julian [Mon, 24 Aug 2015 03:51:18 +0000 (03:51 +0000)]
MFH: r284691
MFH: r284920
Remove 16 rules and replace by 2 by using a table.
I've been doing this ever since there were tables.
I could make more efficient by using "in recv" and "out xmit" instead of via
but I'll leave that.
Validate most pw inputs.
Rewrite the way parsing sub arguments is made to simplify code and improve
maintenability
Add -y (NIS) to userdel/usermod
pw userdel -r <rootdir> now deletes directories in the rootdir
Only parse pw.conf when needed
Reject usermod and userdel if the user concerned is not on the user database
supposed to be manipulated
ian [Sun, 23 Aug 2015 20:50:22 +0000 (20:50 +0000)]
MFC r283547:
Ensure that all arm kernel configs contain ALT_BREAK_TO_DEBUGGER and not
BREAK_TO_DEBUGGER if they have a serial console (most do). A burst of
serial line noise (such as unplugging a usb serial adapter) can look like
a break and drop a working system into the debugger. The alt break sequence
(<CR>~^B) works fine on both serial and non-serial consoles.
Add compatible strings for all the hardware this driver works with.
Also, move the READ/WRITE bus space access macros from the header into the
source file, and rename them to RD2/WR2 to make it clear they're 16-bit
accessors. (READ/WRITE just don't seem like good names to be in a public
header file.)
Make the imx watchdog actually work, by setting WDOG_CR_WDE (enable bit).
Also, follow the rules from watchdog(9) about what values to return in
various situations (especially, don't touch *error when asked to set a
non-zero timeout that isn't achievable on the hardware).
Enable the watchdog driver on imx6, now that it works.
ian [Sun, 23 Aug 2015 18:03:43 +0000 (18:03 +0000)]
MFC r286701:
If a specific timecounter has been chosen via sysctl, and a new
timecounter with higher quality registers (presumably in a module that has
just been loaded), do not undo the user's choice by switching to the new
timecounter.
Document that behavior, and also the fact that there is no way to
unregister a timecounter (and thus no way to unload a module containing
one).
ian [Sun, 23 Aug 2015 17:54:48 +0000 (17:54 +0000)]
Always compile in PPS capture. Use the same device name used in 11-current.
This is a direct commit to 10-stable because the corresponding changes in 11
are bound up with all the device-tree rework for beaglebone. This somewhat
aligns the features between the two branches, from a user's perspective.
mav [Sat, 22 Aug 2015 15:36:20 +0000 (15:36 +0000)]
MFC r285020: Disable port multiplier support on Marvell 88SE61xx chips.
According to report, some recent unrelated changes in the driver triggered
timeouts when testing for absent port multiplier. Cause of this behavior
channge is unclear, but since these chips are old, rare and buggy, it is
easier to just disable port multiplier support, same as done in Linux.
mav [Sat, 22 Aug 2015 07:45:49 +0000 (07:45 +0000)]
MFC r286448: Disable 32-bit PIO for 6Gbit/s Intel SATA controllers.
For some reason 32-bit PIO writes are not working on 6Gbit/s Intel SATA
ports, while 16/32-bit PIO reads and 16-bit PIO writes are working fine.
3Gbit/s ports on the same controllers have no this problem.
Workaround this by disabling 32-bit PIO for all Intel controllers that may
have 6Gbit/s ports. It halves PIO performance from 6MB/s to 3MB/s, but
who bother about speed of such rare and slow mode, which is also highly
discouraged by SATA specifications?
ed [Thu, 20 Aug 2015 08:34:13 +0000 (08:34 +0000)]
MFC r285742:
Unbreak "last reboot".
According to the last(1) man page, the "reboot" pseudo-user should print
all system reboot entries. This got broken by the utmpx import, as
records are typed.
Re-add support for "last reboot" by specifically matching against
SHUTDOWN_TIME and BOOT_TIME records.
delphij [Wed, 19 Aug 2015 18:32:36 +0000 (18:32 +0000)]
Instant-MFC r286933:
Issue warning and refuse to proceed further if the configured
repository signature_type is unsupported by bootstrap pkg(7).
Previously, when signature_type specified an unsupported method,
the bootstrap pkg(7) would proceed like when signature_type is
"none". MITM attackers may be able to use this vulnerability and
bypass validation and install their own versions of pkg(8).
At this time, only fingerprint and none are supported by the
bootstrap pkg(7).
FreeBSD's official pkg(8) repository uses the fingerprint method
and is therefore unaffected.
mav [Wed, 19 Aug 2015 17:43:36 +0000 (17:43 +0000)]
MFC r286345: Relax serialization of SYNCHRONIZE CACHE commands.
Before this change SYNCHRONIZE CACHE commands were executed exclusively,
as if they had ORDERED tag. But looking through SCSI specs I've found
no any reason to be so strict. For reads this ordering seems pointless.
For writes it looks less obvious, so I left ordering against preceeding
write commands, while following ones are no longer required to wait.
mav [Wed, 19 Aug 2015 17:41:49 +0000 (17:41 +0000)]
MFC r286320: Issue all reads of single XCOPY segment simultaneously.
During vMotion and Clone VMware by default runs multiple sequential 4MB
XCOPY requests same time. If CTL issues reads sequentially in 1MB chunks
for each XCOPY command, reads from different commands are not detected
as sequential by serseq option code and allowed to execute simultaneously.
Such read pattern confused ZFS prefetcher, causing suboptimal disk access.
Issuing all reads same time make serseq code work properly, serializing
reads both within each XCOPY command and between them.
My tests with ZFS pool of 14 disks in RAID10 shows prefetcher efficiency
improved from 37% to 99.7%, copying speed improved by 10-60%, average
read latency reduced twice on HDD layer and by five times on zvol layer.
np [Tue, 18 Aug 2015 19:04:55 +0000 (19:04 +0000)]
MFC r285648:
cxgbe(4): Ask the firmware for the start of the RSS slice for a port and
save it for later. This enables direct manipulation of the indirection
tables (although the stock driver doesn't do that right now).
np [Tue, 18 Aug 2015 18:54:45 +0000 (18:54 +0000)]
MFC r285527 and r286338. This takes the firmware from 1.11.27.0 to 1.14.4.0.
r286338:
cxgbe(4): Update T5 and T4 firmwares bundled with the driver to 1.14.4.0. The
changes in the firmwares since 1.11.27.0 are listed here (straight copy-paste
from the "Release Notes.txt" accompanying the Chelsio Unified Wire 2.11.1.0
release on the website).
Version : 1.14.4.0
Date : 08/05/2015
================================================================================
FIXES
-----
BASE:
- Fixes a potential data path hang by properly programming PMTX congestion
threshold settings.
- Fixes a potential initialization error when accessing a configuration file
stored on the flash.
- Fixes a regression where SGE resources can be miss-sized if iWARP is disabled.
ETH:
- Fixes a timing issue that would prevent CR4 links from coming up with some
switches.
FOFCoE:
- Defers fcoe linkdown mailbox command handling till LOGO is sent.
- Updates vlan prio for all outstanding IOs during dcbx update.
ENHANCEMENTS
------------
BASE:
- Adds support for PAUSE OFF watchdog.
- Reports devlog access information in PCIE_FW_PF register 7.
ETH:
- Enhances segmentation offload to include VxLAN and Geneve.
- Adds PTP support.
- Adds new interface to allow the driver to query the VI rss table base
addresses.
- Allows the driver to program the SGE ingrext contxt CongDrop field.
OFLD:
- Adds new interface for the driver to specify offloaded connections TCP snd
and rcv scale factors.
iSCSI:
- Adds support for iscsi segmentatation offload (ISO).
- Adds support for iscsi t10-dif offload.
FOiSCSI:
- Sets FORCE_BIT for cut through processing for FOiSCSI.
FOFCoE:
- Adds support for FCoE BB6.
- Improves WRITE performance.
Version : 1.13.32.0
Date : 03/25/2015
================================================================================
FIXES
-----
BASE:
- Fixes FW_CAPS_CONFIG_CMD return value on error (was positive instead of
negative)
- Fixes FW_PARAMS_PARAM_DEV_FLOWC_BUFFIFO_SZ indication (was wrong on certain
adapter configurations)
- Fixes config file based PL_TIMEOUT register programming
ETH:
- Fixes a potential EO UDP SEG header corruption
- Fixes an issue where 1000Base-X was not enabled correctly when using QSA
modules
OFLD:
- Fixes timeout issue with half-open connections
- Fixes FW_FLOWC_WR processing when state is set to finwait1
FOFCoE:
- Fixes fcoe xchg leaks in linkdown/peer down path
- Fixes cleanup in FCoE linkdown and fixed buf timer flowid abuse
- Fixes fw crash by clearing fcf flowc during bye
FOiSCSI:
- Don't create a new tcp socket if ERL0 attempt has timed out.
ENHANCEMENTS
------------
BASE:
- Adds support for VFs on PFs 4 to 7
- Adds support for QPs/CQs on any physical and virtual function
ETH:
- Stops sending LACP frames on loopback interface
- Adds an AUTOEQU indication to CPL_SGE_EGR_UPDATE
- Adds support for CR4 links (BEAN/AEC on 40G TwinAx cables)
OFLD:
- Improves default settings of LAN and CLUSTER TCP timer settings
- Sends Negative Advice CPLs to software
FOISCSI:
- Adds IPv6 support for foiscsi. Keeps backward compatibility with
old foiscsi drivers which doesn't support ipv6.
Version : 1.12.25.0
Date : 10/22/2014
================================================================================
FIXES
-----
BASE:
- Improves precision of the Weight Round Robing Traffic Management Algorithm
- Fixes an issue where the link would intermittently fail to come up
- Fixes an issue where adapters with an external PHY couldn't run at 100Mbps
- Fixes an issue where active optical cables were not recognized
- Fixes link advertising issues on T520-BT (speed and pause frames) that would
cause the link to negotiate unexpected settings
- Forces link restart when auto-negotiation is disabled
- Fix an issue where pause frames wouldn't be fully disabled even if requested
DCBX:
- Fixes an issue where some settings were not being sent to the switch
correctly
- Fixes an issue where back-to-back DCBX port updates could get overwritten by
FW
- Fixes a firmware crash on DCBX APP information request before link up
FOiSCSI:
- Fixes abort task leak in tmf response handling
- Fixes TCP RST handling while in iSCSI ERL0
- Fixes a firmware crash on BYE without INIT
ENHANCEMENTS
-------------
BASE:
- Adds link partner settings reporting when available
- Adds QSA support (in conjunction with QSA VPD)
- Adds T520-BT LED support
- Reports NOTSUPPORTED for modules with an unhandled identifier
DCBX:
- Adds version reporting (indicating which version FW is trying to negotiate)
- Adds IEEE support
- Reports LLDP time outs
FOiSCSI:
- Add support for multiple iSCSI DDP client
- Sends DHCP renew request when lease expires
Version : 1.14.4.0
Date : 08/05/2015
================================================================================
FIXES
-----
BASE:
- Fixes a potential initialization error when accessing a configuration file
stored on the flash.
- Initialize PCIE_DBG_INDIR_REQ.Enable to 0, as hardware failed to do so and
register dumps could result in errors.
ETH:
- Fixes an issue that sometimes prevented the link from coming up in CR adapters.
ENHANCEMENTS
------------
BASE:
- Adds support for PAUSE OFF watchdog.
- Reports devlog access information in PCIE_FW_PF register 7.
ETH:
- Adds new interface to allow the driver to query the VI rss table base
addresses.
OFLD:
- Adds new interface for the driver to specify offloaded connections TCP snd
and rcv scale factors.
Version : 1.12.25.0
Date : 10/22/2014
================================================================================
FIXES
-----
BASE:
- Improves precision of the Weight Round Robing Traffic Management Algorithm
- Forces link restart when auto-negotiation is disabled
- Fix an issue where pause frames wouldn't be fully disabled even if requested
DCBX:
- Fixes an issue where some settings were not being sent to the switch
correctly
- Fixes an issue where back-to-back DCBX port updates could get overwritten by
FW
- Fixes a firmware crash on DCBX APP information request before link up
FOiSCSI:
- Fixes abort task leak in tmf response handling
- Fixes TCP RST handling while in iSCSI ERL0
- Fixes a firmware crash on BYE without INIT
ENHANCEMENTS
------------
BASE:
- Adds link partner settings reporting when available
- Firmware now reports NOTSUPPORTED for modules with an unhandled identifier
DCBX:
- Adds version reporting (indicating which version FW is trying to negotiate)
- Adds IEEE support
- Reports LLDP time outs
FOiSCSI:
- Adds support for multiple iSCSI DDP clients
- Sends DHCP renew request when lease expires
loos [Mon, 17 Aug 2015 18:43:39 +0000 (18:43 +0000)]
MFC r286140:
Remove the sleep from the buffer allocation routine.
The buffer must be allocated (or even changed) before the interface is set
and thus, there is no need to verify if the buffer is in use.
MFC r286142:
Remove two unnecessary sleeps from the hot path in bpf(4).
The first one never triggers because bpf_canfreebuf() can only be true for
zero-copy buffers and zero-copy buffers are not read with read(2).
The second also never triggers, because we check the free buffer before
calling ROTATE_BUFFERS(). If the hold buffer is in use the free buffer
will be NULL and there is nothing else to do besides drop the packet. If
the free buffer isn't NULL the hold buffer _is_ free and it is safe to
rotate the buffers.
Update the comment in ROTATE_BUFFERS macro to match the logic described
here.
While here fix a few typos in comments.
MFC r286243:
Add a KASSERT() to make sure we wont rotate the buffers twice (rotate the
buffers while the hold buffer is in use).
loos [Mon, 17 Aug 2015 18:21:18 +0000 (18:21 +0000)]
MFC r286139:
Do not allocate the buffers at opening of the descriptor, because once
the buffer is allocated we are committed to a particular buffer method
(BPF_BUFMODE_BUFFER in this case).
If we are using zero-copy buffers, the userland program must register its
buffers before set the interface.
If we are using kernel memory buffers, we can allocate the buffer at the
time that the interface is being set.
This fix allows the usage of BIOCSETBUFMODE after r235746.
Update the comments to reflect the recent changes.
ed [Mon, 17 Aug 2015 12:51:46 +0000 (12:51 +0000)]
MFC r285715:
Add an API for easily creating userspace threads in kernelspace.
This change refactors the existing create_thread() function to be more
generic. It replaces almost all of its arguments by a callback that can
be used to extract the thread ID and copy it out to the right place, but
also to perform additional initialization steps, such as setting the
trapframe. This also makes the difference between thr_new() and
thr_create() more clear in my opinion.
This function is going to be used by the CloudABI compatibility layer.
It looks like the OpenSolaris compatibility framework already provides a
function called thread_create(). Rename this function to
do_thread_create() and use a macro to deal with the namespacing
conflict. A similar approach is already used for thread_exit().
glebius [Mon, 17 Aug 2015 10:03:23 +0000 (10:03 +0000)]
Merge r283612:
Add SIOCGI2C ioctl support to the driver. Would work only on ConnectX-3
with fresh firmware. The low level code is based on code provided by
Mellanox.
Thanks to Mellanox and their distributor Must (http://mustcompany.ru)
for providing hardware.
In collaboration with: Andre Melkoumian <andre mellanox.com>
Reviewed by: hselasky
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
Add support for reading i2c SFP/SFP+ data from NIC driver and
presenting most interesting fields via ifconfig -v.
This version supports Intel ixgbe driver only.
Tested on: Cisco,Intel,Mellanox,ModuleTech,Molex transceivers
* Add new net/sff8436.h containing constants used to access
QSFP+ data via i2c inteface. These constants has been taken
from SFF-8436 "QSFP+ 10 Gbs 4X PLUGGABLE TRANSCEIVER" standard
rev 4.8.
* Add support for printing QSFP+ information from 40G NICs
such as Chelsio T5.
edwin [Thu, 13 Aug 2015 23:59:53 +0000 (23:59 +0000)]
MFC of 286750,tzdata10:
Update to tzdata2015f:
Changes affecting future time stamps
North Korea switches to +0830 on 2015-08-15. (Thanks to Steffen Thorsen.)
The abbreviation remains "KST". (Thanks to Robert Elz.)
Uruguay no longer observes DST. (Thanks to Steffen Thorsen and Pablo Camargo.)
Changes affecting past and future time stamps
Moldova starts and ends DST at 00:00 UTC, not at 01:00 UTC. (Thanks to Roman Tudos.)
pfg [Thu, 13 Aug 2015 01:02:57 +0000 (01:02 +0000)]
MFC r286074:
GCC: Add a new option "-fstack-protector-strong"
This includes additional functions to be protected: those that
have local array definitions, or have references to local frame
addresses. This is a new option in GCC-4.9 that was relicensed
by Han Shen from Google under GPLv2.
imp [Wed, 12 Aug 2015 16:53:37 +0000 (16:53 +0000)]
Direct commit
When compiling on -current from r284356 to r285986, the host's
crunchgen can't be used because builds of rescue break when STRIP= was
used to prevent stripping of binaries. Direct commit because -current
code is different. Building 10 on current is common enough to warrnat
a safety belt since this has been broken for two months. The offending
change was never in stable/10.
rmacklem [Sat, 8 Aug 2015 22:06:07 +0000 (22:06 +0000)]
MFC: r285260
Since the case where secflavor < 0 indicates the security flavor is
to be negotiated, it could be a Kerberized mount. As such, filling
in the "principal" argument using the canonized host name makes sense.
If it is negotiated as AUTH_SYS, the "principal" argument is meaningless
but harmless.
pfg [Wed, 5 Aug 2015 18:52:40 +0000 (18:52 +0000)]
MFC r285720:
libusb: Fix minor warning.
Fix a warning triggered by the gcc + FORTIFY_SOURCE patches:
In function 'libusb20_parse_config_desc': lib/libusb/libusb20_desc.c:141:
warning: passing argument 1 of 'memcpy' discards qualifiers from pointer
target type
MFC r285888:
Build debug version of rmlock's methods only when LOCK_DEBUG > 0.
Currently LOCK_DEBUG is always defined in sys/lock.h (0 or 1).
This means that debugging code always built. In addition the kernel
modules have always defined LOCK_DEBUG as 1. So, debugging rmlock code
is always used by kernel modules.
kib [Wed, 5 Aug 2015 08:17:10 +0000 (08:17 +0000)]
Implement x86 ptrace(2) requests PT_{GET,SET}{FS,GS}BASE.
MFC r284918:
Add helper fill_based_sd(9).
MFC r284919:
Add x86 PT_GETFSBASE, PT_GETGSBASE machine-depended ptrace requests to
obtain the thread %fs and %gs bases. Add x86 PT_SETFSBASE and
PT_SETGSBASE requests to set the bases from debuggers. The set
requests, similarly to the sysarch({I386,AMD64}_SET_FSBASE), override
the corresponding segment registers.
MFC r284965:
Document x86 machine-specific ptrace(2) requests.
MFC r285011:
Disallow a debugger on 64bit system to set fs/gs bases of the 32bit
process beyond the end of the process address space.
davidcs [Wed, 5 Aug 2015 00:00:06 +0000 (00:00 +0000)]
MFC r285973
- Avoid lock contention in the if_transmit callback by using trylock and
enqueueing the frames when it fails. This way there is some latency
removed from the transmitting path.
- If IFF_DRV_OACTIVE is set (and also if IFF_DRV_RUNNING is not) just
enqueue the desired frames and return successful transmit. This way we
avoid to return errors on transmit side and resulting in
possible out-of-order frames. Please note that IFF_DRV_OACTIVE is set
everytime we get the threshold ring hit, so this can be happening quite
often.
emaste [Tue, 4 Aug 2015 15:15:06 +0000 (15:15 +0000)]
MFC r281581: vidcontrol: make size argument optional again for syscons
r273544 (MFC in r273921) changed the -f option allow no arguments in vt
mode (used to reset the font back to the default), but broke the
optionality of the size argument for syscons. Drop the required argument
from syscons' optstring for -f so the optional argument handler works
the same way for both syscons and vt.
r284988:
cxgbe(4): request an automatic tx update when a netmap tx queue idles.
The NIC tx queues already do this.
r285220:
cxgbe(4): Do not override the the global defaults for congestion drops.
The hw.cxgbe.cong_drop knob is not affected by this change because the
driver sets up congestion drop on a per-queue basis.
r285221:
cxgbe(4): Add a new knob that controls the congestion response of netmap
rx queues. The default is to drop rather than backpressure.
This decouples the congestion settings of NIC and netmap rx queues.
r284445:
cxgbe(4): Add the ability to dump mailbox commands and replies. It is
enabled/disabled via bit 0 of adapter->debug_flags (which is available
at dev.t5nex.<n>.debug_flags).
r286107:
cxgbe(4): initialize debug_flags from the kernel environment.