Philip Paeps [Sun, 2 Feb 2020 08:46:29 +0000 (08:46 +0000)]
MFC r357292:
acpi_ibm: add support for ThinkPad PrivacyGuard
ThinkPad PrivacyGuard is a built-in toggleable privacy filter that
restricts viewing angles when on. It is an available on some new
ThinkPad models such as the X1 Carbon 7th gen (as an optional HW
upgrade).
The privacy filter can be enabled/disabled via an ACPI call. This commit
adds a sysctl under dev.acpi_ibm that allows for getting and setting the
PrivacyGuard state.
Dimitry Andric [Fri, 31 Jan 2020 20:04:32 +0000 (20:04 +0000)]
MFC r357226:
Merge r357224 from the clang1000-import branch:
Fix the following -Werror warning from clang 10.0.0 in binutils:
contrib/binutils/bfd/peicode.h:1356:3: error: misleading indentation; statement is not part of the previous 'if' [-Werror,-Wmisleading-indentation]
if (efi)
^
contrib/binutils/bfd/peicode.h:1353:8: note: previous statement is here
if (pe_arch (bfd_target_efi_arch (*target_ptr)) != arch)
^
contrib/binutils/bfd/peicode.h:1370:3: error: misleading indentation; statement is not part of the previous 'if' [-Werror,-Wmisleading-indentation]
if (!efi)
^
contrib/binutils/bfd/peicode.h:1367:8: note: previous statement is here
if (pe_arch (bfd_target_pei_arch (*target_ptr)) != arch)
^
Warner Losh [Fri, 31 Jan 2020 13:18:25 +0000 (13:18 +0000)]
MFC r354922
> Author: imp <imp@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
> Date: Wed Nov 20 23:45:31 2019 +0000
>
> Create /etc/os-release file.
>
> Each boot, regenerate /var/run/os-release based on the currently running
> system. Create a /etc/os-release symlink pointing to this file (so that this
> doesn't create a new reason /etc can not be mounted read-only).
>
> This is compatible with what other systems do and is what the sysutil/os-release
> port attempted to do, but in an incomplete way. Linux, Solaris and DragonFly all
> implement this natively as well. The complete standard can be found at
> https://www.freedesktop.org/software/systemd/man/os-release.html
>
> Moving this to the base solves both the non-standard location problem with the
> port, as well as the lack of update of this file on system update.
>
> Bump __FreeBSD_version to 1300060
>
> PR: 238953
> Differential Revision: https://reviews.freebsd.org/D22271
Kristof Provost [Fri, 31 Jan 2020 10:34:36 +0000 (10:34 +0000)]
MFC r357233:
epair: Do not abuse params to register the second interface
if_epair used the 'params' argument to pass a pointer to the b interface
through if_clone_create().
This pointer can be controlled by userspace, which means it could be abused to
trigger a panic. While this requires PRIV_NET_IFCREATE
privileges those are assigned to vnet jails, which means that vnet jails
could panic the system.
Reported by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Alexander Motin [Thu, 30 Jan 2020 16:11:19 +0000 (16:11 +0000)]
MFC r343111,343113-343115 (by mckusick):
Create new EINTEGRITY error with message "Integrity check failed".
An integrity check such as a check-hash or a cross-correlation failed.
The integrity error falls between EINVAL that identifies errors in
parameters to a system call and EIO that identifies errors with the
underlying storage media. EINTEGRITY is typically raised by intermediate
kernel layers such as a filesystem or an in-kernel GEOM subsystem when
they detect inconsistencies. Uses include allowing the mount(8) command
to return a different exit value to automate the running of fsck(8)
during a system boot.
These changes make no use of the new error, they just add it. Later
commits will be made for the use of the new error number and it will
be added to additional manual pages as appropriate.
Kristof Provost [Thu, 30 Jan 2020 09:56:56 +0000 (09:56 +0000)]
MFC r356816:
Fix pfdenied not returning any results
When _a is empty we end up with an invalid invocation of pfctl, and no output.
We must add quotes to make it clear to pfctl that we're passing an empty anchor
name.
Bjoern A. Zeeb [Tue, 28 Jan 2020 18:08:53 +0000 (18:08 +0000)]
MFC r356527-356528:
vnet: virtualise more network stack sysctls.
Virtualise tcp_always_keepalive, TCP and UDP log_in_vain. All three are
set in the netoptions startup script, which we would love to run for VNETs
as well.
While virtualising the log_in_vain sysctls seems pointles at first for as
long as the kernel message buffer is not virtualised, it at least allows
an administrator to debug the base system or an individual jail if needed
without turning the logging on for all jails running on a system.
Run netoptions startup script in vnet jails.
People use rc.conf inside vnet jails to configure networking setups.
Presumably because some sysctl were not virtualised up until r356527 the
script was not run for vnet jails leaving the rc.conf options without
effect for non-obvious reasons. Run the netoptions startup script also
for VNET jails now to make the rc.conf options work.
Bjoern A. Zeeb [Tue, 28 Jan 2020 17:48:14 +0000 (17:48 +0000)]
MFC r356662:
nd6_rtr: constantly use __func__ for nd6log()
Over time one or two hard coded function names did not match the
actual function anymore. Consistently use __func__ for nd6log() calls
and re-wrap/re-format some messages for consitency.
Xin LI [Tue, 28 Jan 2020 07:49:52 +0000 (07:49 +0000)]
MFC r356629, r356636
r356629:
Apply typo fix from NetBSD, we have already applied all NetBSD changes so
update the NetBSD tag while I'm there.
r356636:
Correct off-by-two issue when determining FAT type.
In the code we used NumClusters as the upper (non-inclusive) boundary
of valid cluster number, so the actual value was 2 (CLUST_FIRST) more
than the real number of clusters. This causes a FAT16 media with
65524 clusters be treated as FAT32 and might affect FAT12 media with
4084 clusters as well.
To fix this, we increment NumClusters by CLUST_FIRST after the type
determination.
Kyle Evans [Tue, 28 Jan 2020 02:58:39 +0000 (02:58 +0000)]
MFC r357084: caroot: use bsd.obj.mk, not bsd.prog.mk
This directory stages certdata into .OBJDIR and processes it, but does not
actually build a prog-shaped object; bsd.obj.mk provides the minimal support
that we actually need, an .OBJDIR and descent into subdirs. This is
admittedly the nittiest of nits.
Kyle Evans [Tue, 28 Jan 2020 02:42:33 +0000 (02:42 +0000)]
MFC r357103-r357104: unbreak local.lua, add a modules.loaded hook
r357103:
loader.lua: re-arrange to load local.lua *after* config loading
The major problem with the current ordering is that loader.conf may contain
all of the magic we need to actually setup the console, so loading local.lua
prior to that can make it excessively difficult and annoying to debug
(whoops, sorry Ravi & Warner).
The new ordering has some implications, but I suspect they are a non-issue.
The first is that it's no longer possible for the local module to inject any
logic prior to loading config -- I suspect no one has relied on this. The
second implication is that the config.loaded hook is now useless, as the
local module will always be included after that hook would have fired.
For config.loaded, I will opt to leave it in, just in case we add an early
point for local lua to get injected or in case one wants to schedule some
deferred logic in a custom loader.lua. The overhead of having it if no hooks
will be invoked is relatively minimal.
r357104:
lua: add modules.loaded hook
This may be used for the local module to hook in and load any additional
modules that it wants, since it can't modify the modules table internal to
config. We may consider adding API to do so at a later time, but I suspect
it will be more complicated to use with little return.
status is captured but ignored for the purpose of loading the hook. status
will be false if *any* module failed to load, but we typically don't let
that halt the boot so there's no reason to let it halt hooks. Some vendors
or setups may have expected fails that would be actively thwarted by
checking it.
We may, at a later date, consider adding an API for letting non-config
modules check which modules have successfully (or not) loaded in case an
unexpected failure *should* halt whatever they are doing.
Dimitry Andric [Mon, 27 Jan 2020 07:03:57 +0000 (07:03 +0000)]
MFC r356929:
Merge commit bc4bc5aa0 from llvm git (by Justin Hibbits):
Add 8548 CPU definition and attributes
8548 CPU is GCC's name for the e500v2, so accept this in clang. The
e500v2 doesn't support lwsync, so define __NO_LWSYNC__ for this as
well, as GCC does.
Summary:
This allows the use of '-target powerpcspe-unknown-linux-gnu' or
'powerpcspe-unknown-freebsd' to be used, instead of '-target
powerpc-unknown-linux-gnu -mspe'.
Reviewed By: dim
Differential Revision: https://reviews.llvm.org/D72014
Merge commit ba91dffaf from llvm git (by Fangrui Song):
[Driver][PowerPC] Move powerpcspe logic from cc1 to Driver
Follow-up of D72014. It is more appropriate to use a target feature
instead of a SubTypeArch to express the difference.
commit 36eedfcb3 from llvm git (by Justin Hibbits):
[PowerPC] Fix powerpcspe subtarget enablement in llvm backend
Summary:
As currently written, -target powerpcspe will enable SPE regardless
of disabling the feature later on in the command line. Instead,
change this to just set a default CPU to 'e500' instead of a generic
CPU.
As part of this, add FeatureSPE to the e500 definition.
[MIPS][ELF] Use PC-relative relocations in .eh_frame when possible
When compiling position-independent executables, we now use
DW_EH_PE_pcrel | DW_EH_PE_sdata4. However, the MIPS ABI does not define a
64-bit PC-relative ELF relocation so we cannot use sdata8 for the large
code model case. When using the large code model, we fall back to the
previous behaviour of generating absolute relocations.
With this change clang-generated .o files can be linked by LLD without
having to pass -Wl,-z,notext (which creates text relocations).
This is simpler than the approach used by ld.bfd, which rewrites the
.eh_frame section to convert absolute relocations into relative references.
I saw in D13104 that apparently ld.bfd did not accept pc-relative relocations
for MIPS ouput at some point. However, I also checked that recent ld.bfd
can process the clang-generated .o files so this no longer seems true.
[MIPS] Don't emit R_(MICRO)MIPS_JALR relocations against data symbols
The R_(MICRO)MIPS_JALR optimization only works when used against functions.
Using the relocation against a data symbol (e.g. function pointer) will
cause some linkers that don't ignore the hint in this case (e.g. LLD prior
to commit 5bab291) to generate a relative branch to the data symbol
which crashes at run time. Before this patch, LLVM was erroneously emitting
these relocations against local-dynamic TLS function pointers and global
function pointers with internal visibility.
These two changes should allow using lld for MIPS64 (and maybe also MIPS32)
by default.
The second commit is not strictly necessary for clang+lld since LLD9 will
not perform the R_MIPS_JALR optimization (it was only added for 10) but it
is probably required in order to use recent ld.bfd.
- write this as LOG_DEBUG again instead of LOG_INFO;
- get back function name into the message;
- error may be ESRCH if an address is removed in process (by carp f.e.),
not only ENOENT;
- expression complexity grows, so try making it more readable.
Kyle Evans [Sat, 25 Jan 2020 05:52:31 +0000 (05:52 +0000)]
Regenerate ibcs2 sysent targets, NFC
Direct commit; these hadn't been regenerated in a wihle, and it's nice to
see no diff going forward in case these get tweaked a little bit more for
conventions. Unlikely.
The main motivation here being .ORDER to render -jN > 1 harmless; svr4/ibcs2
targets were also refactored a bit, but both are irregular and cannot use
sysent.mk as-is due to differences in files generated. I have no interest in
refactoring, since these are gone in head anyways.
r355473: sysent: Reduce duplication and improve readability.
Use the power of variable to avoid spelling out source and generated
files too many times. The previous Makefiles were hard to read, hard to
edit, and badly formatted.
r356540:
kern/Makefile: systrace_args.c is also generated
r356604:
Set .ORDER for makesyscalls generated files
When either makesyscalls.lua or syscalls.master changes, all of the
${GENERATED} targets are now out-of-date. With make jobs > 1, this means we
will run the makesyscalls script in parallel for the same ABI, generating
the same set of output files.
Prior to r356603 , there is a large window for interlacing output for some
of the generated files that we were generating in-place rather than staging
in a temp dir. After that, we still should't need to run the script more
than once per-ABI as the first invocation should update all of them. Add
.ORDER to do so cleanly.
r356868:
sysent targets: further cleanup and deduplication
r355473 vastly improved the readability and cleanliness of these Makefiles.
Every single one of them follows the same pattern and duplicates the exact
same logic.
Now that we have GENERATED/SRCS, split SRCS up into the two parameters we'll
use for ${MAKESYSCALLS} rather than assuming a specific ordering of SRCS and
include a common sysent.mk to handle the rest. This makes it less tedious to
make sweeping changes.
Some default values are provided for GENERATED/SYSENT_*; almost all of these
just use a 'syscalls.master' and 'syscalls.conf' in cwd, and they all use
effectively the same filenames with an arbitrary prefix. Most ABIs will be
able to get away with just setting GENERATED_PREFIX and including
^/sys/conf/sysent.mk, while others only need light additions. kern/Makefile
is the notable exception, as it doesn't take a SYSENT_CONF and the generated
files are spread out between ^/sys/kern and ^/sys/sys, but it otherwise fits
the pattern enough to use the common version.
r356937:
sysent.mk: split interpreter out of target command
The main objective here is to make it easy to identify what needs to change
in order to use a different sysent generator than the current Lua-based one,
which may be used to MFC some of the changes that have happened so we can
avoid parallel accidents in stable branches, for instance.
As a secondary objective, it's now feasible to override the generator on a
per-Makefile basis if needed, so that one could refactor their Makefile to
use this while pinning generation to the legacy makesyscalls.sh. I don't
anticipate any consistent need for such a thing, but it's low-effort to
achieve.
Kyle Evans [Fri, 24 Jan 2020 17:15:31 +0000 (17:15 +0000)]
MFC 356951: posix_spawn: mark error as volatile
In the case of an error, the RFSPAWN'd thread will write back to psa->error
with the correct exit code. Mark this as volatile as the return value is
being actively dorked up for erroneous exits on !x86.
This fixes the following tests, tested on aarch64 (only under qemu, at the
moment):
Infrastructure only -- no plans in place currently to commit any certs to
these branches.
r352948:
[1/3] Initial infrastructure for SSL root bundle in base
This setup will add the trusted certificates from the Mozilla NSS bundle
to base.
This commit includes:
- CAROOT option to opt out of installation of certs
- mtree amendments for final destinations
- infrastructure to fetch/update certs, along with instructions
A follow-up commit will add a certctl(8) utility to give the user control
over trust specifics. Another follow-up commit will actually commit the
initial result of updatecerts.
This work was done primarily by allanjude@, with minor contributions by
myself.
r352949:
[2/3] Add certctl(8)
This is a simple utility to hash all trusted on the system into
/etc/ssl/certs. It also allows the user to blacklist certificates they do
not trust.
This work was done primarily by allanjude@, with minor contributions by
myself.
r352950:
[3/3] etcupdate and mergemaster support for certctl
This commit add support for certctl in mergemaster and etcupdate. Both will
either rehash or prompt for rehash as new certificates are
trusted/blacklisted.
This work was done primarily by allanjude@, with minor contributions by
myself.
r352951:
caroot: add @generated tags to extracted .pem
As is the current trend; while these files are manually curated, they are
still generated. If they end up in a review, it would be helpful to also
take the hint and hide them.
r353002:
Unbreak etcupdate(8) and mergemaster(8) after r352950
r352950 introduced improper case fall-through for shell scripts. Fix it with
a pipe.
r353066:
certctl(8): realpath the file before creating the symlink
Otherwise we end up creating broken relative symlinks in
/etc/ssl/blacklisted.
r353070:
certctl(8): let one blacklist based on hashed filenames
It seems reasonable to allow, for instance:
$ certctl list
# reviews output -- ah, yeah, I don't trust that one
$ certctl blacklist ce5e74ef.0
$ certctl rehash
We can unambiguously determine what cert "ce5e74ef.0" refers to, and we've
described it to them in `certctl list` output -- I see little sense in
forcing another level of filesystem inspection to determien what cert file
this physically corresponds to.
Kyle Evans [Wed, 22 Jan 2020 22:51:55 +0000 (22:51 +0000)]
MFC r356876-r356877: add zfs_mount_at
r356876:
libzfs: add zfs_mount_at
This will be used in libbe in place of the internal zmount(); libbe only
wants to be able to mount a dataset at an arbitrary mountpoint without
altering dataset/pool properties. The natural way to do this in a portable
way is by creating a zfs_mount_at() interface that's effectively zfs_mount()
+ a mountpoint parameter. zfs_mount() is now a light wrapper around the new
method.
The interface and implementation have already been accepted into ZFS On
Linux, and the next commit to switch libbe() over to this new interface will
solve the last compatibility issue with ZoL. The next sysutils/openzfs
rebase against ZoL should be able to build libbe/bectl with only minor
adjustments to build glue.
r356877:
libbe: use the new zfs_mount_at()
More background is available in r356876, but this new interface is more
portable across ZFS implementations and cleaner for what libbe is attempting
to achieve anyways.
Kyle Evans [Wed, 22 Jan 2020 22:08:02 +0000 (22:08 +0000)]
MFC r356849: bcm2835_vcbus: unifdef all platform definitions
Raspberry Pi are all over the board, and the reality is that there's no harm
in including all of the definitions by default but plenty of harm in the
current situation. This change is safe because we match a definition by root
/compatible in the FDT, so there will be no false-positives because of it.
The main array of definitions grows, but it's only walked exactly once to
determine which we need to use.
In r316006 the getstrfromtype_locked() function was modified to return
an empty string, instead of NULL, if an entry is missing in the audit_control
file. Because of that change the getachost() function started to return
success even if the host name was not defined in the audit_control.
This in turn led to auditd_hostlen always being set (for an empty host it was
set to 0). If auditd_hostlen was not equal to -1 we were trying to append
the host name to trail file name. All this led to situation where when host
name is not defined in audit_control, auditd will create trail files with
a leading '.', which breaks auditdistd as it doesn't work with longer audit
trail file names.
Fix this by appending host name to the trail file name only if the host name
is not empty.
Alexander Motin [Wed, 22 Jan 2020 01:08:27 +0000 (01:08 +0000)]
MFC r356474, r356480, r356482, r356506:
Add Host Memory Buffer support to nvme(4).
This allows cheapest DRAM-less NVMe SSDs to use some of host RAM (about
1MB per 1GB on the devices I have) for its metadata cache, significantly
improving random I/O performance. Device reports minimal and preferable
size of the buffer. The code limits it to 5% of physical RAM by default.
If the buffer can not be allocated or below minimal size, the device will
just have to work without it.
Within command completion processing the callback function may access
DMAed data buffer. Synchronize it before use, not after.
This allows to use NVMe disk on non-DMA coherent arm64 system.
Alexander Motin [Wed, 22 Jan 2020 00:46:09 +0000 (00:46 +0000)]
MFC r355721 (by imp): Move to using bool instead of boolean_t
While there are subtle semantic differences between bool and boolean_t, none of
them matter in these cases. Prefer true/false when dealing with bool
type. Preserve a couple of TRUEs since they are passed into int args into CAM.
Preserve a couple of FALSEs when used for status.done, an int.
Alexander Motin [Wed, 22 Jan 2020 00:43:51 +0000 (00:43 +0000)]
MFC r355631 (by imp): Move reset to the interrutp processing stage
This trims the boot time a bit more for AWS and other platforms that have nvme
drives. There's no reason too do this inline. This has been in my tree a while,
but IIRC I talked to Jim Harris about this at one of our face to face meetings.
Alexander Motin [Wed, 22 Jan 2020 00:41:18 +0000 (00:41 +0000)]
MFC r355465 (by imp): trackers always know what qpair they are on
Don't needlessly pass around qpair pointers when the tracker knows what
qpair it's on. This will simplify code and make it easier to split
submission and completion queues in the future.
vmx: fix initialization of TSO related descriptor fields
Fix a mistake introduced by r343291, which ported the vmx(4)
driver to iflib.
In case of TSO, the hlen field of the (first) tx descriptor must
be initialized to the cumulative length of Ethernet, IP and TCP
headers. The length of the TCP header was missing.
Cy Schubert [Mon, 20 Jan 2020 13:46:09 +0000 (13:46 +0000)]
MFC r356676:
Unbound's config.h is manually maintained, using a ./configure produced
config.h as a guide. In practice contributed software maintains a copy
of config.h within its build directory tree containing its Makefile.
usr.sbin/unbound is the home for its config.h.
John Baldwin [Sat, 18 Jan 2020 23:46:30 +0000 (23:46 +0000)]
MFC 356274: Some minor tweaks to arch(7).
- Drop mention of _LP64. FreeBSD's source generally uses __LP64__
instead of _LP64, and the relevant macros are better covered in the
"Predefined Macros" section.
- Fix a noun/verb disagreement.
John Baldwin [Sat, 18 Jan 2020 23:42:57 +0000 (23:42 +0000)]
MFC 356209: Formatting fixes for tables, no content changes.
- Add missing .Pp after the end of some lists so that there is a blank
line before the subsequent paragraph.
- Use a more typical '-tag' bullet list of the make variable descriptions
at the end. This adds separation between bullets and is the formatting
typically used in manpages for this sort of list.
John Baldwin [Sat, 18 Jan 2020 23:30:42 +0000 (23:30 +0000)]
MFC 355866,355871: Update the crypto(4) and crypto(9) manpages.
355866:
Update the crypto(4) and crypto(9) manpages.
There are probably bits that are still wrong, but this fixes some
things at least:
- Add named arguments to the functions in crypto(9).
- Add missing algorithms.
- Don't mention arguments that don't exist in crypto_register.
- Add CIOGSESSION2.
- Remove CIOCNFSESSION.
- Clarify some stale language that assumed an fd had only one sesson.
- Note that you have to use CRIOGET and add a note in BUGS lamenting
that one has to use CRIOGET.
- Various other cleanups.
John Baldwin [Sat, 18 Jan 2020 23:26:15 +0000 (23:26 +0000)]
MFC 355634: Emulate reads of the PCI command register for passthrough devices.
VFs return zero for the memory enable bit even if it has been set by a
prior write. After r348779 this caused the annoying behavior that a
guest OS would unintentionally disable memory decoding on a future
read-modify-write operation on the command register. Instead, return
the shadow value of the command register for reads. This ensures that
the guest will only toggle the state of the memory enable bit when it
specifically intends to do so.
Ian Lepore [Fri, 17 Jan 2020 22:24:56 +0000 (22:24 +0000)]
MFC r356574:
Remove scary-looking printf output that happens when you kldload dtrace on
arm. Replace it with a comment block explaining why the function is empty
on 32-bit arm.
John Baldwin [Fri, 17 Jan 2020 21:57:05 +0000 (21:57 +0000)]
MFC 353931: Fix atomic_*cmpset32 on riscv64 with clang.
The lr.w instruction used to read the value from memory sign-extends
the value read from memory. GCC sign-extends the 32-bit comparison
value passed in whereas clang currently does not. As a result, if the
value being compared has the MSB set, the comparison fails for
matching 32-bit values when compiled with clang.
Use a cast to explicitly sign-extend the unsigned comparison value.
This works with both GCC and clang.
There is commentary in the RISC-V spec that suggests that GCC's
approach is more correct, but it is not clear if the commentary in the
RISC-V spec is binding.
r356086:
Add comments to a couple i2c device lines in NOTES.
r356278:
Add support for i2c bus mux hardware.
An i2c bus can be divided into segments which can be selectively connected
and disconnected from the main bus. This is usually done to enable using
multiple slave devices having the same address, by isolating the devices
onto separate bus segments, only one of which is connected to the main bus
at once.
There are several types of i2c bus muxes, which break down into two general
categories...
- Muxes which are themselves i2c slaves. These devices respond to i2c
commands on their upstream bus, and based on those commands, connect
various downstream buses to the upstream. In newbus terms, they are both
a child of an iicbus and the parent of one or more iicbus instances.
- Muxes which are not i2c devices themselves. Such devices are part of the
i2c bus electrically, but in newbus terms their parent is some other
bus. The association with the upstream bus must be established by
separate metadata (such as FDT data).
In both cases, the mux driver has one or more iicbus child instances
representing the downstream buses. The mux driver implements the iicbus_if
interface, as if it were an iichb host bridge/i2c controller driver. It
services the IO requests sent to it by forwarding them to the iicbus
instance representing the upstream bus, after electrically connecting the
upstream bus to the downstream bus that hosts the i2c slave device which
made the IO request.
The net effect is automatic mux switching which is transparent to slaves on
the downstream buses. They just do i2c IO they way they normally do, and the
bus is electrically connected for the duration of the IO and then idled when
it is complete.
The existing iicbus_if callback() method is enhanced so that the parameter
passed to it can be a struct which contains a device_t for the requesting
bus and slave devices. This change is done by adding a flag that indicates
the extra values are present, and making the flags field the first field of
a new args struct. If the flag is set, the iichb or mux driver can recast
the pointer-to-flags into a pointer-to-struct and access the extra
fields. Thus abi compatibility with older drivers is retained (but a mux
cannot exist on the bus with the older iicbus driver in use.)
A new set of core support routines exists in iicbus.c. This code will help
implement mux drivers for any type of mux hardware by supplying all the
boilerplate code that forwards IO requests upstream. It also has code for
parsing metadata and instantiating the child iicbus instances based on it.
Two new hardware mux drivers are added. The ltc430x driver supports the
LTC4305/4306 mux chips which are controlled via i2c commands. The
iic_gpiomux driver supports any mux hardware which is controlled by
manipulating the state of one or more gpio pins. Test Plan
Tested locally using a variety of mux'd bus configurations involving both
ltc4305 and a homebrew gpio-controlled mux. Tested configurations included
cascaded muxes (unlikely in the real world, but useful to prove that 'it all
just works' in terms of the automatic switching and upstream forwarding of
IO requests).
r356294:
Explicitly include sys/rman.h instead of relying on getting it via some
other header.
r356519:
Ensure any reserved gpio pins get released if an early exit is taken
from the attach function.
r356521:
Init sc->maxbus to -1, not 0. It represents the highest array index that
has a non-NULL child bus stored in it, so the "none" value can't be zero
since that's a valid array index. Also, when adding all possible buses
because there is no specific per-bus config, there's no need to reset
sc->maxbus on each loop iteration, it can be set once after the loop.
r356522:
Change some KASSERT to device_printf + return EINVAL. There's no need to
bring the whole kernel down due to a configuration error detected when a
module is loaded, it suffices to just not attach the device.
r356525:
Split the code to find and add iicbus children out to its own function.
Move the decision to take an early exit from that function after adding
children based on FDT data into the #ifdef FDT block, so that it doesn't
offend coverity's notion of how the code should be written. (What's the
point of compilers optimizing away dead code if static analyzers won't
let you use the feature in conjuction with an #ifdef block?)
Reported by: coverity via vangyzen@
r356526:
Remove some trailing whitespace; no functional changes.
r354709:
Rewrite arm/stack_machdep.c for EABI; add stack(9) support to arm kernels.
The old stack_machdep.c code was written for the APCS ABI (aka "oldabi").
When we switched to ARM EABI (back in freebsd 10) this file never got
updated, and apparently nobody noticed that until now.
The new implementation uses the same stack unwinder code used by the
arm implemenation of the db_trace stuff.
r354710:
Compile in arm/unwind.c if options STACK is in effect; the new arm stack(9)
code now uses unwind.c.
r355069:
When doing ARM stack unwinding as part of stack_save(9), do not search
loaded modules (pass 0/false for the can_lock arg). Searching the unwind
info in modules acquires an exclusive sxlock, and the stack(9) functions can
be called in a context where unbounded sleeps are forbidden (such as from
the witness checkorder code).
Just ignoring the existence of modules in stack_save() is not ideal, so I'm
looking for a better solution, but this commit will make it possible to boot
an ARM kernel with WITNESS enabled again, until I get something better.
PR: 242200
r355439:
Declare the global kernel symbols created by ldscript.arm in arm's machdep.h,
and remove a couple scattered local declarations.
Most of these aren't referenced in C code (there are some references in
asm code), and they also aren't documented anywhere. This helps a bit
with the latter.
r355780:
Rewrite arm kernel stack unwind code to work when unwinding through modules.
The arm kernel stack unwinder has apparently never been able to unwind when
the path of execution leads through a kernel module. There was code that
tried to handle modules by looking for the unwind data in them, but it did
so by trying to find symbols which have never existed in arm kernel
modules. That caused the unwind code to panic, and because part of panic
handling calls into the unwind code, that just created a recursion loop.
Locating the unwind data in a loaded module requires accessing the Elf
section headers to find the SHT_ARM_EXIDX section. For preloaded modules
those headers are present in a metadata blob. For dynamically loaded
modules, the headers are present only while the loading is in progress; the
memory is freed once the module is ready to use. For that reason, there is
new code in kern/link_elf.c, wrapped in #ifdef __arm__, to extract the
unwind info while the headers are loaded. The values are saved into new
fields in the linker_file structure which are also conditional on __arm__.
In arm/unwind.c there is new code to locally cache the per-module info
needed to find the unwind tables. The local cache is crafted for lockless
read access, because the unwind code often needs to run in context where
sleeping is not allowed. A large comment block describes the local cache
list, so I won't repeat it all here.
r356273:
Since arm/unwind.c s conditionally compiled, only call functions in it
when one of those conditions is true. Fixes build failure on kernel
configs with no debugging options active.
r356472:
Add #ifdef option-test wrappers around another call to an arm/unwind.c
function which is only compiled-in with certain options.
Why is it always the most trivial part of a big commit that takes 3 tries
to get right?
netmap: disable passthrough with no hypervisor support
The netmap passthrough subsystem requires proper support in the
hypervisor. In particular, two PCI device ids (from the Red Hat
PCI vendor id 0x1b36) need to be assigned to the two netmap
virtual devices. We then disable these devices until the ids have
not been assigned, in order to avoid conflicts with other
virtual devices emulated by upstream QEMU.
MFC r356545:
Fix a XHCI driver issue with Intel's Gemini Lake SOC.
Do not configure any endpoint twice, but instead keep track of which
endpoints are configured on a per device basis, and use an evaluate
endpoint context command instead. When changing the configuration make
sure all endpoints get deconfigured and the configured endpoint mask
is reset.
This fixes an issue where an endpoint might stop working if there is
an error and the endpoint needs to be reconfigured as a part of the
error recovery mechanism in the FreeBSD USB stack.
Dimitry Andric [Thu, 16 Jan 2020 07:02:09 +0000 (07:02 +0000)]
MFC r356701:
Merge commit f46ba4f07 from llvm git (by Simon Atanasyan):
[mips] Use less registers to load address of TargetExternalSymbol
There is no pattern matched `add hi, (MipsLo texternalsym)`. As a
result, loading an address of 32-bit symbol requires two registers
and one more additional instruction:
```
addiu $1, $zero, %lo(foo)
lui $2, %hi(foo)
addu $25, $2, $1
```
This patch adds the missed pattern and enables generation more
effective set of instructions:
```
lui $1, %hi(foo)
addiu $25, $1, %lo(foo)
```
Merge commit 59bb3609f from llvm git (by Simon Atanasyan):
[mips] Fix 64-bit address loading in case of applying 32-bit mask to
the result
If result of 64-bit address loading combines with 32-bit mask, LLVM
tries to optimize the code and remove "redundant" loading of upper
32-bits of the address. It leads to incorrect code on MIPS64 targets.
MIPS backend creates the following chain of commands to load 64-bit
address in the `MipsTargetLowering::getAddrNonPICSym64` method:
```
(add (shl (add (shl (add %highest(sym), %higher(sym)),
16),
%hi(sym)),
16),
%lo(%sym))
```
If the mask presents, LLVM decides to optimize the chain of commands.
It really does not make sense to load upper 32-bits because the
0x0fffffff mask anyway clears them. After removing redundant commands
we get this chain:
```
(add (shl (%hi(sym), 16), %lo(%sym))
```
There is no patterns matched `(MipsHi (i64 symbol))`. Due a bug in
`SYM_32` predicate definition, backend incorrectly selects a pattern
for a 32-bit symbols and uses the `lui` instruction for loading
`%hi(sym)`.
As a result we get incorrect set of instructions with unnecessary
16-bit left shifting:
```
lui at,0x0
R_MIPS_HI16 foo
dsll at,at,0x10
daddiu at,at,0
R_MIPS_LO16 foo
```
This patch resolves two problems:
- Fix `SYM_32/SYM_64` predicates to prevent selection of patterns
dedicated to 32-bit symbols in case of using N64 ABI.
- Add missed patterns for 64-bit symbols for `%hi/%lo`.
For libssp.so, rebuild stack_protector.c with FORTIFY_SOURCE stubs that just
abort built into it.
For libssp_nonshared.a, steal stack_protector_compat.c from
^/lib/libc/secure and massage it to maintain that __stack_chk_fail_local
is a hidden symbol.
libssp is now built unconditionally regardless of {WITH,WITHOUT}_SSP in the
build environment, and the gcclibs version has been disconnected from the
build in favor of this one.
The LSB 4.1 that I referenced omitted the varargs, and I failed to catch it.
The __vsnprintf_chk error was from just downright misreading the page. GCC6
caught all of these, but I had only tested GCC4.2.
r356422:
Update libssp paths in various Makefile.depend* files
I've been advised that the model that uses these are fairly resilient, but
we do know the proper path to use (or remove, in the case of ^/targets/...),
so go ahead and update them to reflect that.
Kyle Evans [Thu, 16 Jan 2020 03:16:08 +0000 (03:16 +0000)]
MFC r356688, r356694: tap(4) manpage improvements
r356688:
Install tap(4) manpage as vmnet(4) as well
If one comes across a vmnet interface, this is a useful pointer to have
towards what it actually is if they're otherwise unfamiliar.
r356694:
tap(4): also note that we drop configured addresses
This provides a specific pointer for users of tap(4) to understand why their
interfaces are losing their addresses, and specifically how to workaround
this if they need different behavior.
This manpage received a .Dd bump earlier today in r35688, so no bump occurs
this time.
Kyle Evans [Thu, 16 Jan 2020 03:14:01 +0000 (03:14 +0000)]
MFC r356649: regulator: small enhancements to regulator_shutdown
Highlights:
- Exit early if we're not disabling unused regulators; there's no need to
take the regulator topology lock and re-evaluate this every iteration, as
it's not going to change.
- Don't emit a notice that we're shutting down a regulator if it's not
enabled, to reduce noise.
- Mention the outcome of the shutdown, to aide debugging and easily let
developer/user collect list of regulators we actually shutdown to
determine problematic one.
Kyle Evans [Thu, 16 Jan 2020 03:11:25 +0000 (03:11 +0000)]
MFC r356538: stand/fdt: Scale blob size better as overlays apply
Currently, our overlay blob will grow to include the size of the complete
overlay blob we're applying. This doesn't scale very well with a lot of
overlays- they tend to include a lot of overhead, and they will generally
only add a fraction of their total size to the blob they're being applied
to.
To combat this, pack the blob as we apply new overlays and keep track of how
many overlays we've applied. Only ubldr has any fixups to be applied after
overlays, so we only need to re-pad the blob in ubldr. Presumably the
allocation won't fail since we just did a lot worse in trying to apply
overlays and succeeded.
I have no intention of removing the padding in make_dtb.sh. There might be
an argument to be had over whether it should be configurable, since ubldr
*is* the only loader that actually has fixups to be applied and we can do
this at runtime, but I'm not too concerned about this.
This diff has been sitting in Phabricator for a year and a half, but I've
decided to flush it as it does make sure that we're scaling the blob
appropriately and leave room at the end for fixups in case of some freak
circumstance where applying overlays leaves us with a blob of insufficient
size.
Alexander Motin [Tue, 14 Jan 2020 00:50:30 +0000 (00:50 +0000)]
MFC r356240: Relax locking of carp_forus().
This fixes deadlock between CARP and bridge. Bridge calls this function
taking CARP lock while holding bridge lock. Same time CARP tries to send
its announcements via the bridge while holding CARP lock.
Use of CARP_LOCK() here does not solve anything, since sc_addr is constant
while race on sc_state is harmless and use of the lock does not close it.