLite through 3.31.1 allows attackers to cause a denial of
service (segmentation fault) via a malformed window-function query because
the AggInfo object's initialization is mishandled.
CVE-2020-13434: SQLite through 3.32.0 has an integer overflow in
sqlite3_str_vappendf in printf.c.
CVE-2020-13435: SQLite through 3.32.0 has a segmentation fault in
sqlite3ExprCodeTarget in expr.c.
CVE-2020-13630: ext/fts3/fts3.c in SQLite before 3.32.0 has a
use-after-free in fts3EvalNextRow, related to the snippet feature
CVE-2020-13631: SQLite before 3.32.0 allows a virtual table to be renamed
to the name of one of its shadow tables, related to alter.c and build.c.
CVE-2020-13632: ext/fts3/fts3_snippet.c in SQLite before 3.32.0 ha s a
NULL pointer dereference via a crafted matchinfo() query.
Dimitry Andric [Sun, 14 Jun 2020 17:36:43 +0000 (17:36 +0000)]
Update Subversion and dependencies to 1.14.0 LTS.
MFC r344438 (by emaste):
svn: support building with WITH_PIE
Subversion builds and links against its own .a archives using local
rules, so did not benefit from with the WITH_PIE library support added
in r344179. Apply the same _pie suffix locally.
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D19246
MFC r352156 (by imp):
Remove directory empty after r266735
MFC r357299 (by cem):
contrib/apr: Remove scope leak UB
In apr_vformatter, the variable buf was declared inside a limited scope
region, but a pointer to it is leaked outside of that region and used
later. This is undefined behavior. Fix by moving the buf variable to
function scope.
contrib/apr: Rip out bogus [CS]PRNG implementation
This construction used some relatively slow design involving SHA2; even if
it were fed real entropy (unclear; external to the design), it did not
handle fork in a safe way, and it was difficult to audit for correctness.
So just rip it out and use the very simple and known-correct arc4random(3)
interface in its place.
MFC r361677:
Change Makefiles under usr.bin/svn to make them easier to incrementally
update. No functional change intended.
MFC r361678:
Update apr to 1.7.0. See contrib/apr/CHANGES for a summary of changes.
MFC r361681:
Change more Makefiles under usr.bin/svn to make them easier to
incrementally update. No functional change intended.
MFC r361684 (by kevans):
apr: build some needed emulated 64-bit atomic bits after r361678
This should fix the build on armv{6,7}, mips, and mips64, which all need
emulated 64-bit atomics for apr.
MFC r361691:
Follow-up r361678 (update apr to 1.7.0) by also regenerating the apr
internal headers through the upstream configure script, with some minor
custom tweaks.
MFC r361692:
Update apr-util to 1.6.1. See contrib/apr-util/CHANGES for a summary of
changes.
MFC r361693:
Update Subversion to 1.14.0 LTS. See contrib/subversion/CHANGES for a
summary of changes, or for a more thorough overview:
Martin Matuska [Fri, 12 Jun 2020 22:59:59 +0000 (22:59 +0000)]
MFC r361294:
Update libarchive to 3.4.3
Relevant vendor changes:
PR #1352: support negative zstd compression levels
PR #1359: improve zstd version checking
PR #1348: support RHT.security.selinux from GNU tar
PR #1357: support for archives compressed with pzstd
PR #1367: fix issues in acl tests
PR #1372: child handling cleanup
PR #1378: fix memory leak from passphrase callback
Alan Somers [Fri, 12 Jun 2020 20:39:42 +0000 (20:39 +0000)]
MFC r361562:
geli: fix a livelock during panic
During any kind of shutdown, kern_reboot calls geli's pre_sync event hook,
which tries to destroy all unused geli devices. But during a panic, geli
can't destroy any devices, because the scheduler is stopped, so it can't
switch threads. A livelock results, and the system never dumps core.
This commit fixes the problem by refusing to destroy any devices during
panic, used or otherwise.
Alan Somers [Fri, 12 Jun 2020 20:32:26 +0000 (20:32 +0000)]
MFC r361401:
Fix issues with FUSE_ACCESS when default_permissions is disabled
This patch fixes two issues relating to FUSE_ACCESS when the
default_permissions mount option is disabled:
* VOP_ACCESS() calls with VADMIN set should never be sent to a fuse server
in the form of FUSE_ACCESS operations. The FUSE protocol has no equivalent
of VADMIN, so we must evaluate such things kernel-side, regardless of the
default_permissions setting.
* The FUSE protocol only requires FUSE_ACCESS to be sent for two purposes:
for the access(2) syscall and to check directory permissions for
searchability during lookup. FreeBSD sends it much more frequently, due to
differences between our VFS and Linux's, for which FUSE was designed. But
this patch does eliminate several cases not required by the FUSE protocol:
* for any FUSE_*XATTR operation
* when creating a new file
* when deleting a file
* when setting timestamps, such as by utimensat(2).
* Additionally, when default_permissions is disabled, this patch removes one
FUSE_GETATTR operation when deleting a file.
PR: 245689
Reported by: MooseFS FreeBSD Team <freebsd@moosefs.pro>
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D24777
Alan Somers [Fri, 12 Jun 2020 20:27:37 +0000 (20:27 +0000)]
MFC r361399:
Disable nullfs cacheing on top of fusefs
Nullfs cacheing can keep a large number of vnodes active. That results in
more active FUSE file handles, causing some FUSE servers to use extra
resources. Disable nullfs cacheing for fusefs, just like we already do for
NFSv4.
PR: 245688
Reported by: MooseFS FreeBSD Team <freebsd@moosefs.pro>
Alan Somers [Fri, 12 Jun 2020 20:11:25 +0000 (20:11 +0000)]
MFC r361223:
fusefs: fix intermittency in some ENOENT tests
When a FUSE operation other than LOOKUP returns ENOENT, the kernel will
reclaim that vnode, resuling in a FUSE_FORGET being sent a short while
later. Many of the ENOENT tests weren't expecting those FUSE_FORGET
operations. They usually passed by luck since FUSE_FORGET is often delayed.
This commit adds appropriate expectations.
Alexander Motin [Fri, 12 Jun 2020 15:37:55 +0000 (15:37 +0000)]
MFC r351516: Announce PCI Segment Groups supported to PCI host _OSC.
According to ACPI 6.3 specification:
The OS sets this bit to 1 if it supports PCI Segment Groups as defined
by the _SEG object, and access to the configuration space of devices
in PCI Segment Groups as described by this specification. Otherwise,
the OS sets this bit to 0.
As far as I see we support both of those as PCI domains for quite a while.
Make ext2fs compatible with changes introduced in e2fsprogs v1.45.2.
Now the tail of inode bitmap is filled with 0xff pattern explicitly during
bitmap initialization phase to avoid e2fsck error like:
"Padding at end of inode bitmap is not set."
Andriy Gapon [Fri, 12 Jun 2020 07:25:40 +0000 (07:25 +0000)]
MFC r361621: do not enable pci bridge decoding on resume until I/O windows are restored
PCI bus driver restores most but not all of a child PCI-PCI bridge
configuration. The bridge's I/O windows are restored by pcib driver and
that happens later in time. This can be problematic because the Command
register is restored before the windows are restored. If the firmware
programs the windows incorrectly or even does not program them at all,
then the bridge can start claiming I/O cycles that are not intended for
it. This will continue until the correct windows are restored.
I have observed this problem with a buggy BIOS where after resuming from
S3 an I/O port window of a PCI-PCI bridge was configured with zero base
and limit causing the bridge to claim 0x0 - 0xFFF port range. That
interfered with ACPI port access including ACPI PM Timer at port 0x808,
thus wreaking havoc in the time keeping.
The solution is to restore the Command register of PCI-PCI bridges after
the windows are restored in pcib driver. While here, I decided that for
other PCI device types (normal and cardbus) it's better to restore the
Command register after their BARs are restored.
Andriy Gapon [Fri, 12 Jun 2020 07:23:27 +0000 (07:23 +0000)]
MFC r361620: corefile_open_last: don't keep a locked vnode while locking other ones
Consider this scenario:
- kern.corefile=/var/coredumps/%N.%U.%I.core
- multiple processes with the same name crash at the same time
It's possible that one process selects existing file N as oldvp while it
keeps looking for an unused file number. Another process scans through
files and stumbles upon N. That process would be blocked on the vnode
lock while holding the directory vnode exclusively locked. The first
process would, thus, get blocked on the directory's vnode lock.
More generally, holding a file's vnode lock (oldvp) while trying to lock
its directory (for the next lookup) is a violation of the vnode locking
order.
I have observed this deadlock in the wild.
So, the change to keep oldvp "opened" but unlocked and to lock it again
only if it's to be returned as the result.
As kib noted, an alternative would be to keep the directory locked and
to use VOP_LOOKUP directly for scanning through existing core files.
Cy Schubert [Fri, 12 Jun 2020 01:03:51 +0000 (01:03 +0000)]
MFC r361957-r361960
r361957:
MFV r361936:
Upstream commit message:
[PATCH 1/3] WPS UPnP: Do not allow event subscriptions with URLs to
other networks
The UPnP Device Architecture 2.0 specification errata ("UDA errata
16-04-2020.docx") addresses a problem with notifications being allowed
to go out to other domains by disallowing such cases. Do such filtering
for the notification callback URLs to avoid undesired connections to
external networks based on subscriptions that any device in the local
network could request when WPS support for external registrars is
enabled (the upnp_iface parameter in hostapd configuration).
Obtained from: https://w1.fi/security/2020-1/\
0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
Security: VU#339275 and CVE-2020-12695
r361958:
MFV r361937:
Upstream commit message:
[PATCH 2/3] WPS UPnP: Fix event message generation using a long URL path
More than about 700 character URL ended up overflowing the wpabuf used
for building the event notification and this resulted in the wpabuf
buffer overflow checks terminating the hostapd process. Fix this by
allocating the buffer to be large enough to contain the full URL path.
However, since that around 700 character limit has been the practical
limit for more than ten years, start explicitly enforcing that as the
limit or the callback URLs since any longer ones had not worked before
and there is no need to enable them now either.
Obtained from: https://w1.fi/security/2020-1/\
0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
Security: VU#339275 and CVE-2020-12695
r361959:
MFV r361938:
Upstream commit message:
[PATCH 3/3] WPS UPnP: Handle HTTP initiation failures for events more
properly
While it is appropriate to try to retransmit the event to another
callback URL on a failure to initiate the HTTP client connection, there
is no point in trying the exact same operation multiple times in a row.
Replve the event_retry() calls with event_addr_failure() for these cases
to avoid busy loops trying to repeat the same failing operation.
These potential busy loops would go through eloop callbacks, so the
process is not completely stuck on handling them, but unnecessary CPU
would be used to process the continues retries that will keep failing
for the same reason.
Obtained from: https://w1.fi/security/2020-1/\
0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
Security: VU#339275 and CVE-2020-12695
Eric Joyner [Fri, 12 Jun 2020 00:42:05 +0000 (00:42 +0000)]
MFC r361805: em(4): Add support for Comet Lake Mobile Platform
This change introduces Comet Lake Mobile Platform support in the e1000
driver along with shared code patches described below.
- Cast return value of e1000_ltr2ns() to higher type to avoid overflow
- Remove useless statement of assigning act_offset
- Add initialization of identification LED
- Fix flow control setup after connected standby:
After connected standby the driver blocks resets during
"AdapterStart" and skips flow control setup. This change adds
condition in e1000_setup_link_ich8lan() to always setup flow control
and to setup physical interface only when there is no need to block
resets.
Kristof Provost [Thu, 11 Jun 2020 16:51:13 +0000 (16:51 +0000)]
MFC r357061:
pf: Apply kif flags to new group members
If we have a 'set skip on <ifgroup>' rule this flag it set on the group
kif, but must also be set on all members. pfctl does this when the rules
are set, but if groups are added afterwards we must also apply the flags
to the new member. If not, new group members will not be skipped until
the rules are reloaded.
Andriy Gapon [Thu, 11 Jun 2020 05:28:08 +0000 (05:28 +0000)]
MFC r361788: superio: do not assume that current LDN cannot change after config exit
That assumption should be true when superio(4) uses the hardware
exlusively. But it turns out to not hold on some real systems.
So, err on the side of correctness rather than performance.
Clear current_ldn in sio_conf_exit.
Andriy Gapon [Thu, 11 Jun 2020 05:26:23 +0000 (05:26 +0000)]
MFC r361787: ifconfig.8: fix cpability and flag descriptions for list scan / sta
Some capability descriptions under list scan actually described flags.
Some capability descriptions were missing.
Some flag descriptions under list sta actually described capabilites.
This change prevents a race that happens when rxsync dequeues
N-1 rx packets (with N being the size of the netmap rx ring).
In this situation, the loop exits without re-enabling the
rx interrupts, thus causing the VQ to stall.
netmap: vtnet: add vtnrx_nm_refill index to receive queues
The new index tracks the next netmap slot that is going
to be enqueued into the virtqueue. The index is necessary
to prevent the receive VQ and the netmap rx ring from going
out of sync, considering that we never enqueue N slots, but
at most N-1. This change fixes a bug that causes the VQ
and the netmap ring to go out of sync after N-1 packets
have been received.
The netmap_rx_irq() function normally wakes up user-space threads
waiting for more packets. In this case, it is not necessary to
call it under the driver queue lock. However, if the interface is
attached to a VALE switch, netmap_rx_irq() ends up calling rxsync
on the interface (see netmap_bwrap_intr_notify()). Although
concurrent rxsyncs are serialized through the kring lock
(see nm_kr_tryget()), the lock acquire operation is not blocking.
As a result, it may happen that netmap_rx_irq() is called on
an RX ring while another instance is running, causing the
second call to fail, and received packets stall in the receive VQ.
We fix this issue by calling netmap_irx_irq() under the VQ lock.
The netmap_rx_irq() function may return NM_IRQ_RESCHED to inform the
driver that more work is pending, and that netmap expects netmap_rx_irq()
to be called again as soon as possible.
This change implements this behaviour in the vtnet driver.
netmap assumes the one "slot" is left unused to distinguish
the empty ring and full ring conditions. This assumption was
violated by vtnet_netmap_rxq_populate().
The vtnet_netmap_rxq_populate() function erroneously assumed
that kring->nr_hwcur = 0, i.e. the kring was in the initial
state. However, this is not always the case: for example,
when a vtnet reinit is triggered by some changes in the
interface flags or capenable.
This patch changes the behaviour of vtnet_netmap_kring_refill()
so that it always starts publishing the netmap buffers starting
from the current value of kring->nr_hwcur.
MFC r361749:
Add if_reassign method to all tunneling interfaces.
After r339550 tunneling interfaces have started handle appearing and
disappearing of ingress IP address on the host system.
When such interfaces are moving into VNET jail, they lose ability to
properly handle ifaddr_event_ext event. And this leads to need to
reconfigure tunnel to make it working again.
Since moving an interface into VNET jail leads to removing of all IP
addresses, it looks consistent, that tunnel configuration should also
be cleared. This is what will do if_reassign method.
Ryan Moeller [Wed, 10 Jun 2020 03:57:10 +0000 (03:57 +0000)]
MFC r361748:
tmpfs: Preserve alignment of struct fid fields
On 64-bit platforms, the two short fields in `struct tmpfs_fid` are padded to
the 64-bit alignment of the long field. This pushes the offsets of the
subsequent fields by 4 bytes and makes `struct tmpfs_fid` bigger than
`struct fid`. `tmpfs_vptofh()` casts a `struct fid *` to `struct tmpfs_fid *`,
causing 4 bytes of adjacent memory to be overwritten when the struct fields are
set. Through several layers of indirection and embedded structs, the adjacent
memory for one particular call to `tmpfs_vptofh()` happens to be the stack
canary for `nfsrvd_compound()`. Half of the canary ends up being clobbered,
going unnoticed until eventually the stack check fails when `nfsrvd_compound()`
returns and a panic is triggered.
Instead of duplicating fields of `struct fid` in `struct tmpfs_fid`, narrow the
struct to cover only the unique fields for tmpfs and assert at compile time
that the struct fits in the allotted space. This way we don't have to
replicate the offsets of `struct fid` fields, we just use them directly.
Alexander Motin [Tue, 9 Jun 2020 02:03:30 +0000 (02:03 +0000)]
MFC r361630: Remove session locking from cfiscsi_pdu_update_cmdsn().
cs_cmdsn can be incremented with single atomic. expcmdsn/maxcmdsn set in
cfiscsi_pdu_prepare() based on cs_cmdsn are not required to be updated
synchronously, only monotonically, that is achieved with lock there.
Alexander Motin [Tue, 9 Jun 2020 02:01:09 +0000 (02:01 +0000)]
MFC r361616: Move EXPDATASN/R2TSN from PDU to CTL_PRIV_FRONTEND.
We any way have per-I/O space in CTL_PRIV_FRONTEND, while for PDU private
fields I have better use ideas. Plus to me such use of PDU fields looked
a layering violation.
I don't see a point to copy io->scsiio.kern_total_len into the request
PDU private field. The io is going to stay with us till the end, and
kern_total_len field is not changed after being first initialized.
MFC r361827:
USB HID descriptors may push/pop the current state to allow
description of items residing in a so-called union. FreeBSD currently
only supports 4 such push levels.
If the push level is not restored within the processing of the same
HID item, an invalid memory location may be used for subsequent HID
item processing.
Verify that the push level is always valid when processing HID items.
Reported by: Andy Nguyen (Google)
Sponsored by: Mellanox Technologies
MFC r361581:
Implement helper function, usbd_get_max_frame_length(), which allows kernel
device drivers to correctly predict the default USB transfer frame length.
[rpi] Inherit framebuffer BPP value from the VideoCore firmware
Instead of using hardcoded bpp of 24, obtain current/configured value
from VideoCore. This solves certain problems with Xorg/Qt apps that
require bpp of 32 to work properly. The mode can be forced by setting
framebuffer_depth value in config.txt