- `TEST_METADATA.foo` should be `TEST_METADATA.run_tests`: this will unbreak
trying to run the tests on a system without python installed in $PATH.
- The tests require root because they load aesni(4) and/or cryptodev(4) if
not already loaded.
r319456:
tests/sys/opencrypto/runtests: apply minor polish to test script
- Refactor kld loading/unloading logic:
-- Use a loop instead of an unrolled one.
-- Check for the module being loaded before trying to load it, to reduce
noise when loading modules that are already loaded.
-- Don't mute stderr from kldload -- it could be potentially useful to
the tester.
-- In the event that the test script was terminated early, it would leave
the modules still attached to the system (which is undesirable).
Always unload the modules at test end with EXIT/SIGINT/SIGTERM so the
system is returned to its former operating state as best possible.
Unload the modules in reverse order, in part for consistency and/or
dependency reasons.
MFC r320408:
ext2fs: Support e2di_uid_high and e2di_gid_high.
The fields exist on all versions of the filesystem and using them is a mount
option on linux. For FreeBSD, the corresponding i_uid and i_gid are always
long enough so use them by default.
We have support for reading ext4 "huge" files but we can't write
(anything) on ext4. and some filesystem. Formally enable the feature
so that we can mount such filesystems.
MFC 320675: Add deprecation notices for gdb and kgdb.
Even though gdb and kgdb may not be removed for 12.0 on some architectures,
the notice is unconditional as these tools will likely be removed at some
point in the future when adequate replacements are available (gdb in ports
or lldb in base).
MFC: r320208
Ensure that the credentials field of the NFSv4 client open structure is
initialized.
bdrewery@ has reported panics "newnfs_copycred: negative nfsc_ngroups".
The only way I can see that this occurs is that the credentials field of
the open structure gets used before being filled in.
I am not sure quite how this happens, but for the file create case, the
code is serialized via the vnode lock on the directory. If, somehow, a
link to the same file gets created just after file creation, this might
occur.
This patch ensures that the credentials field is initialized to a reasonable
set of credentials before the structure is linked into any list, so I
this should ensure it is initialized before use.
I am committing the patch now, since bdrewery@ notes that the panics
are intermittent and it may be months before he knows if the patch fixes
his problem.
Fix up r320731:
* Record mergeinfo for merges of r317518, r318647, r319197, r319198,
r319199, r319201, r320625, r320626, r320628, r320629, r320630, r320631,
r320632.
* Merge r319200, which (commit message notwithstanding) seems to have
gotten lost from the r320731 merge.
r317518:
Import Amazon Elastic Network Adapter (ENA) HAL to sys/contrib/
Import from vendor-sys/ena-com/1.1.4.1
SVN rev.: 317516
Version: 1.1.4.1
r318647:
Add support for Amazon Elastic Network Adapter (ENA) NIC
ENA is a networking interface designed to make good use of modern CPU
features and system architectures.
The ENA device exposes a lightweight management interface with a
minimal set of memory mapped registers and extendable command set
through an Admin Queue.
The driver supports a range of ENA devices, is link-speed independent
(i.e., the same driver is used for 10GbE, 25GbE, 40GbE, etc.), and has
a negotiated and extendable feature set.
Some ENA devices support SR-IOV. This driver is used for both the
SR-IOV Physical Function (PF) and Virtual Function (VF) devices.
ENA devices enable high speed and low overhead network traffic
processing by providing multiple Tx/Rx queue pairs (the maximum number
is advertised by the device via the Admin Queue), a dedicated MSI-X
interrupt vector per Tx/Rx queue pair, and CPU cacheline optimized
data placement.
The ENA driver supports industry standard TCP/IP offload features such
as checksum offload and TCP transmit segmentation offload (TSO).
Receive-side scaling (RSS) is supported for multi-core scaling.
The ENA driver and its corresponding devices implement health
monitoring mechanisms such as watchdog, enabling the device and driver
to recover in a manner transparent to the application, as well as
debug logs.
Some of the ENA devices support a working mode called Low-latency
Queue (LLQ), which saves several more microseconds. This feature will
be implemented for driver in future releases.
r319197:
Add mbuf defragmentation to the ENA driver
When mbuf chain is too long and device cannot handle that number
of segments in DMA transaction, mbuf chain will be defragmented.
Initially, driver was dropping all mbuf chains that were exceeding
supported number of segments.
r319198:
Add locks before each ena_up and ena_down
Lock only ena_up and ena_down calls in ioctl handler, instead of whole
ioctl. Locking ioctl with sx lock that is sleepable, is not allowed in
some cases, e.g. when multicast options are being changed.
Additional locking was added in deatch function to prevent race condition
with ioctl function.
r319199:
Add error handling to the ENA driver if init of the reset task fails
Also, to simplify cleaning routine, reset task is initialized before
allocating statistics and other resources.
r319200:
Move ENA's hw stats updating routine to separate task
Initially, stats were being updated each time OS was requesting for
the first statistic.
To read statistics from hw, condvar was used. cv_timedwait cannot be
called when unsleepable lock is held, and this happens when FreeBSD
is requesting statistic.
Seperate task is reading statistics from NIC each 1 second.
r319201:
Introduce additional locks when releasing TX resources and buffers in ENA
There could be race condition with TX cleaning routine when cleaning mbufs,
when it was called directly from main sending thread (ena_mq_start).
r320625:
Add missing lock upon initialization of the interface
Lack of this lock was causing crash if down was called in
parallel with the initialization routine.
r320626:
Acquire locks before calling drbr_flush()
It is required to hold lock that is associated with buffer ring before
flushing drbr.
r320628:
Unmask all IO irqs after driver state is set as running
If driver left MSI-x handlling routine because interface was put down,
it is not unmasking IRQs, so any requesting interrupt will be awaiting
for unmasking.
On ena_up() routine all interrupts are being unmasked and any awaiting
interrupt will be handled right away.
If handler was executed before driver state was set as running, handling
routine is being ended immediately, leaving IO irqs for given queue
masked.
r320629:
Call drbr_advance() before leaving TX routine
If drbr_advance() is not called before doing cleanup and packet is
already enqueued for sending (tx_info is holding pointer to mbuf), then
mbuf is cleaned both in drbr_flush() and in cleanup routine, when all
mbufs hold by tx_buffer_info are being released.
This causes panic, because mbuf is released twice.
r320630:
Remove RX mtx from ENA driver
RX lock is no longer required. There can only be one RX cleanup task
running at a time, RX cleanup cannot be executed if interface is not
yet initialized and ena_down() will not free any RX resources if any io
interrupt is being handled - RX cleanup task is only called from an
interrupt handler.
r320631:
Fix creation of dma tags and TSO settings
TSO settings were not reflecting real HW capabilities.
DMA tags were created with wrong window - high address was the same as
low, so excluding window was not working.
Capabilities of TX dma transaction were not set properly - TSO max size
had been increased and size of one segment had been adjusted.
r320632:
Replace mbuf defragmentation with collapse
Collapse should be more effective than defragmentation.
Added missing declaration of ena_check_and_collapse_mbuf().
Submitted by: Michal Krawczyk <mk@semihalf.com>
Jakub Palider <jpa@semihalf.com>
Jan Medala <jan@semihalf.com>
Obtained from: Semihalf, Amazon.com Inc.
Sponsored by: Amazon.com Inc.
The textproc/glimpse port expired over 3 years ago because there weren't any
more publicly available distfiles, and because it lacked a maintainer. Remove
the target as it's no longer executable on FreeBSD.
Verify that echo(1) does not...
- ... print the trailing newline character with option '-n'.
- ... print the trailing newline character when '\c' is appended to
the end of the string.
MFC r320599:
Fix Vagrant image upload after recent API changes.
- Update ATLAS_UPLOAD_URL to avoid various regular expressions
from failing to match due to redirections.
- Use ATLAS_UPLOAD_URL throughout the script.
- Adjust several regular expression patterns.
This update is primarily bug fixes in C++ symbol demangling, including:
- rvalue reference
- builtin type auto and decltype(auto)
- revamped support for function return types
- formatting fixes
- omit void when its the only param
- ref-qualifiers and others in function types
- type qualifiers in pointer-to-member function types
- incorrect handling regarding CV-qualifiers in function types
- ref-qualifier found in nested-name
- properly handle <name> ::= <substitute><template-args>
- make sure that nested function name is not a substitute candidate
- correctly handle expression in template args
- skip unknown substitution abbreviations
Also r320663 libelftc: bump version, tracking import in r320343
* Verify that when creating a hard link to a symbolic link, '-L' option
creates a hard link to the target of the symbolic link
* Verify that when creating a hard link to a symbolic link, '-P' option
creates a hard link to the symbolic link itself
* Verify that if the target file already exists, '-f' option unlinks it so
that link may occur
* Verify that if the target file or directory is a symbolic link, '-shf'
option prevents following the link
* Verify that if the target file or directory is a symbolic link, '-snf'
option prevents following the link
* Verify that '-s' option creates a symbolic link
* Verify that '-w' option produces a warning if the source of a symbolic
link does not currently exist
If /etc/bootparams contains a line with an excessively long pathname, and a
client asks for that path, then bootparamd will overflow a buffer and crash
while parsing that line. This is not remotely exploitable since it requires
a malformed /etc/bootparams file.
Add MAP_GUARD and use it for stack grow area protection.
Bump __FreeBSD_version.
MFC r320317:
Implement address space guards.
MFC r320338:
Remove stale part of the comment.
MFC r320339:
Correctly handle small MAP_STACK requests.
MFC r320344:
For now, allow mprotect(2) over the guards to succeed regardless of
the requested protection.
MFC r320430:
Treat the addr argument for mmap(2) request without MAP_FIXED flag as
a hint.
MFC r320560 (by alc):
Modify vm_map_growstack() to protect itself from the possibility of the
gap entry in the vm map being smaller than the sysctl-derived stack guard
size.
andrew [Tue, 4 Jul 2017 10:54:08 +0000 (10:54 +0000)]
MFC r320403, r320497
r320403:
Some of the atomic_clear_* functions were incorrectly defined to be an
atomic add. Correct these, fixing a NULL-pointer dereference in netgraph.
PR: 220273
Sponsored by: DARPA, AFRL
r320497:
Remove a blank line accidentally added in r320403.
MFC r319699
When allocating swap blocks, if the available number of free blocks in a
subtree is already zero, then setting the "largest contiguous free block"
hint for that subtree to anything other than zero makes no sense. (To be
clear, assigning a value to the hint that is too large is not a correctness
problem, only a pessimization.)
MFC r319755
blist_fill()'s return type is too narrow. blist_fill() accepts a 64-bit
quantity as the size of the range to fill, but returns a 32-bit quantity
as the number of blocks that were allocated to fill that range. This
revision corrects that mismatch.
MFC r319793
Remove an unnecessary field from struct blist. (The comment describing
what this field represented was also inaccurate.)
In r178792, blist_create() grew a malloc flag, allowing M_NOWAIT to be
specified. However, blist_create() was not modified to handle the
possibility that a malloc() call failed. Address this omission.
Increase the width of the local variable "radix" to 64 bits. This
matches the width of the corresponding field in struct blist.
MFC: r319882, r320062, r320070, r320126
Make MAXBCACHEBUF a tunable called vfs.maxbcachebuf.
By making MAXBCACHEBUF a tunable, it can be increased to allow for
larger read/write data sizes for the NFS client.
The tunable is limited to MAXPHYS, which is currently 128K.
Making MAXPHYS a tunable or increasing its value is being discussed,
since it would be nice to support a read/write data size of 1Mbyte
for the NFS client when mounting the AmazonEFS file service.
Also, define NFS_MAXXDR as the upper bound on XDR overhead in an NFS RPC.
ken [Mon, 3 Jul 2017 15:34:21 +0000 (15:34 +0000)]
MFC r320421:
------------------------------------------------------------------------
r320421 | ken | 2017-06-27 13:26:02 -0600 (Tue, 27 Jun 2017) | 37 lines
Fix a panic in camperiphfree().
If a peripheral driver (e.g. da, sa, cd) is added or removed from the
peripheral driver list while an unrelated peripheral driver instance (e.g.
da0, sa5, cd2) is going away and is inside camperiphfree(), we could
dereference an invalid pointer.
When peripheral drivers are added or removed (see periphdriver_register()
and periphdriver_unregister()), the peripheral driver array is resized
and existing entries are moved.
Although we hold the topology lock while we traverse the peripheral driver
list, we retain a pointer to the location of the peripheral driver pointer
and then drop the topology lock. So we are still vulnerable to the list
getting moved around while the lock is dropped.
To solve the problem, cache a copy of the peripheral driver pointer. If
its storage location in the list changes while we have the lock dropped, it
won't have any effect.
This doesn't solve the issue that peripheral drivers ("da", "cd", as opposed
to individual instances like "da0", "cd0") are not generally part of a
reference counting scheme to guard against deregistering them while there
are instances active. The caller (generally the person unloading a module)
has to be aware of active drivers and not unload something that is in use.
sys/cam/cam_periph.c:
In camperiphfree(), cache a pointer to the peripheral driver
instance to avoid holding a pointer to an invalid memory location
in the event that the peripheral driver list changes while we have
the topology lock dropped.
ken [Mon, 3 Jul 2017 15:10:16 +0000 (15:10 +0000)]
MFC r320420:
------------------------------------------------------------------------
r320420 | ken | 2017-06-27 11:55:25 -0600 (Tue, 27 Jun 2017) | 25 lines
In scsi_zbc_in(), fill in the length in the ZBC IN CDB.
Without the allocation length set, the target will either reject
the command or complete it without transferring any data.
This fixes the REPORT ZONES command for SCSI ZBC protocol devices,
as well as ATA ZAC protocol devices that are behind a SCSI to ATA
translation layer. (LSI/Broadcom's 12Gb SAS adapters translate ZBC
commands to ZAC commands.) Those are Host Aware and Host Managed SMR
drives.
This will fix REPORT ZONE commands sent to the da(4) driver via the
GEOM bio interface and zonectl, and REPORT ZONE commands sent from
camcontrol(8).
Note that in the case of camcontrol(8), we currently only send
SCSI ZBC commands to native SCSI protocol devices, not ATA devices
behind a SAT layer.
sys/cam/scsi/scsi_da.c:
Fill in the length field in scsi_zbc_in().
r319682:
Make the VNC authentication build with LibreSSL on HardenedBSD and TrueOS.
PR: 219790
Submitted by: Shirkdog <mshirk@daemon-security.com>
Reviewed by: grehan and rgrimes
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D11071
r319968:
Initialize variables and use byteorder(9) instead of aliasing char array
buf via uint32_t pointer.
CID: 1375949
Reported by: Coverity, cem
Reviewed by: cem
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D11153
r319995:
Check if pthread_create(3) successfully created the thread prior to call
pthread_join(3). The variable tid is not yet initialized in case
the authentication fails at early stage, that would lead pthread_join be
called with an uninitialized variable.
CID: 1375950
Reported by: Coverity, cem
Reviewed by: cem
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D11150
With r318394 seems it breaks gpart(8) in some embedded systems such like PCEngines,
RPI1-B, Alix and APU2 boards as well as NanoBSD with the following message:
Seems the breakage was because it was missed to include acr in glabel update.
Reported by: Peter Blok <pblok@bsd4all.org>,
madpilot, imp and trasz.
Reviewed by: trasz
Tested by: Peter Blok and madpilot.
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D11365
MFC r320049
Pages that are passed to swap_pager_putpages() should already be fully
dirty. Assert that they are fully dirty rather than redundantly calling
vm_page_dirty() on them.
alc [Wed, 28 Jun 2017 05:28:15 +0000 (05:28 +0000)]
MFC r315518
Avoid unnecessary calls to vm_map_protect() in elf_load_section().
Typically, when elf_load_section() unconditionally passed VM_PROT_ALL to
elf_map_insert(), it was needlessly enabling execute access on the
mapping, and it would later have to call vm_map_protect() to correct the
mapping's access rights. Now, instead, elf_load_section() always passes
its parameter "prot" to elf_map_insert(). So, elf_load_section() must
only call vm_map_protect() if it needs to remove the write access that
was temporarily granted to perform a copyout().
alc [Wed, 28 Jun 2017 04:01:29 +0000 (04:01 +0000)]
MFC r314310
Refine the fix from r312954. Specifically, add a new PDE-only flag,
PG_PROMOTED, that indicates whether lingering 4KB page mappings might
need to be flushed on a PDE change that restricts or destroys a 2MB
page mapping. This flag allows the pmap to avoid range invalidations
that are both unnecessary and costly.
ken [Tue, 27 Jun 2017 12:56:36 +0000 (12:56 +0000)]
MFC r320123:
Fix a potential sleep while holding a mutex in the sa(4) driver.
If the user issues a MTIOCEXTGET ioctl, and the tape drive in question has
a serial number that is longer than 80 characters, we malloc a buffer in
saextget() to hold the output of cam_strvis().
Since a mutex is held in that codepath, doing a M_WAITOK malloc could lead
to sleeping while holding a mutex. Change it to a M_NOWAIT malloc and bail
out if we fail to allocate the memory. Devices with serial numbers longer
than 80 bytes are very rare (I don't recall seeing one), so this
should be a very unusual case to hit. But it is a bug that should be fixed.
sys/cam/scsi/scsi_sa.c:
In saextget(), if we need to malloc a buffer to hold the output of
cam_strvis(), don't wait for the memory. Fail and return an error
if we can't allocate the memory immediately.
PR: kern/220094
Submitted by: Jia-Ju Bai <baijiaju1990@163.com>
Sponsored by: Spectra Logic
Approved by: re (gjb)
sephe [Mon, 26 Jun 2017 05:56:49 +0000 (05:56 +0000)]
MFC 320184
hyperv/storvsc: Reduce log verbosity
On some windows hosts TEST_UNIT_READY command will return
SRB_STATUS_ERROR and sense data "NOT READY asc:3a,1 (Medium
not present - tray closed)", this occurs periodically, and
not hurt anything else. So, we prefer to ignore this kind
of errors.
Approved by: re (delphij)
PR: 219973
Submitted by: Hongjiang Zhang <hongzhan microsoft com>
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D11271
As per https://datacenter.iers.org/eop/-/somos/5Rgv/latest/16:
INTERNATIONAL EARTH ROTATION AND REFERENCE SYSTEMS SERVICE (IERS)
SERVICE INTERNATIONAL DE LA ROTATION TERRESTRE ET DES SYSTEMES DE REFERENCE
SERVICE DE LA ROTATION TERRESTRE
OBSERVATOIRE DE PARIS
61, Av. de l'Observatoire 75014 PARIS (France)
Tel. : 33 (0) 1 40 51 23 35
FAX : 33 (0) 1 40 51 22 91
Internet : services.iers@obspm.fr
Paris, 9 January 2017
Bulletin C 53
To authorities responsible
for the measurement and
distribution of time
INFORMATION ON UTC - TAI
NO leap second will be introduced at the end of June 2017.
The difference between Coordinated Universal Time UTC and the
International Atomic Time TAI is :
from 2017 January 1, 0h UTC, until further notice : UTC-TAI = -37 s
Leap seconds can be introduced in UTC at the end of the months of December
or June, depending on the evolution of UT1-TAI. Bulletin C is mailed every
six months, either to announce a time step in UTC, or to confirm that there
will be no time step at the next possible date.
Christian BIZOUARD
Director
Earth Orientation Center of IERS
Observatoire de Paris, France
delphij [Sun, 25 Jun 2017 17:42:27 +0000 (17:42 +0000)]
MFC r320216: Fix use-after-free introduced in r300388.
In r300388, endnetconfig() was called on nc_handle which would release
the associated netconfig structure, which means tmpnconf->nc_netid
would be a use-after-free.
Solve this by doing endnetconfig() in return paths instead.
Reported by: jemalloc via kevlo
Reviewed by: cem, ngie (earlier version)
Approved by: re (kib)
bdrewery [Fri, 23 Jun 2017 20:49:23 +0000 (20:49 +0000)]
MFC r320206,r320207:
r320206:
Follow-up r308602: Don't add missing headers to .depend.tables.h.
r320207:
Tweak r320206: Still create the TABLE but not the .depend entry for missing
headers.
bdrewery [Fri, 23 Jun 2017 20:07:56 +0000 (20:07 +0000)]
MFC r319862,r319996,r320030:
r319862:
META_MODE: Show .ERROR_CMD in error.
r319996:
WITH_META_MODE: Don't try showing command if .ERROR_META_FILE is empty.
r320030:
WITH_META_MODE: End each ERROR_CMD CMD line with ';'.
bdrewery [Fri, 23 Jun 2017 19:44:20 +0000 (19:44 +0000)]
MFC r320012,r320028,r320061,r320118:
r320012:
Fix LIBAMU location to fix 'stale .depend' rebuilds in usr.sbin/amd.
r320028:
Fix more incorrect library directories fix 'stale .depend' rebuilds.
r320061:
Fix Makefiles which override LIBDIR to not add incorrect dependencies into
.depend.
r320118:
Follow-up r320061: Need to respect make.conf/env LIBDIR overrides.
cperciva [Thu, 22 Jun 2017 05:30:27 +0000 (05:30 +0000)]
MFC r319491:
Skip setting the MTU in the netfront driver (xn# devices) if the new MTU
is the same as the old MTU. In particular, on Amazon EC2 "T2" instances
without this change, the network interface is reinitialized every 30
minutes due to the MTU being (re)set when a new DHCP lease is obtained.