edwin [Wed, 28 Oct 2009 21:07:42 +0000 (21:07 +0000)]
MFC of r197597, r198270, r198515:
MFC of tzdata2009n:
- Pakistan will go out DST on 1 October.
- Headsup for changes in Argentina.
MFC of tzdata2009o:
- Somoa has not moved to DST this year (comment only)
- Bangladesh stays on DST for now.
- Pakistan went back to standard time in 1 October 2009
MFC of tzdata2009p:
- Argentina does not go to DST this year.
ru [Sat, 24 Oct 2009 04:55:14 +0000 (04:55 +0000)]
MFC r198295:
Random number generator initialization cleanup:
- Introduce new SI_SUB_RANDOM point in boot sequence to make it
clear from where one may start using random(9). It should be as
early as possible, so place it just after SI_SUB_CPU where we
have some randomness on most platforms via get_cyclecount().
- Move stack protector initialization to be after SI_SUB_RANDOM
as before this point we have no randomness at all. This fixes
stack protector to actually protect stack with some random guard
value instead of a well-known one.
Note that this patch doesn't try to address arc4random(9) issues.
With current code, it will be implicitly seeded by stack protector
and hence will get the same entropy as random(9). It will be
securely reseeded once /dev/random is feeded by some entropy from
userland.
Submitted by: Maxim Dounin <mdounin@mdounin.ru>
Approved by: re (kib)
jhb [Fri, 23 Oct 2009 19:52:29 +0000 (19:52 +0000)]
MFC 198174:
Close a race with caching of -ve name lookups in the NFS client.
Specifically, clients only trust -ve cache entries while the directory
remains unchanged and discard any -ve cache entries for a directory when
they notice that the modification time of a directory entry changes. The
race involves two concurrent lookups as follows:
- Thread A does a lookup for file 'foo' which sends a lookup RPC to the
server. The lookup fails and the server replies.
- The 'foo' file is created (either by the same client or a different
client) updating the modification time on the parent directory of 'foo'.
- Thread B does a lookup for a different file 'bar' which updates the
cached attributes of the parent directory of 'foo' to reflect the new
modification time after 'foo' was created.
- Thread A finally resumes execution to parse the reply from the NFS
server. It adds a -ve cache entry and sets the cached value of the
directory's modification time that is used for invalidating -ve cached
lookups to the new modification time set by thread B.
At this point, future lookups of 'foo' will honor the -ve cached entry
until the cached entry is pushed out of the name cache's LRU or the
modification time of the parent directory is changed again by some other
change. The fix is to read the directory's modification time before
sending the lookup RPC and use that cached modification time when setting
the directory's cached modification time. Also, we do not add a -ve cache
entry if another thread has added -ve cache entry that set the directory's
cached modification time to a newer value than the value we read before
sending the lookup RPC.
philip [Fri, 23 Oct 2009 14:43:17 +0000 (14:43 +0000)]
MFC r198352
Make dhclient use bootpc (68) as the source port for unicast
DHCPREQUEST packets instead of allowing the protocol stack to pick
a random source port.
This fixes the behaviour where dhclient would never transition
from RENEWING to BOUND without going through REBINDING in networks
which are paranoid about DHCP spoofing, such as most mainstream
cable-broadband ISP networks.
Obtained from: OpenBSD
Reviewed by: brooks
Approved by: re (kib)
qingli [Thu, 22 Oct 2009 18:48:25 +0000 (18:48 +0000)]
MFC 198306
The flow-table function flowtable_route_flush() may be called
during system initialization time. Since the flow-table is
designed to maintain per CPU flow cache, the existing code
did not check whether "smp_started" is true before calling
sched_bind() and sched_unbind(), which triggers a page fault.
brueffer [Thu, 22 Oct 2009 08:34:20 +0000 (08:34 +0000)]
MFC: r198232
Powercrypt and NetSec seem to be defunct (webpages point to link farms
and a google search yields no alternative). Remove the links but
keep the entries around for reference.
thompsa [Wed, 21 Oct 2009 19:48:27 +0000 (19:48 +0000)]
MFC r198307
Change from CAM_TID_INVALID to CAM_SEL_TIMEOUT error code when the usb device
has been yanked, this works around a cam recounting bug when
CAM_DEV_UNCONFIGURED is set late in the detach. In certain conditions the
reference to the XPT device would not be released which would cause the usb
explore thread to sleep forever on "simfree", preventing any new usb devices to
be found/ejected on the bus.
kib [Wed, 21 Oct 2009 15:07:34 +0000 (15:07 +0000)]
MFC r198201:
Remove spurious call to priv_check(PRIV_VM_SWAP_NOQUOTA).
Call priv_check(PRIV_VM_SWAP_NORLIMIT) only when per-uid limit is
actually exceed.
qingli [Tue, 20 Oct 2009 21:36:56 +0000 (21:36 +0000)]
MFC 198301
In the ARP callout timer expiration function, the current time_second
is compared against the entry expiration time value (that was set based
on time_second) to check if the current time is larger than the set
expiration time. Due to the +/- timer granularity value, the comparison
returns false, causing the alternative code to be executed. The
alternative code path freed the memory without removing that entry
from the table list, causing a use-after-free bug.
Reviewed by: discussed with kmacy
Approved by: re
Verified by: rnoland, yongari
kan [Tue, 20 Oct 2009 19:05:43 +0000 (19:05 +0000)]
MFC Revision 197277:
Make libc.a provide __stack_chk_fail_local weak alias. This is
needed to satisfy static libraries that are compiled with -fpic
and linked into static binary afterwards. Several libraries in
gcc are examples of such static libs.
weongyo [Tue, 20 Oct 2009 17:50:36 +0000 (17:50 +0000)]
MFC r198098:
fixes a TX hang bug that it could happen when if_start callback didn't
be restarted by full of the output queue.
Tested by: bsduser <bsd at acd.homelinux.org>
MFC r198099:
fixes a TX hang that could be possible to happen when the trasfers are
in the high speed that some drivers don't call if_start callback after
marking ~IFF_DRV_OACTIVE.
qingli [Tue, 20 Oct 2009 17:44:50 +0000 (17:44 +0000)]
MFC r198111
This patch fixes the following issues in the ARP operation:
1. There is a regression issue in the ARP code. The incomplete
ARP entry was timing out too quickly (1 second timeout), as
such, a new entry is created each time arpresolve() is called.
Therefore the maximum attempts made is always 1. Consequently
the error code returned to the application is always 0.
2. Set the expiration of each incomplete entry to a 20-second
lifetime.
3. Return "incomplete" entries to the application.
4. The return error code was incorrect.
stas [Tue, 20 Oct 2009 16:41:23 +0000 (16:41 +0000)]
- Disable ASF by default in STABLE_8. This causes a lot
of problems on non-DELL branded machines with IPMI
support. The proposed fix was committed to HEAD but has
not received much test coverage yet.
jhb [Mon, 19 Oct 2009 18:31:39 +0000 (18:31 +0000)]
MFC 198079:
Use zfs_read() instead of xfsread() to read /boot.config. xfsread() fails
short read requests, so the result was that a /boot.config smaller than 512
bytes was ignored. boot2 uses fsread() instead of xfsread() to read
/boot.config already, so this makes zfsboot more like boot2.
rwatson [Sun, 18 Oct 2009 15:58:57 +0000 (15:58 +0000)]
Merge r198118 from head to stable/8:
Print routing statistics as unsigned short rather than unsigned int,
otherwise sign extension leads to unlikely values when in the negative
range of the signed short structure fields that hold the statistics.
The type used to hold routing statistics is arguably also incorrect.
bland [Fri, 16 Oct 2009 09:29:06 +0000 (09:29 +0000)]
MFC r197995, 198020:
Link GSS mechanics modules against libgssapi so they will not fail due
unresolved symbol errors when in turn libgssapi was loaded with RTLD_LOCAL
flag set (which is the default).
dougb [Fri, 16 Oct 2009 00:17:09 +0000 (00:17 +0000)]
MFC r197947:
In regards to the "Starting foo:" type messages at boot time, create
and employ a more generic solution, and use it in the individual rc.d
scripts that also have an $rc_quiet test:
1. Add check_startmsgs() to rc.subr.
2. In the rc.d scripts that use rc_quiet (and rc.subr) substitute
variations of [ -z "$rc_quiet" ] with check_startmsgs
3. In savecore add a trailing '.' to the end of the message to make it
more consistent with other scripts.
4. In newsyslog remove a : before the terminal '.' since we do not
expect there to be anything printed out in between to make it more
consistent.
5. In the following scripts change "quotes" to 'quotes' where no
variables exist in the message: savecore pf newsyslog
6. [Does not apply in RELENG_8]
7. In the following scripts separate the "Starting foo:" from the
terminal '.' to make them more consistent: moused hostname pf
8. In nfsclient move the message to its own line to avoid a style bug
9. In pf rc_quiet does not apply to the _stop method, so remove the
test there.
10. In motd add 'quotes' around the terminal '.' for consistency
rmacklem [Thu, 15 Oct 2009 19:50:00 +0000 (19:50 +0000)]
MFC r197298:
Change the default transport protocol for use by the Mount protocol
and the NFS Null RPC done by mount_nfs from UDP to TCP, so that it is
consistent with the kernel, which already uses NFS over TCP by
default. Without this change, doing an NFS mount
against a server that only supports UDP results in an unusable
mount point if a transport protocol option wasn't specified for the
mount.
kib [Wed, 14 Oct 2009 14:26:19 +0000 (14:26 +0000)]
MFC r197958:
In nanosleep(2), note that the calling thread is put to sleep, not the
whole process. Also explicitely name the parameter that specifies
sleep interval.
attilio [Tue, 13 Oct 2009 13:03:31 +0000 (13:03 +0000)]
MFC r197476:
In function do_rw_wrlock, when a writer got an error and before returning,
check if there are readers blocked by us via URWLOCK_WRITE_WAITERS flag,
and resume the readers. The error must be EAGAIN, otherwise there must
have memory problem, and nobody can rescue the buggy application.
kib [Tue, 13 Oct 2009 09:24:51 +0000 (09:24 +0000)]
MFC r197942:
Refine r195509, instead of checking that vnode type is VBAD, that is
set quite late in the revocation path, properly verify that vnode is
not doomed before calling VOP.
pjd [Mon, 12 Oct 2009 21:08:06 +0000 (21:08 +0000)]
MFC r197898:
If provider is open for writing when we taste it, skip it for classes that
depend on on-disk metadata. This was we won't attach to providers that are used
by other classes. For example we don't want to configure partitions on da0 if
it is part of gmirror, what we really want is partitions on mirror/foo.
During regular work it works like this: if provider is open for writing a class
receives the spoiled event from GEOM and detaches, once provider is closed the
taste event is send again and class can rediscover its metadata if it is still
there. This doesn't work that way when new class arrives, because GEOM gives
all existing providers for it to taste, also those open for writing. Classes
have to decided on their own if they want to deal with such providers (eg.
geom_dev) or not (classes modified by this commit).
Reported by: des, Oliver Lehmann <lehmann@ans-netz.de>
Tested by: des, Oliver Lehmann <lehmann@ans-netz.de>
Discussed with: phk, marcel
Reviewed by: marcel
Approved by: re (kib)
pjd [Mon, 12 Oct 2009 20:36:55 +0000 (20:36 +0000)]
MFC r197831,r197842,r197843,r197860,r197861:
r197831:
Fix situation where Mac OS X NFS client creates a file and when it tries
to set ownership and mode in the same setattr operation, the mode was
overwritten by secpolicy_vnode_setattr().
PR: kern/118320
Submitted by: Mark Thompson <info-gentoo@mark.thompson.bz>
r197842:
Fix white-spaces.
r197843:
On FreeBSD it is enough to report provider removal when orphan event is
received, we don't have to do it on every ENXIO error in I/O path.
Solaris has no GEOM so they have to handle it in a less clean way.
r197860:
File system owner is when uid matches and jail matches.
r197861:
Allow file system owner to modify system flags if securelevel permits.
attilio [Mon, 12 Oct 2009 16:05:31 +0000 (16:05 +0000)]
MFC r197803, r197824, r197910:
Per their definition, atomic instructions used in conjuction with
memory barriers should also ensure that the compiler doesn't reorder paths
where they are used. GCC, however, does that aggressively, even in
presence of volatile operands. The most reliable way GCC offers for avoid
instructions reordering is clobbering "memory".
Not all our memory barriers, right now, clobber memory for GCC-like
compilers.
Fix these cases.
rdivacky [Mon, 12 Oct 2009 15:46:17 +0000 (15:46 +0000)]
MFC r197812:
Fix tcsh losing history when tcsh terminates because the pty beneath it
is closed.
Diagnosed by Ted Anderson:
New signal queuing logic was introduced in 6.15 and allows the signal handlers
to be run explicitly by calling handle_pending_signals, instead of
immediately when the signal is delivered. This function is called at
various places, typically when receiving a EINTR from a slow system call
such as read or write. In the pty exit case, it was called from xwrite,
called from flush, while printing the "exit" message after receiving EOF
when reading from the pty (note that the read did not return EINTR but
zero bytes, indicating EOF). The SIGHUP handler, phup(), called
rechist, which opened the history file and began writing the merged
history to it. This process invoked flush recursively to actually write
the data. In this case, however, the flush noticed it was being called
recursively and decided fail by calling stderror.
My conclusion was that the signal was being handled at a bad time. But
whether to fix flush not to care about the recursive call, or to handle
the signal some other time and when to handle it, was unclear to me.
However, by adding an extra call to handle_pending_signals, just after
process() returns to main(), I was able to avoid the truncated history
after network outages and similar failures. I verified this fix in
version 6.17.
attilio [Mon, 12 Oct 2009 15:32:00 +0000 (15:32 +0000)]
MFC r197643, r197735:
When releasing a read/shared lock we need to use a write memory barrier
in order to avoid, on architectures which doesn't have strong ordered
writes, CPU instructions reordering.
jilles [Sun, 11 Oct 2009 16:35:12 +0000 (16:35 +0000)]
MFC r196483,r196634:
sh: Fix crash when undefining or redefining a currently executing function
Add a reference count to function definitions.
Memory may leak if a SIGINT arrives in interactive mode at exactly the wrong
time, this will be fixed later by changing SIGINT handling.
marcel [Sat, 10 Oct 2009 18:24:54 +0000 (18:24 +0000)]
MFC change 197721:
Fix RTS/CTS flow control, broken by the TTY overhaul. The new TTY
interface is fairly simple WRT dealing with flow control, but
needed 2 new RX buffer functions with "get-char-from-buf" separated
from "advance-buf-pointer" so that the pointer could be advanced
only when ttydisc_rint() succeeded.
rwatson [Fri, 9 Oct 2009 09:18:22 +0000 (09:18 +0000)]
Merge r197814 from head to stable/8:
Remove tcp_input lock statistics; these are intended for debugging only
and are not intended to ship in 8.0 as they dirty additional cache
lines in a performance-critical per-packet path.
rwatson [Thu, 8 Oct 2009 11:07:15 +0000 (11:07 +0000)]
Merge r197795 from head to stable/8:
In tcp_input(), we acquire a global write lock at first only if a
segment is likely to trigger a TCP state change (i.e., FIN/RST/SYN).
If we later have to upgrade the lock, we acquire an inpcb reference
and drop both global/inpcb locks before reacquiring in-order. In
that gap, the connection may transition into TIMEWAIT, so we need
to loop back and reevaluate the inpcb after relocking.
Reported by: Kamigishi Rei <spambox at haruhiism.net>
Reviewed by: bz
qingli [Tue, 6 Oct 2009 20:33:02 +0000 (20:33 +0000)]
MFC r197696
Remove a log message from production code. This log message can be
triggered by a misconfigured host that is sending out gratuious ARPs.
This log message can also be triggered during a network renumbering
event when multiple prefixes co-exist on a single network segment.
qingli [Tue, 6 Oct 2009 19:44:44 +0000 (19:44 +0000)]
MFC 197695
Previously, if an address alias is configured on an interface, and
this address alias has a prefix matching that of another address
configured on the same interface, then the ARP entry for the alias
is not deleted from the ARP table when that address alias is removed.
This patch fixes the aforementioned issue.
qingli [Tue, 6 Oct 2009 18:47:02 +0000 (18:47 +0000)]
MFC r197687
The flow-table associates TCP/UDP flows and IP destinations with
specific routes. When the routing table changes, for example,
when a new route with a more specific prefix is inserted into the
routing table, the flow-table is not updated to reflect that change.
As such existing connections cannot take advantage of the new path.
In some cases the path is broken. This patch will update the affected
flow-table entries when a more specific route is added. The route
entry is properly marked when a route is deleted from the table.
In this case, when the flow-table performs a search, the stale
entry is updated automatically. Therefore this patch is not
necessary for route deletion.
marcus [Tue, 6 Oct 2009 17:10:38 +0000 (17:10 +0000)]
Properly record merginfo for r197681 into lib/libc instead of lib/libc/gen.
Kib didn't see the previous commit before I committed it. I had assumed
implicit approval when he requested the merginfo. So pointhats to me
all around. This commit was reviewed by kib.
cokane [Tue, 6 Oct 2009 16:05:06 +0000 (16:05 +0000)]
MFC: r197403, r197644, r197654, and r197659
Fix some unexpected potential NULL de-references in kernel mode due to
usage of pre-8.0 wifi operations with the ndis driver wrapping a Win32/64
wifi driver.
Submitted by: Paul B Mahol <onemda@gmail.com>
Approved by: re
yongari [Mon, 5 Oct 2009 19:29:25 +0000 (19:29 +0000)]
MFC r197461:
Use __NO_STRICT_ALIGNMENT to determine whether de(4) have to apply
alignment fixup code for received frames on strict alignment
architectures.
MFC r197463:
Consistently use bus_addr_t.
MFC r197464:
Destroy dmamap in dma cleanup.
MFC r197465:
Align Tx/Rx descriptors on 32 bytes boundary instead of PAGE_SIZE.
Also align setup descriptor on 32 bytes boundary. Tx buffer have no
alignment limitation so create dmamap without alignment
restriction[1]. Rx buffer still seems to require 4 bytes alignment
limitation but we can simply use MCLBYTES for size to map the
buffer instead of TULIP_DATA_PER_DESC as the buffer is allocated
with m_getcl(9).
de(4) supports up to TULIP_MAX_TXSEG segments for Tx buffers,
increase maximum dma segment size to TULIP_MAX_TXSEG * MCLBYTES.
While I'm here remove TULIP_DATA_PER_DESC as it is not used anymore.
This should fix de(4) breakage introduced after r176206.
Submitted by: jhb [1]
Reported by: WATANABE Kazuhiro < CQG00620 <> nifty dot ne dot jp >
Tested by: WATANABE Kazuhiro < CQG00620 <> nifty dot ne dot jp >,
Takahashi Yoshihiro < nyan <> jp dot freebsd dot org >
Approved by: re (kib)
gallatin [Mon, 5 Oct 2009 14:28:23 +0000 (14:28 +0000)]
MFC:197645
Two more mxge watchdog fixes
1) Restore the PCI Express control register after a watchdog
reset. This is required because the device will come out
of watchdog reset with the pectl reg at its default state,
and important BIOS configuration (like max payload size)
could be lost.
2) Call mxge_start_locked() for every tx queue before dropping
the lock in the watchdog handler. This is required, as
the queue's buf ring may have filled during the reset.
marcus [Sun, 4 Oct 2009 21:46:43 +0000 (21:46 +0000)]
MFC: rev. 197681
Correct the pthread stub prototype for pthread_mutexattr_settype to allow for
the type argument. This is known to fix some pthread_mutexattr_settype()
invocations, especially when it comes to pulseaudio.
thompsa [Sun, 4 Oct 2009 19:03:32 +0000 (19:03 +0000)]
MFC r197682
EHCI Hardware BUG workaround
The EHCI HW can use the qtd_next field instead of qtd_altnext when a short
packet is received. This contradicts what is stated in the EHCI datasheet.
Also the total-bytes field in the status field of the following TD gets
corrupted upon reception of a short packet! We work this around in software by
not queueing more than one job/TD at a time of up to 16Kbytes! The bug has been
seen on multiple INTEL based EHCI chips. Other vendors have not been tested
yet.
- Applications using /dev/usb/X.Y.Z, where Z is non-zero are affected, but not
applications using LibUSB v0.1, v1.2 and v2.0.
- Mass Storage (umass) is affected.
kib [Sun, 4 Oct 2009 12:20:59 +0000 (12:20 +0000)]
MFC r197663:
As a workaround, for Intel CPUs, do not use CLFLUSH in
pmap_invalidate_cache_range() when self-snoop is apparently not reported
in cpu features.