Add MAP_GUARD and use it for stack grow area protection.
Bump __FreeBSD_version. This is an MFS of stable/11 r320666.
MFC r320317:
Implement address space guards.
MFC r320338:
Remove stale part of the comment.
MFC r320339:
Correctly handle small MAP_STACK requests.
MFC r320344:
For now, allow mprotect(2) over the guards to succeed regardless of
the requested protection.
MFC r320430:
Treat the addr argument for mmap(2) request without MAP_FIXED flag as
a hint.
MFC r320560 (by alc):
Modify vm_map_growstack() to protect itself from the possibility of the
gap entry in the vm map being smaller than the sysctl-derived stack guard
size.
MF11 r320731,320749,320759: Add Amazon Elastic Network Adapter driver
and turn it on in EC2 AMI builds
Approved by: re (gjb)
Relnotes: FreeBSD now supports "next generation" Enhanced Networking
in the Amazon EC2 cloud
Sponsored by: Amazon.com Inc. (original work)
MF11 r320685: Update to ELF Tool Chain snapshot at r3561
This update is primarily bug fixes in C++ symbol demangling, including:
- rvalue reference
- builtin type auto and decltype(auto)
- revamped support for function return types
- formatting fixes
- omit void when its the only param
- ref-qualifiers and others in function types
- type qualifiers in pointer-to-member function types
- incorrect handling regarding CV-qualifiers in function types
- ref-qualifier found in nested-name
- properly handle <name> ::= <substitute><template-args>
- make sure that nested function name is not a substitute candidate
- correctly handle expression in template args
- skip unknown substitution abbreviations
Also r320663 libelftc: bump version, tracking import in r320343
Approved by: re (gjb)
Sponsored by: The FreeBSD Foundation
Update the pkg(8) configuration for the default installation and
the dvd1.iso to use the quarterly set, now that the new quarterly
branch exists and packages have built.
This commit was deferred when branching releng/11.1, since the
2017Q3 branch did not exist yet.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation
MFS11 r320697:
MFC r320599:
Fix Vagrant image upload after recent API changes.
- Update ATLAS_UPLOAD_URL to avoid various regular expressions
from failing to match due to redirections.
- Use ATLAS_UPLOAD_URL throughout the script.
- Adjust several regular expression patterns.
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation
ken [Mon, 3 Jul 2017 18:20:45 +0000 (18:20 +0000)]
Merge r320602 from stable/11 into releng/11.1:
------------------------------------------------------------------------
r320602 | ken | 2017-07-03 09:34:21 -0600 (Mon, 03 Jul 2017) | 45 lines
MFC r320421:
------------------------------------------------------------------------
r320421 | ken | 2017-06-27 13:26:02 -0600 (Tue, 27 Jun 2017) | 37 lines
Fix a panic in camperiphfree().
If a peripheral driver (e.g. da, sa, cd) is added or removed from the
peripheral driver list while an unrelated peripheral driver instance (e.g.
da0, sa5, cd2) is going away and is inside camperiphfree(), we could
dereference an invalid pointer.
When peripheral drivers are added or removed (see periphdriver_register()
and periphdriver_unregister()), the peripheral driver array is resized
and existing entries are moved.
Although we hold the topology lock while we traverse the peripheral driver
list, we retain a pointer to the location of the peripheral driver pointer
and then drop the topology lock. So we are still vulnerable to the list
getting moved around while the lock is dropped.
To solve the problem, cache a copy of the peripheral driver pointer. If
its storage location in the list changes while we have the lock dropped, it
won't have any effect.
This doesn't solve the issue that peripheral drivers ("da", "cd", as opposed
to individual instances like "da0", "cd0") are not generally part of a
reference counting scheme to guard against deregistering them while there
are instances active. The caller (generally the person unloading a module)
has to be aware of active drivers and not unload something that is in use.
sys/cam/cam_periph.c:
In camperiphfree(), cache a pointer to the peripheral driver
instance to avoid holding a pointer to an invalid memory location
in the event that the peripheral driver list changes while we have
the topology lock dropped.
ken [Mon, 3 Jul 2017 18:07:09 +0000 (18:07 +0000)]
Merge r320600 from stable/11 into releng/11.1:
------------------------------------------------------------------------
r320600 | ken | 2017-07-03 09:10:16 -0600 (Mon, 03 Jul 2017) | 30 lines
MFC r320420:
------------------------------------------------------------------------
r320420 | ken | 2017-06-27 11:55:25 -0600 (Tue, 27 Jun 2017) | 25 lines
In scsi_zbc_in(), fill in the length in the ZBC IN CDB.
Without the allocation length set, the target will either reject
the command or complete it without transferring any data.
This fixes the REPORT ZONES command for SCSI ZBC protocol devices,
as well as ATA ZAC protocol devices that are behind a SCSI to ATA
translation layer. (LSI/Broadcom's 12Gb SAS adapters translate ZBC
commands to ZAC commands.) Those are Host Aware and Host Managed SMR
drives.
This will fix REPORT ZONE commands sent to the da(4) driver via the
GEOM bio interface and zonectl, and REPORT ZONE commands sent from
camcontrol(8).
Note that in the case of camcontrol(8), we currently only send
SCSI ZBC commands to native SCSI protocol devices, not ATA devices
behind a SAT layer.
sys/cam/scsi/scsi_da.c:
Fill in the length field in scsi_zbc_in().
MFS11 r320596:
MFC r320488:
Correct the branch naming convention in param.h.
While here, consistently use upper-case 'X' to represent the
version number.
Approved by: re (kib, marius)
Sponsored by: The FreeBSD Foundation
MFS r320566: MFC r320390:
With r318394 seems it breaks gpart(8) in some embedded systems such like PCEngines,
RPI1-B, Alix and APU2 boards as well as NanoBSD with the following message:
gjb [Thu, 29 Jun 2017 23:56:50 +0000 (23:56 +0000)]
- Copy stable/11@r320475 to releng/11.1 as part of the 11.1-RELEASE
cycle.
- Prune svn:mergeinfo from the new branch.
- Bump __FreeBSD_version.
- Rename releng/11.1 to RC1.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation
alc [Wed, 28 Jun 2017 05:28:15 +0000 (05:28 +0000)]
MFC r315518
Avoid unnecessary calls to vm_map_protect() in elf_load_section().
Typically, when elf_load_section() unconditionally passed VM_PROT_ALL to
elf_map_insert(), it was needlessly enabling execute access on the
mapping, and it would later have to call vm_map_protect() to correct the
mapping's access rights. Now, instead, elf_load_section() always passes
its parameter "prot" to elf_map_insert(). So, elf_load_section() must
only call vm_map_protect() if it needs to remove the write access that
was temporarily granted to perform a copyout().
alc [Wed, 28 Jun 2017 04:01:29 +0000 (04:01 +0000)]
MFC r314310
Refine the fix from r312954. Specifically, add a new PDE-only flag,
PG_PROMOTED, that indicates whether lingering 4KB page mappings might
need to be flushed on a PDE change that restricts or destroys a 2MB
page mapping. This flag allows the pmap to avoid range invalidations
that are both unnecessary and costly.
ken [Tue, 27 Jun 2017 12:56:36 +0000 (12:56 +0000)]
MFC r320123:
Fix a potential sleep while holding a mutex in the sa(4) driver.
If the user issues a MTIOCEXTGET ioctl, and the tape drive in question has
a serial number that is longer than 80 characters, we malloc a buffer in
saextget() to hold the output of cam_strvis().
Since a mutex is held in that codepath, doing a M_WAITOK malloc could lead
to sleeping while holding a mutex. Change it to a M_NOWAIT malloc and bail
out if we fail to allocate the memory. Devices with serial numbers longer
than 80 bytes are very rare (I don't recall seeing one), so this
should be a very unusual case to hit. But it is a bug that should be fixed.
sys/cam/scsi/scsi_sa.c:
In saextget(), if we need to malloc a buffer to hold the output of
cam_strvis(), don't wait for the memory. Fail and return an error
if we can't allocate the memory immediately.
PR: kern/220094
Submitted by: Jia-Ju Bai <baijiaju1990@163.com>
Sponsored by: Spectra Logic
Approved by: re (gjb)
sephe [Mon, 26 Jun 2017 05:56:49 +0000 (05:56 +0000)]
MFC 320184
hyperv/storvsc: Reduce log verbosity
On some windows hosts TEST_UNIT_READY command will return
SRB_STATUS_ERROR and sense data "NOT READY asc:3a,1 (Medium
not present - tray closed)", this occurs periodically, and
not hurt anything else. So, we prefer to ignore this kind
of errors.
Approved by: re (delphij)
PR: 219973
Submitted by: Hongjiang Zhang <hongzhan microsoft com>
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D11271
As per https://datacenter.iers.org/eop/-/somos/5Rgv/latest/16:
INTERNATIONAL EARTH ROTATION AND REFERENCE SYSTEMS SERVICE (IERS)
SERVICE INTERNATIONAL DE LA ROTATION TERRESTRE ET DES SYSTEMES DE REFERENCE
SERVICE DE LA ROTATION TERRESTRE
OBSERVATOIRE DE PARIS
61, Av. de l'Observatoire 75014 PARIS (France)
Tel. : 33 (0) 1 40 51 23 35
FAX : 33 (0) 1 40 51 22 91
Internet : services.iers@obspm.fr
Paris, 9 January 2017
Bulletin C 53
To authorities responsible
for the measurement and
distribution of time
INFORMATION ON UTC - TAI
NO leap second will be introduced at the end of June 2017.
The difference between Coordinated Universal Time UTC and the
International Atomic Time TAI is :
from 2017 January 1, 0h UTC, until further notice : UTC-TAI = -37 s
Leap seconds can be introduced in UTC at the end of the months of December
or June, depending on the evolution of UT1-TAI. Bulletin C is mailed every
six months, either to announce a time step in UTC, or to confirm that there
will be no time step at the next possible date.
Christian BIZOUARD
Director
Earth Orientation Center of IERS
Observatoire de Paris, France
delphij [Sun, 25 Jun 2017 17:42:27 +0000 (17:42 +0000)]
MFC r320216: Fix use-after-free introduced in r300388.
In r300388, endnetconfig() was called on nc_handle which would release
the associated netconfig structure, which means tmpnconf->nc_netid
would be a use-after-free.
Solve this by doing endnetconfig() in return paths instead.
Reported by: jemalloc via kevlo
Reviewed by: cem, ngie (earlier version)
Approved by: re (kib)
bdrewery [Fri, 23 Jun 2017 20:49:23 +0000 (20:49 +0000)]
MFC r320206,r320207:
r320206:
Follow-up r308602: Don't add missing headers to .depend.tables.h.
r320207:
Tweak r320206: Still create the TABLE but not the .depend entry for missing
headers.
bdrewery [Fri, 23 Jun 2017 20:07:56 +0000 (20:07 +0000)]
MFC r319862,r319996,r320030:
r319862:
META_MODE: Show .ERROR_CMD in error.
r319996:
WITH_META_MODE: Don't try showing command if .ERROR_META_FILE is empty.
r320030:
WITH_META_MODE: End each ERROR_CMD CMD line with ';'.
bdrewery [Fri, 23 Jun 2017 19:44:20 +0000 (19:44 +0000)]
MFC r320012,r320028,r320061,r320118:
r320012:
Fix LIBAMU location to fix 'stale .depend' rebuilds in usr.sbin/amd.
r320028:
Fix more incorrect library directories fix 'stale .depend' rebuilds.
r320061:
Fix Makefiles which override LIBDIR to not add incorrect dependencies into
.depend.
r320118:
Follow-up r320061: Need to respect make.conf/env LIBDIR overrides.
cperciva [Thu, 22 Jun 2017 05:30:27 +0000 (05:30 +0000)]
MFC r319491:
Skip setting the MTU in the netfront driver (xn# devices) if the new MTU
is the same as the old MTU. In particular, on Amazon EC2 "T2" instances
without this change, the network interface is reinitialized every 30
minutes due to the MTU being (re)set when a new DHCP lease is obtained.
cperciva [Thu, 22 Jun 2017 05:26:08 +0000 (05:26 +0000)]
MFC r31956[12]: Teach primes(6) to enumerate primes up to 2^64 - 1.
Approved by: re (delphij)
Relnotes: primes(6) now enumerates primes beyond 3825123056546413050,
up to a new limit of 2^64 - 1.
> Description of fields to fill in above: 76 columns --|
> PR: If and which Problem Report is related.
> Submitted by: If someone else sent in the change.
> Reported by: If someone else reported the issue.
> Reviewed by: If someone else reviewed your modification.
> Approved by: If you needed approval for this commit.
> Obtained from: If the change is from a third party.
> MFC after: N [day[s]|week[s]|month[s]]. Request a reminder email.
> MFH: Ports tree branch name. Request approval for merge.
> Relnotes: Set to 'yes' for mention in release notes.
> Security: Vulnerability reference (one per line) or description.
> Sponsored by: If the change was sponsored by an organization.
> Differential Revision: https://reviews.freebsd.org/D### (*full* phabric URL needed).
> Empty fields above will be automatically removed.
_M .
M usr.bin/factor/factor.6
M usr.bin/primes/primes.c
M usr.bin/primes/primes.h
M usr.bin/primes/spsp.c
jhb [Wed, 21 Jun 2017 14:36:25 +0000 (14:36 +0000)]
MFC 319702: Fix an off-by-one error in the VM page array on some systems.
r313186 changed how the size of the VM page array was calculated to be
less wasteful. For most systems, the amount of memory is divided by
the overhead required by each page (a page of data plus a struct vm_page)
to determine the maximum number of available pages. However, if the
remainder for the first non-available page was at least a page of data
(so that the only memory missing was a struct vm_page), this last page
was left in phys_avail[] but was not allocated an entry in the VM page
array. Handle this case by explicitly excluding the page from
phys_avail[].
brooks [Tue, 20 Jun 2017 20:19:57 +0000 (20:19 +0000)]
MFC r318968:
Add missing usage and getopt(3) options
- Add the missing option 'n' to the getopt(3) string
- Add the missing options 'libxo' and 'N' to the usage message
- Add the missing options 'M' and 'N' to the man-page
davidcs [Tue, 20 Jun 2017 19:16:06 +0000 (19:16 +0000)]
MFC r319964
Upgrade STORMFW to 8.30.0.0 and ecore version to 8.30.0.0
Add support for pci deviceID 0x8070 for QLE41xxx product line which
supports 10GbE/25GbE/40GbE
jhb [Tue, 20 Jun 2017 15:55:15 +0000 (15:55 +0000)]
MFC 319490: Remove stale cap_rights_get(2) manpage.
The documentation moved to section 3 several years ago, but
'man cap_rights_get' pulls up cap_rights_limit(2) (which is
MLINKed to cap_rights_get.2) instead of cap_rights_get(3).
sbruno [Mon, 19 Jun 2017 15:03:47 +0000 (15:03 +0000)]
Direct commit to stable/11 to correctly setting the EIAC and IMS
registers to the same values when processing interrupts. This reverts a
change made in r286831 that was not fully reverted in r311979
This resolves PR https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211219
avg [Mon, 19 Jun 2017 14:45:20 +0000 (14:45 +0000)]
MFC r318867: fix vmxnet3 crash when LRO is enabled
The crash can occur when all of the following conditions are true:
- a packet consists of multiple segments (requires LRO enabled)
- there has been a failure to allocate an mbuf for the packet and
the packet has to be dropped
- a host (vmware) still owned at least one segment of the packet,
so the driver had to wait for another interrupt to proceed to
discarding the remaining segment(s)
Reviewed by: rstone
Approved by: re (gjb)
Sponsored by: Panzura
gjb [Mon, 19 Jun 2017 13:26:38 +0000 (13:26 +0000)]
MFC r319942 (jhb):
Don't try to assign interrupts to a CPU on single-CPU systems.
All interrupts are routed to the sole CPU in that case implicitly.
This is a regression in EARLY_AP_STARTUP. Previously the 'assign_cpu'
variable was only set when a multi-CPU system finished booting, so
its value both meant that interrupts could be assigned and that
there was more than one CPU.
PR: 219882
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation
emaste [Mon, 19 Jun 2017 03:07:00 +0000 (03:07 +0000)]
bsdinstall: use consistent EFI configuration across platforms
MFC r320007:
- increase arm64 EFI partition to 200M, as x86
- use EFI_BOOTPART_SIZE and EFI_BOOTPART_PATH macros on x86
- increase ZFS EFI partition to 200M
MFC r320008: bsdinstall: correct comment after r320007
PR: 201898
Approved by: re (kib)
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
jhibbits [Sun, 18 Jun 2017 17:20:48 +0000 (17:20 +0000)]
MFC r317928
Add necessary bits to get FreeBSD booting on the Unifi Security Gateway
Summary:
The Ubiquiti Unifi Security Gateway is virtually identical to the
EdgeRouter Lite, with a smaller PCB and apparently a different board identifier.
Simply adding the new board identifier alongside the ERL identifier, FreeBSD
boots successfully, and can access the needed peripherals.
hselasky [Sun, 18 Jun 2017 11:46:17 +0000 (11:46 +0000)]
MFC r319972:
Use static device numbering instead of dynamic one when creating
mlx4en network interfaces. This prevents infinite unit number growth
typically when the mlx4en driver is used inside virtual machines which
support runtime PCI attach and detach.
Approved by: re (gjb)
Sponsored by: Mellanox Technologies
emaste [Sat, 17 Jun 2017 19:00:12 +0000 (19:00 +0000)]
lld: Fix weak symbols on arm and aarch64
MFC r319955: lld: sort relocations
No functional change; applied to facilitate merge of later LLD commit.
MFC r319956: lld: Fix weak symbols on arm and aarch64
Given
.weak target
.global _start
_start:
b target
The intention is that the branch goes to the instruction after the
branch, effectively turning it on a nop. The branch adds the runtime
PC, but we were adding it statically too.
I noticed the oddity by inspection, but llvm-objdump seems to agree,
since it now prints things like:
b #-4 <_start+0x4>
Obtained from: LLD r298797, r305212
Approved by: re (gjb)
Sponsored by: The FreeBSD Foundation
alc [Thu, 15 Jun 2017 18:49:46 +0000 (18:49 +0000)]
MFC r319540
The data type returned by vmoff() is too narrow in its range. This could
break the transmission of files longer than 4 GB on 32-bit architectures.
alc [Thu, 15 Jun 2017 17:06:04 +0000 (17:06 +0000)]
MFC r318995
In r118390, the swap pager's approach to striping swap allocation over
multiple devices was changed. However, swapoff_one() was not fully and
correctly converted. In particular, with r118390's introduction of a per-
device blist, the maximum swap block size, "dmmax", became irrelevant to
swapoff_one()'s operation. Moreover, swapoff_one() was performing out-of-
range operations on the per-device blist that were silently ignored by
blist_fill().
This change corrects both of these problems with swapoff_one(), which will
allow us to potentially increase MAX_PAGEOUT_CLUSTER. Previously,
swapoff_one() would panic inside of blist_fill() if you increased
MAX_PAGEOUT_CLUSTER.
MFC r319001
After r118390, the variable "dmmax" was neither the correct strip size
nor the correct maximum block size. Moreover, after r318995, it serves
no purpose except to provide information to user space through a read-
sysctl.
This change eliminates the variable "dmmax" but retains the sysctl. It
also corrects the value returned by the sysctl.
MFC r319604
Halve the memory being internally allocated by the blist allocator. In
short, half of the memory that is allocated to implement the radix tree is
wasted because we did not change "u_daddr_t" to be a 64-bit unsigned int
when we changed "daddr_t" to be a 64-bit (signed) int. (See r96849 and
r96851.)
MFC r319612
When the function blist_fill() was added to the kernel in r107913, the swap
pager used a different scheme for striping the allocation of swap space
across multiple devices. And, although blist_fill() was intended to support
fill operations with large counts, the old striping scheme never performed a
fill larger than the stripe size. Consequently, the misplacement of a
sanity check in blst_meta_fill() went undetected. Now, moving forward in
time to r118390, a new scheme for striping was introduced that maintained a
blist allocator per device, but as noted in r318995, swapoff_one() was not
fully and correctly converted to the new scheme. This change completes what
was started in r318995 by fixing the underlying bug in blst_meta_fill() that
stops swapoff_one() from simply performing a single blist_fill() operation.
MFC r319627
Starting in r118390, swaponsomething() began to reserve the blocks at the
beginning of a swap area for a disk label. However, neither r118390 nor
r118544, which increased the reservation from one to two blocks, correctly
accounted for these blocks when updating the variable "swap_pager_avail".
This change corrects that error.
MFC r319655
Originally, this file could be compiled as a user-space application for
testing purposes. However, over the years, various changes to the kernel
have broken this feature. This revision applies some fixes to get user-
space compilation working again. There are no changes in this revision
to code that is used by the kernel.
delphij [Thu, 15 Jun 2017 15:24:15 +0000 (15:24 +0000)]
MFC r319852:
Fix buffer lengths.
After r319369, the RPC code validates caller supplied buffer length in
taddr2uaddr. When no -h is specified, the sizeof(ai_addr) is used,
which is always smaller than the required size and therefore uaddr
would be NULL, causing the kernel to copyin() from userland NULL
and fail with EFAULT.
dexuan [Wed, 14 Jun 2017 13:44:32 +0000 (13:44 +0000)]
MFC: 319690
Approved by: re (marius)
r319690
hyperv/pcib: use the device serial number as PCI domain
Currently the PCI domain is initialized with the instance GUID in
vmbus_pcib_attach(). It turns out the GUID can change across VM reboot,
while some users want a persistent value for PCI domain. The solution is
that we can change to use the device serial number, which starts with 1
and is unique within a VM.
Obtained from: Haiyang Zhang
Sponsored by: Microsoft
emaste [Tue, 13 Jun 2017 18:59:34 +0000 (18:59 +0000)]
MFC r317428 (cognet): fix arm64 MSI
In arm_gicv2m_alloc_msi(), if we found a suitable irq range, leave the loop
before we increase irq again, or we'd end up choosing an irq, and then
really using the next one, even if it's not available.
Also in the inner loop, correct the end check so that we check every irq,
even the last one.
This makes the msk(4) adapter able to use MSI on Softiron Overdrive 1000.
ngie [Mon, 12 Jun 2017 17:37:18 +0000 (17:37 +0000)]
MFC r313398:
Approved by: re (gjb)
Apply r274475's to expr.oxout.tab.c to fix the test on FreeBSD
YYINT on FreeBSD is int, not short
I'll work with the upstream maintainer or come up with a build
method of modifying their definitions on install instead of
having to modify tests to match our forked YYINT definition.