Many compilers may optimize away the overflow check `msg + l < msg',
where `msg' is a pointer and `l' is an integer, because pointer
overflow is undefined behavior in C.
Use a safe precondition test `l >= eom - msg' instead.
hselasky [Tue, 12 Aug 2014 11:45:57 +0000 (11:45 +0000)]
- Fix radix tree memory leakage when unloading modules using radix
trees. This happens because the logic inserting items into the radix
tree is allocating empty radix levels, when index zero does not
contain any items.
- Add proper error case handling, so that the radix tree does not end
up in a bad state, if memory cannot be allocated during insertion of
an item.
- Add check for inserting NULL items into the radix tree.
- Add check for radix tree getting too big.
kib [Tue, 12 Aug 2014 09:33:00 +0000 (09:33 +0000)]
Revision r269457 removed the Giant around mount and unmount code, but
r269533, which was tested before r269457 was committed, implicitely
relied on the Giant to protect the manipulations of the softdepmounts
list. Use softdep global lock consistently to guarantee the list
structure now.
Insert the new struct mount_softdeps into the softdepmounts only after
it is sufficiently initialized, to prevent softdep_speedup() from
accessing bare memory. Similarly, remove struct mount_softdeps for
the unmounted filesystem from the tailq before destroying structure
rwlock.
Reported and tested by: pho
Reviewed by: mckusick
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
ae [Tue, 12 Aug 2014 09:10:13 +0000 (09:10 +0000)]
Add sysctl and loader tunable kern.geom.part.mbr.enforce_chs that is set
by default. It can be used to disable automatic alignment to CHS geometry,
that GEOM_PART_MBR does.
alc [Mon, 11 Aug 2014 17:45:41 +0000 (17:45 +0000)]
Change {_,}pmap_allocpte() so that they look for the flag PMAP_ENTER_NOSLEEP
instead of M_NOWAIT/M_WAITOK when deciding whether to sleep on page table
page allocation. (The same functions in the i386/xen and mips pmap
implementations already use PMAP_ENTER_NOSLEEP.)
gjb [Mon, 11 Aug 2014 16:31:28 +0000 (16:31 +0000)]
In arm/release.sh, continue if 'xdev-links' target fails
where the target is not valid (stable/10), instead of doing
per-branch evaluation on if xdev-links needs to be invoked.
royger [Mon, 11 Aug 2014 15:37:02 +0000 (15:37 +0000)]
blkfront: add support for unmapped IO
Using unmapped IO is really beneficial when running inside of a VM,
since it avoids IPIs to other vCPUs in order to invalidate the
mappings.
This patch adds unmapped IO support to blkfront. The following tests
results have been obtained when running on a Xen host without HAP:
PVHVM
3165.84 real 6354.17 user 4483.32 sys
PVHVM with unmapped IO
2099.46 real 4624.52 user 2967.38 sys
This is because when running using shadow page tables TLB flushes and
range invalidations are much more expensive, so using unmapped IO
provides a very important performance boost.
imp [Mon, 11 Aug 2014 14:50:49 +0000 (14:50 +0000)]
Remove dependence on source tree options. Move all kernel module
options into kern.opts.mk and change all the places where we use
src.opts.mk to pull in the options. Conditionally define SYSDIR and
use SYSDIR/conf/kern.opts.mk instead of a CURDIR path. Replace all
instances of CURDIR/../../etc with STSDIR, but only in the affected
files.
As a special compatibility hack, include bsd.owm.mk at the top of
kern.opts.mk to allow the bare build of sys/modules to work on older
systems. If the defaults ever change between 9.x, 10.x and current for
these options, however, you'll wind up with the host OS' defaults
rather than the -current defaults. This hack will be removed when
we no longer need to support this build scenario.
ache [Mon, 11 Aug 2014 12:26:48 +0000 (12:26 +0000)]
Fix too long (seed length >12 chars) challenge handling.
1) " ext" length should be included into OPIE_CHALLENGE_MAX (as all places
of opie code expects that).
2) Overflow check in challenge.c is off by 1 even with corrected
OPIE_CHALLENGE_MAX
3) When fallback to randomchallenge() happens and rval is 0 (i.e.
challenge is too long), its value should be set to error state too.
To demonstrate the bug, run opiepasswd with valid seed:
opiepasswd -s 1234567890123456
and notice that it falls back to randomchallenge() (i.e. no 1234567890123456 in the prompt).
dumbbell [Sun, 10 Aug 2014 17:04:10 +0000 (17:04 +0000)]
vt(4): Colors are indexed against a console palette, not a VGA palette
Rename vt_generate_vga_palette() to vt_generate_cons_palette() and
change it to build a palette where the color index is the same than in
terminal escape codes, not the VGA index. That's what TCHAR_CREATE()
uses and passes to vt(4).
The main differences between both orders are:
o Blue and red are swapped (1 <-> 4)
o Yellow and cyan are swapped (3 <-> 6)
The problem remained unnoticed, because the RGB bit indexes passed to
vt_generate_vga_palette() were reversed. This inversion was cancelled
by the colors inversions in the generated palette. For instance, red
(0xff0000) and blue (0x0000ff) have bytes in opposite order, but were
swapped in the palette. But after changing the value of blue (see last
paragraph), the modified color was in fact the red one.
This commit includes a fix to creator_vt.c, submitted by Nathan
Whitehorn: fb_cmsize is set to 16. Before this, the generated palette
would be overwritte. This fixes colors on sparc64 with a Creator3D
adapter.
While here, tune the palette to better match console colors and improve
the readability (especially the dark blue).
Submitted by: nwhitehorn (fix to creator_vt.c)
MFC after: 1 week
kib [Sun, 10 Aug 2014 16:59:39 +0000 (16:59 +0000)]
On sparc64, do not keep mappings for the destroyed sf_bufs. Sparc64
pmap, unlike i386, and similar to i386/xen pv, does not tolerate
abandoned mappings for the freed pages.
Reported and tested by: dumbbell
Diagnosed and reviewed by: alc
Sponsored by: The FreeBSD Foundation
dumbbell [Sun, 10 Aug 2014 15:02:51 +0000 (15:02 +0000)]
vt(4): Add vtbuf_dirty*_locked() to lock vtbuf once, not twice
In several functions, vtbuf_putchar() in particular, the lock on vtbuf
is acquired twice:
1. once by the said functions;
2. once in vtbuf_dirty().
Now, vtbuf_dirty_locked() and vtbuf_dirty_cell_locked() allow to
acquire that lock only once.
This improves the input speed of vt(4). To measure the gain, a
50,000-lines file was displayed on the console using cat(1). The time
taken by cat(1) is reported below:
o On amd64, with vt_vga:
- before: 1.0"
- after: 0.5"
o On sparc64, with creator_vt:
- before: 13.6"
- after: 10.5"
dumbbell [Sun, 10 Aug 2014 14:55:39 +0000 (14:55 +0000)]
fbd: Fix a bug where vt_fb_attach() success would be considered a failure
vt_fb_attach() currently always returns 0, but it could return a code
defined in errno.h. However, it doesn't return a CN_* code. So checking
its return value against CN_DEAD (which is 0) is incorrect, and in this
case, a success becomes a failure.
The consequence was unimportant, because the caller (drm_fb_helper.c)
would only log an error message in this case. The console would still
work.
adrian [Sun, 10 Aug 2014 08:35:42 +0000 (08:35 +0000)]
Undo r195846 for now - allow raw frame transmit in monitor mode.
The original commit was supposed to stop the ability to do raw frame
injection in monitor mode to arbitrary channels (whether supported
by regulatory or not) however it doesn't seem to have been followed
by any useful way of doing it.
Apparently AHDEMO is supposed to be that way, but it seems to require
too much fiddly things (disable scanning, set a garbage SSID, etc)
for it to actually be useful for spoofing things.
So for now let's just disable it and instead look to filter transmit
in the output path if the channel isn't allowed by regulatory.
That way monitor RX works fine but TX will be blocked.
I don't plan on MFC'ing this to -10 until the regulatory enforcement
bits are written.
rpaulo [Sun, 10 Aug 2014 06:43:40 +0000 (06:43 +0000)]
Fix a few problems with the USDT probes:
* Include OBJDIR to make sure the generated file is found;
* Simplify the definition of OBJS;
* Add targets for shared objects and for profiled objects.
kargl [Sat, 9 Aug 2014 15:53:40 +0000 (15:53 +0000)]
When r255294 was committed, it exposed the symbols lgammal, powl,
and tgammal in libm. These functions are part of ISO/IEC 9899:1999
and their prototypes should have been moved into the appropriate
__ISO_C_VISIBLE >= 1999 section. After moving the prototypes,
remnants of r236148 can be removed.
dim [Sat, 9 Aug 2014 12:25:06 +0000 (12:25 +0000)]
In r268463, I misplaced a return in demangle(), causing the function to
erroneously skip symbols that were not mangled at all. Fix this by
moving the return into the preceding if block.
While here, simplify the code by letting __cxa_demangle() allocate the
needed space for the demangled symbol. This also fixes a memory leak,
which would occur whenever __cxa_demangle() failed.
adrian [Sat, 9 Aug 2014 09:12:25 +0000 (09:12 +0000)]
Work around some rather annoying chip hangs in the AR9331 chip.
If powersave is enabled and there are any transitions to network
or full sleep - even if they're pretty damned brief - eventually
something messes up somewhere and the bus glue between the AR9331
SoC and the AR9331 wifi stops working. It shows up as stuck DMA
and LOCAL_TIMEOUT interrupts.
Both ath9k and the reference driver does a full chip reset if things
get stuck.
So:
* teach the AR9330 HAL about the force_full_reset option I added a
couple of years ago;
* if the chip is currently in full-sleep, do a full-reset;
* if TX DMA and/or RX DMA are still enabled (eg, they did get
stuck during reset) then do a full-reset.
kib [Sat, 9 Aug 2014 05:00:34 +0000 (05:00 +0000)]
Adapt vm_page_aflag_set(PGA_WRITEABLE) to the locking of
pmap_enter(PMAP_ENTER_NOSLEEP). The PGA_WRITEABLE flag can be set
when either the page is busied, or the owner object is locked.
Update comments, move all assertions about page state when
PGA_WRITEABLE flag is set, into new helper
vm_page_assert_pga_writeable().
Reviewed by: alc
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
marcel [Sat, 9 Aug 2014 04:47:12 +0000 (04:47 +0000)]
Create a redundant grain directory and table. Previously we were
cheating by assigning the same sector offset to both directories,
but it seems that VirtualBox doesn't like that. Neither does
qemu from the looks of it. We now actually write the directory
and table twice.
dumbbell [Fri, 8 Aug 2014 17:29:01 +0000 (17:29 +0000)]
sed(1): Don't force a newline on last line, if input stream doesn't have one
While here, change how we check if the current line is the last one.
Before, we just checked if there were more files after the current one.
Now, we check the actual content of those files: they files may not have
a line at all. This matches the definition of the "last line" by the
Open Group.
kib [Fri, 8 Aug 2014 17:12:03 +0000 (17:12 +0000)]
Change pmap_enter(9) interface to take flags parameter and superpage
mapping size (currently unused). The flags includes the fault access
bits, wired flag as PMAP_ENTER_WIRED, and a new flag
PMAP_ENTER_NOSLEEP to indicate that pmap should not sleep.
For powerpc aim both 32 and 64 bit, fix implementation to ensure that
the requested mapping is created when PMAP_ENTER_NOSLEEP is not
specified, in particular, wait for the available memory required to
proceed.
In collaboration with: alc
Tested by: nwhitehorn (ppc aim32 and booke)
Sponsored by: The FreeBSD Foundation and EMC / Isilon Storage Division
MFC after: 2 weeks
bjk [Fri, 8 Aug 2014 16:32:06 +0000 (16:32 +0000)]
Update vmstat usage for last-argument count/wait parameters
Correct the usage in both the manpage and in usage() to indicate
that the wait interval and repetition count may be given either
with the respective -w/-c arguments, or as the final positional
arguments. [0]
The corresponding code to implement the positional arguments has
been conditional on the (always-enabled) BACKWARD_COMPATIBILITY
macro since the original 4.4-lite import. It's no longer reasonable
to remove the functionality, so remove the macro and conditional
instead.
Note that multiple disks may be given on the command line.
While here, sort arguments and apply minor mdoc fixes.
kib [Fri, 8 Aug 2014 11:39:05 +0000 (11:39 +0000)]
VOP_LOOKUP() may relock the directory vnode for some reasons. Since
nullfs vnode shares vnode lock with lower vnode, this allows the
reclamation of nullfs directory vnode in null_lookup(). In this
situation, VOP must return ENOENT.
More, since after the reclamation, the locks of nullfs directory vnode
and lower vnode are no longer shared, the relock of the ldvp does not
restore the correct locking state of dvp, and leaks ldvp lock.
Correct this by unlocking ldvp and locking dvp.
Use cached value of dvp->v_mount.
Reported by: bdrewery
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
neel [Fri, 8 Aug 2014 03:49:01 +0000 (03:49 +0000)]
Support PCI extended config space in bhyve.
Add the ACPI MCFG table to advertise the extended config memory window.
Introduce a new flag MEM_F_IMMUTABLE for memory ranges that cannot be deleted
or moved in the guest's address space. The PCI extended config space is an
example of an immutable memory range.
Add emulation for the "movzw" instruction. This instruction is used by FreeBSD
to read a 16-bit extended config space register.
imp [Thu, 7 Aug 2014 21:56:46 +0000 (21:56 +0000)]
Cast queue length because q_len isn't really an enum in the same sense
that clang wants it to be (a value that can only have values inside
the enum range), but rather an unsigned count of bytes.
nwhitehorn [Thu, 7 Aug 2014 21:00:16 +0000 (21:00 +0000)]
Retire vd_maskbitbltchr. The same functionality can be obtained by testing
for mask != NULL in vd_bitbltchr, which all implementations of vd_bitbltchr()
were doing anyway.
royger [Thu, 7 Aug 2014 17:00:50 +0000 (17:00 +0000)]
atpic: make sure atpic_init is called after IO APIC initialization
After r269510 the IO APIC and ATPIC initialization is done at the same
order, which means atpic_init can be called before the IO APIC has
been initalized. In that case the ATPIC will take over the interrupt
sources, preventing the IO APIC from registering them.
Reported by: David Wolfskill <david@catwhisker.org>
Tested by: David Wolfskill <david@catwhisker.org>,
Trond Endrestøl <Trond.Endrestol@fagskolen.gjovik.no>
Sponsored by: Citrix Systems R&D