pfg [Thu, 23 May 2013 16:39:42 +0000 (16:39 +0000)]
MFC r250823:
grep: change some int types.
Change several int variables to size_t, ssize_t, or ptrdiff_t.
This should fix the bug described in CVE-2012-5667 when an input
line is so long that its length cannot be stored in an int
variable.
jamie [Wed, 22 May 2013 18:26:12 +0000 (18:26 +0000)]
MFC r250804:
Refine the "nojail" rc keyword, adding "nojailvnet" for files that don't
apply to most jails but do apply to vnet jails. This includes adding
a new sysctl "security.jail.vnet" to identify vnet jails.
scottl [Wed, 22 May 2013 08:44:21 +0000 (08:44 +0000)]
MFC r250327
Add a sysctl vfs.read_min to complement the exiting vfs.read_max. It
defaults to 1, meaning that it's off.
When read-ahead is enabled on a file, the vfs cluster code deliberately
breaks a read into 2 I/O transactions; one to satisfy the actual read,
and one to perform read-ahead. This makes sense in low-latency
circumstances, but often produces unbalanced i/o transactions that
penalize disks. By setting vfs.read_min, we can tell the algorithm to
fetch a larger transaction that what we asked for, achieving the same
effect as the read-ahead but without the doubled, unbalanced transaction
and the slightly lower latency. This significantly helps our workloads
with video streaming.
delphij [Wed, 22 May 2013 00:31:33 +0000 (00:31 +0000)]
MFC r250374:
According to the documentation, on Linux, cancel_delayed_work() does not
do drain (flush_workqueue() in Linux terms) but instead returns true if
the work was removed before it is run, or false otherwise.
Simulate this by removing the taskqueue_drain() and return the value
derived from taskqueue_cancel()'s return value.
This would solve a witness warning caused by calling taskqueue_drain()
with a non-sleepable lock held, like:
taskqueue_drain with the following non-sleepable locks held:
exclusive rw lle (lle) r = 0 (0xfffffe001450b410) locked @
/usr/src/sys/netinet/in.c:1484
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xffffff848d4f7690
kdb_backtrace() at kdb_backtrace+0x39/frame 0xffffff848d4f7740
witness_warn() at witness_warn+0x4a8/frame 0xffffff848d4f7800
taskqueue_drain() at taskqueue_drain+0x3a/frame 0xffffff848d4f7840
set_timeout() at set_timeout+0x4a/frame 0xffffff848d4f7860
netevent_callback() at netevent_callback+0x16/frame 0xffffff848d4f7870
arpintr() at arpintr+0x9b5/frame 0xffffff848d4f7930
This do not affect kernel without OFED compiled in.
Reported by: Garrett Cooper <yaneurabeya gmail com>
Use procstat_getprocs(3) for retrieving thread information instead of
direct sysctl calls.
r249669:
Use more generic procstat_getvmmap(3) for retrieving VM layout of a process.
r249671:
Use procstat_getgroups(3) for retrieving groups information instead of
direct sysctl.
r249673:
Use procstat_getumask(3) for retrieving umaks information instead of
direct sysctl.
r249675:
Use procstat_getrlimit(3) for retrieving rlimit information instead of
direct sysctl calls.
r249678:
Use libprocstat(3) when retrieving binary information for a process.
r249680:
Use libprocstat(3) to retrieve process command line arguments and
environment variables.
r249683:
Use libprocstat(3) to retrieve ELF auxiliary vector.
r249685:
Use procstat_getkstack(3) for retrieving process kernel stacks
instead of direct sysctl calls.
r249686:
Make use of newly added libprocstat(3) ability to extract procstat
info from a process core file.
So now one can run procstat(1) on a process core e.g. to get a list of
files opened by a process when it crashed:
root@lisa:/ # procstat -f /root/vi.core
PID COMM FD T V FLAGS REF OFFSET PRO NAME
658 vi text v r r-------- - - - /usr/bin/vi
658 vi ctty v c rw------- - - - /dev/pts/0
658 vi cwd v d r-------- - - - /root
658 vi root v d r-------- - - - /
658 vi 0 v c rw------- 11 3208 - /dev/pts/0
658 vi 1 v c rw------- 11 3208 - /dev/pts/0
658 vi 2 v c rw------- 11 3208 - /dev/pts/0
658 vi 3 v r r----n-l- 1 0 - /tmp/vi.0AYKz3Lps7
658 vi 4 v r rw------- 1 0 - /var/tmp/vi.recover/vi.GaGYsz
658 vi 5 v r rw------- 1 0 - -
pfg [Mon, 20 May 2013 02:34:45 +0000 (02:34 +0000)]
grep: change some int types.
Change several int variables to size_t, ssize_t, or ptrdiff_t.
This should fix the bug described in CVE-2012-5667 when an input
line is so long that its length cannot be stored in an int
variable.
This is based on NetBSD's revision which says:
This change to NetBSD's version of GNU grep 2.5.1 (licenced under
GPLv2) was made without direct reference to any code licenced
under GPLv3.
nwhitehorn [Sun, 19 May 2013 01:52:39 +0000 (01:52 +0000)]
MFC r250290:
Only check fan type once. Not only is continuously rechecking pointless, a
single random failure can reprogram what control mechanism we try to use.
mav [Sat, 18 May 2013 13:19:31 +0000 (13:19 +0000)]
MFC r249625:
Introduce kern.timecounter.smp_tsc_adjust tunable (disabled by default) and
respective functionality, allowing to synchronize TSC on APs to match BSP's
during boot. It may be unsafe in general case due to theoretical chance of
later drift if CPUs are using different clock rate or source, but it allows
to use TSC in some cases when difference caused by some initialization bug,
while TSCs are known to increment synchronously.
melifaro [Sat, 18 May 2013 05:48:46 +0000 (05:48 +0000)]
MFC r248552, r248971
Add ipfw support for setting/matching DiffServ codepoints (DSCP).
Setting DSCP support is done via O_SETDSCP which works for both
IPv4 and IPv6 packets. Fast checksum recalculation (RFC 1624) is done for IPv4.
Dscp can be specified by name (AFXY, CSX, BE, EF), by value
(0..63) or via tablearg.
Matching DSCP is done via another opcode (O_DSCP) which accepts several
classes at once (af11,af22,be). Classes are stored in bitmask (2 u32 words).
Many people made their variants of this patch, the ones I'm aware of are
(in alphabetic order):
trociny [Fri, 17 May 2013 20:12:56 +0000 (20:12 +0000)]
MFC r249558, r250145:
r249558:
Add a new set of notes to a process core dump to store procstat data.
The notes format is a header of sizeof(int), which stores the size of
the corresponding data structure to provide some versioning, and data
in the format as it is returned by a related sysctl call.
The userland tools (procstat(1)) will be taught to extract this data,
providing additional info for postmortem analysis.
jilles [Thu, 16 May 2013 20:34:21 +0000 (20:34 +0000)]
MFC r250412: posix_spawn_file_actions_addopen(3): Correct error for bad file
descriptor.
As per POSIX.1-2008, posix_spawn_file_actions_add* return [EBADF] if a file
descriptor is negative, not [EINVAL]. The bug was only in the manual page;
the code is correct.
kib [Thu, 16 May 2013 06:19:29 +0000 (06:19 +0000)]
MFC r250193:
Do a sync of the devvp vnode for the mount, which buffers, among other
things, contain FAT blocks. This makes fsync(2) for msdosfs more correct
by syncing the metadata needed to read the synced data.
rmacklem [Thu, 16 May 2013 00:56:41 +0000 (00:56 +0000)]
MFC: r250177
Fix the getpwnam_r() call in the pname_to_uid() kerberos library function so
that it handles the ERANGE error return case. Without this fix, authentication
of users for certain system setups could fail unexpectedly.
rmacklem [Thu, 16 May 2013 00:52:08 +0000 (00:52 +0000)]
MFC: r250176
Fix the getpwuid_r() call in the gssd daemon so that it handles
the ERANGE error return case. Without this fix, authentication
of users for certain system setups could fail unexpectedly.
pluknet [Wed, 15 May 2013 21:02:18 +0000 (21:02 +0000)]
MFC r246711:
o Bring in sync decoding the first nfssvc(2) parameter (flags) with
the current definitions location.
o Respect numbers in NFSSVC_* (e.g. NFSSVC_V4ROOTEXPORT).
dim [Wed, 15 May 2013 20:59:00 +0000 (20:59 +0000)]
MFC r250393:
When gcc 4.2.0 was imported, the 3DNow intrinsics header <mm3dnow.h> was
not added to the list of intrinsics headers to install, so belatedly (5
years :) add it.
rmacklem [Wed, 15 May 2013 01:44:01 +0000 (01:44 +0000)]
MFC: r250162
Document the fact that an NFSv4 mount against a volume on the same host
can result in a hung NFS server and is not recommended.
This is a content change.
rmacklem [Wed, 15 May 2013 01:36:59 +0000 (01:36 +0000)]
MFC: r250157
Isilon reported that sec=krb5p NFS mounts had a problem when m_len == 0
for the last mbuf of the list with an encrypted message. This patch replaces
the KASSERT() with code that handles this case.
yongari [Wed, 15 May 2013 01:16:41 +0000 (01:16 +0000)]
MFC r248542:
For RTL8211B or later PHYs, enable crossover detection and
auto-correction. This change makes re(4) establish a link with
a system using non-crossover UTP cable.
yongari [Wed, 15 May 2013 01:05:16 +0000 (01:05 +0000)]
MFC r248456:
r119712 introduced SIS_TYPE_83816 but it was not actually set in
driver such that checking against the type was always false.
To detect NS DP83816, driver should have checked silicon revision
register for NS controllers. While here, remove SIS_TYPE_83816 to
not make the similar mistake again.
yongari [Wed, 15 May 2013 00:58:45 +0000 (00:58 +0000)]
MFC r248227:
Disable TX IP header checksum offloading on RL_HWREV_8168CP. The
controller generates wrong checksummed frame if the IP packet has
IP options.
brooks [Tue, 14 May 2013 21:15:36 +0000 (21:15 +0000)]
MFC r245825,245890,246097,246127,246315:
Introduce a new option -DNO_ROOT that allows install and distribution
targets to be run without root privilege.
Information about ownership, group, flags, and suid bits are stored in
the file specified by METALOG which defaults to ${DESTDIR}/METALOG.
This file can be used in conjunction with bsdtar or makefs to generate
archives or file system images with correct permissions.
fabient [Mon, 13 May 2013 15:18:36 +0000 (15:18 +0000)]
MFC r247329, r247836:
Add support for good old 8192Hz profiling clock to software PMC.
Add a generic way to call per event allocate / release function.
hiren [Sun, 12 May 2013 22:01:22 +0000 (22:01 +0000)]
MFC: r240475
Remove all the checks on curthread != NULL with the exception of some MD
trap checks (eg. printtrap()).
Generally this check is not needed anymore, as there is not a legitimate
case where curthread != NULL, after pcpu 0 area has been properly
initialized.
jilles [Sun, 12 May 2013 16:26:19 +0000 (16:26 +0000)]
dup(2): Remove incorrect sentence about getdtablesize().
There are no getdtablesize() bounds on the file descriptor to be duplicated;
it only has to be open. If the RLIMIT_NOFILE rlimit was decreased after
opening the file descriptor, it may be greater than or equal to
getdtablesize() but still valid.
jilles [Sun, 12 May 2013 16:11:23 +0000 (16:11 +0000)]
MFC r249566,r249644: EINTR in POSIX sem_*.
Document that sem_wait() can fail with [EINTR].
Programs often do not expect an [EINTR] return from sem_wait() and POSIX
only allows it if the signal was installed without SA_RESTART. The timeout
in sem_timedwait() is absolute so it can be restarted normally.
The old POSIX semaphore implementation did this correctly, unlike the new
umtx one.
Specific to 9-stable: UMTX_ABSTIME does not exist and therefore
sem_timedwait() is erroneously not restarted after a SA_RESTART signal
handler.
It may be desirable to avoid [EINTR] completely, which matches the pthread
functions and is explicitly permitted by POSIX. However, the kernel must
return [EINTR] at least for signals with SA_RESTART clear, otherwise pthread
cancellation will not abort a semaphore wait. In this commit, only restore
the 8.x behaviour which is also permitted by POSIX, as far as possible with
the ABI in 9-stable.
brooks [Sun, 12 May 2013 00:35:57 +0000 (00:35 +0000)]
MFC r250337
Work around the implementation of LIBRARIES_ONLY. It causes drti.o to
not be installed in /usr/lib32 on systems with compat-32 support.
This fix has two parts. First, the build is forced by linking drti.o
into a dummy internal library. Second, the object file is installed
manually in the LIBRARIES_ONLY case.
dim [Sat, 11 May 2013 21:23:55 +0000 (21:23 +0000)]
Pull in r178240 from upstream llvm trunk:
Section 24.2.2 of the C++ standard, [iterator.iterators], Table 106
requires that the return type of *r for all iterators r be reference,
where reference is defined in [iterator.requirements.general]/p11 as
iterator_traits<X>::reference, and X is the type of r.
But in CFG.h, the dereference operator of PredIterator and
SuccIterator return pointer, not reference.
Furthermore the nested type reference is value_type&, which is not
the type returned from operator*().
This patch simply makes the iterator::reference type value_type*,
which is what the operator*() returns, and then re-lables the return
type as reference.
From a functionality point of view, the only difference is that the
nested reference type is now value_type* instead of value_type&.
This enables building clang 3.2 with the newer version of libc++ that
was merged in r250514 (and which has stricter iterator requirements for
the vector member templates).
This is a direct commit to stable/9, since head has a complete import of
llvm/clang trunk, and there is no single commit to merge.
hrs [Sat, 11 May 2013 19:11:20 +0000 (19:11 +0000)]
MFC r250240:
- Fix exit status when ip6addrctl_verbose=yes [*]
- Use the absolute pathname for ip6addrctl.
- Use "install" instead of "add" to reduce the number of invocations.
mav [Sat, 11 May 2013 08:14:33 +0000 (08:14 +0000)]
MFC r249352:
Do not sent 120 TEST UNIT READY requests on generic NOT READY statuses.
Some failing disks tend to return vendor-specific ASC/ASCQ codes with
NOT READY sense key. It caused extremely long recovery attempts, repeating
these 120 TURs (it takes at least 1 minute) for every I/O request.
Instead of that use default error handling, doing just few retries.
mav [Sat, 11 May 2013 08:10:46 +0000 (08:10 +0000)]
MFC r250185:
Add IDs for HighPoint RocketRAID 640L/642L/644L -- new series of 4-port
6Gbps PCIe 2.0 x2 SATA controllers, based on Marvell 88SE9235 chips.
markj [Fri, 10 May 2013 21:08:53 +0000 (21:08 +0000)]
MFC r249257:
Add support for getting and setting BBU properties related to battery
relearning. Specifically, add subcommands to mfiutil(8) which allow the
user to set the BBU and autolearn modes when the firmware supports it,
and add a subcommand which kicks off a battery relearn.
markj [Fri, 10 May 2013 20:55:39 +0000 (20:55 +0000)]
MFC r248776:
Fix interval-based rotations when the -t flag is used. In this case, find
the most-recently archived logfile and use its mtime to determine whether
or not to rotate, as in the non-timestamped case.
Previously we would just try to use the mtime of <logfile>.0, which always
results in a rotation since it generally doesn't exist in the -t case.
asomers [Fri, 10 May 2013 16:48:21 +0000 (16:48 +0000)]
MFC r249951
According to devctl(4), clients must read events whole; they may not piece them
together from multiple reads(). It's as if /dev/devctl is a datagram device
instead of a stream device. However, devd's internal buffer was too small
(1025 bytes) to read an entire ereport.fs.zfs.checksum event (variable, up to
~1300 bytes). This commit enlarges the buffer to 8k.
bdrewery [Fri, 10 May 2013 15:56:34 +0000 (15:56 +0000)]
MFC r249952:
Fix examples for overriding INSTALL to not suggest hardcoding
'install' since it breaks buildworld after the introduction and
use of 'install -l' in r245752. Overriding INSTALL causes
/usr/bin/install to be used instead of the proper
/usr/src/tools/install.sh which handles the new flag.
bdrewery [Fri, 10 May 2013 13:09:44 +0000 (13:09 +0000)]
MFC r249807,249893
Fix installkernel requiring users/groups defined in CHECK_UIDS
and CHECK_GIDS to exist since r152680. This is only needed for
installworld. The documented procedure of running mergemaster -p
to check for missing users is only needed for installworld, not
for installkernel. This fixes auditdistd incorrectly being
required for installkernel.
trociny [Wed, 8 May 2013 18:39:12 +0000 (18:39 +0000)]
MFC r249487:
Re-factor the code to provide kern_proc_filedesc_out(), kern_proc_out(),
and kern_proc_vmmap_out() functions to output process kinfo structures
to sbuf, to make the code reusable.
The functions are going to be used in the coredump routine to store
procstat info in the core program header notes.