yongari [Sat, 31 Dec 2011 01:08:31 +0000 (01:08 +0000)]
MFC r226478:
Close a race where SIOCGIFMEDIA ioctl get inconsistent link status.
Because driver is accessing a common MII structure in
mii_pollstat(), updating user supplied structure should be done
before dropping a driver lock.
yongari [Sat, 31 Dec 2011 00:46:06 +0000 (00:46 +0000)]
MFC r226123:
BCE_MISC_ID register of BCM5716 returns the same id of BCM5709 so
remove explicit checks for BCM5716.
The BCM5709 and BCM5716 chips are virtually indistinguishable by
software except for the PCI device ID. The two chips differ in
that BCM5709 supports TCP/IP and iSCSI offload in Windows while
the BCM5716 doesn't.
While I'm here remove now unused definition of BCE_CHIP_NUM_5716
and BCE_CHIP_ID_5716_C0.
kib [Fri, 30 Dec 2011 21:02:32 +0000 (21:02 +0000)]
MFC r227816:
Remove the wrong comment about ufs not being loadable.
Note that only root filesystem module needs to be available
before root is mounted.
kib [Fri, 30 Dec 2011 20:24:52 +0000 (20:24 +0000)]
MFC r227393:
Lock the thread lock around block that retrieves td_wmesg. Otherwise,
procfs could see a thread with assigned td_wchan but still NULL td_wmesg.
kib [Fri, 30 Dec 2011 18:29:09 +0000 (18:29 +0000)]
MFC r227024:
Despite official i386 ABI does not mandate any stack alignment besides
the word alignment, some versions of gcc do require 16-byte alignment.
Make sure the stack is 16-byte aligned before calling a subroutine.
kib [Fri, 30 Dec 2011 18:22:34 +0000 (18:22 +0000)]
MFC r227023:
Make sure that stack is 16-byte aligned before calling a function,
as it is required by amd64 ABI. Add a comment for the places were
the stack is accidentally properly aligned already.
pho [Fri, 16 Dec 2011 12:53:15 +0000 (12:53 +0000)]
MFC: r228360
Move cpu_set_upcall(newtd, td) up before the first call of
thread_free(newtd). This to avoid a possible page fault in
cpu_thread_clean() as seen on amd64 with syscall fuzzing.
jhb [Thu, 15 Dec 2011 16:39:48 +0000 (16:39 +0000)]
MFC 225168:
If a drive is not part of the array (i.e. missing) we need to print the
new line after the pd state information as well, so move it to the outside
of the block.
des [Tue, 13 Dec 2011 13:02:52 +0000 (13:02 +0000)]
MFH r228384: validate the service name
Security: some poorly thought out programs allow the user to specify
the service name; this patch makes it harder to trick these
programs into loading and executing arbitrary code.
pho [Mon, 12 Dec 2011 17:33:38 +0000 (17:33 +0000)]
MFC: r228218, r228219, 228220, 228221
Rename copyin_timeout32 to umtx_copyin_timeout32 and move parameter
check here. Include check for negative seconds value.
Add umtx_copyin_timeout() and move parameter checks here.
Add declaration of umtx_copyin_timeout()
Use umtx_copyin_timeout() to copy and check timeout parameteri in
kern_thr_suspend().
des [Sun, 11 Dec 2011 20:38:36 +0000 (20:38 +0000)]
MFH r227757: check for null passphrases, since openssl doesn't
Security: prevents users with unencrypted ssh keys (prohibited
unless the nullok option is specified) from logging in
by providing a bogus non-null passphrase.
gonzo [Thu, 8 Dec 2011 00:47:22 +0000 (00:47 +0000)]
MFC r208737 (required by OCTEON* kernels):
Add/improve mips64r2, Octeon, n32 and n64 support in the toolchain.
o) Add TARGET_ABI to the MIPS toolchain build process. This sets the default
ABI to one of o32, n32 or n64. If it is not set, o32 is assumed as that is
the current default.
o) Set the default GCC cpu type to any specified TARGET_CPUTYPE. This is
necessary to have a working "cc" if e.g. mips64 is specified, as binutils
will refuse to link objects using different ISAs in some cases.
o) Add support for n32 and n64 ABIs to binutils and GCC.
o) Add additional required libgcc2 stubs for n32 and n64.
o) Add support for the "mips64r2" architecture to GCC. Add the "octeon"
o) When static linking, wrap default libraries in --start-group and
--end-group. This is required for static linking to work on n64 with the
interdependencies between libraries there. This is what other OSes that
support n64 seem to do, as well.
o) Fix our GCC spec to define __mips64 for 64-bit targets, not __mips64__, the
former being what libgcc, etc., check and the latter seemingly being a
misspelling of a hand merge from a Linux spec.
o) When no TARGET_CPUTYPE is specified at build time, make GCC take the default
ISA from the ABI. Our old defaults were too liberal and assumed that 64-bit
ABIs should default to the MIPS64 ISA and that 32-bit ABIs should default to
the MIPS32 ISA, when we are supporting or will support some systems based on
earlier 32-bit and 64-bit ISAs, most notably MIPS-III.
o) Merge a new opcode file (and support code) from a later version of binutils
and add flags and code necessary to support Octeon-specific instructions.
This should also make merging opcodes for other modern architectures easier.
No objections from: imp, jmallet, jchandra
MFC after: 18 months
alc [Sun, 4 Dec 2011 18:55:19 +0000 (18:55 +0000)]
MFC r219157
Make a change to the implementation of the direct map to improve
performance on processors that support 1 GB pages. Specifically, if the
end of physical memory is not aligned to a 1 GB page boundary, then map
the residual physical memory with multiple 2 MB page mappings rather than
a single 1 GB page mapping. When a 1 GB page mapping is used for this
residual memory, access to the memory is slower than when multiple 2 MB
page mappings are used. (I suspect that the reason for this slowdown is
that the TLB is actually being loaded with 4 KB page mappings for the
residual memory.)
alc [Sun, 4 Dec 2011 07:28:50 +0000 (07:28 +0000)]
MFC r223732
When iterating over a paging queue, explicitly check for PG_MARKER,
instead of relying on zeroed memory being interpreted as an empty
PV list.
alc [Sun, 4 Dec 2011 07:18:54 +0000 (07:18 +0000)]
MFC r213897
Update pmap_extract() to handle 1GB page mappings. Some device drivers
use pmap_extract() rather than pmap_kextract() on direct map addresses.
Thus, pmap_extract() needs to be able to deal with 1GB page mappings if
we are to use 1GB page mappings for the direct map. (See r197580.)
alc [Sun, 4 Dec 2011 06:09:02 +0000 (06:09 +0000)]
MFC r214425,214954
[1] According to the x86 architectural specifications, no virtual-to-
physical page mapping should span two or more MTRRs of different types.
Add a pmap function, pmap_demote_DMAP(), by which the MTRR module can
ensure that the direct map region doesn't have such a mapping.
[2] Fix a couple of nearby style errors in amd64_mrset().
[3] Re-enable the use of 1GB page mappings for implementing the direct
map. (See also r197580 and r213897.)
hselasky [Sat, 3 Dec 2011 14:38:54 +0000 (14:38 +0000)]
MFC r227461:
Style change.
- Make it easier to port the USB code to other platforms by only using
one set of memory functions for clearing and copying memory. None of
the memory copies are overlapping. This means using bcopy() is not
required.
- Fix a compile warning when USB_HAVE_BUSDMA=0
- Add missing semicolon in avr32dci.
- Update some comments.
dougb [Thu, 1 Dec 2011 05:48:50 +0000 (05:48 +0000)]
MFC r227482:
The default setting, daily_accounting_compress="NO", was causing
only 1 old file to be saved, so fix this.
While I'm here, fix a very old off-by-one error causing 1 more
file than specified in daily_accounting_save to be saved because
acct.0 was not taken into account (pun intended). Change that, and
use a more thorough method of finding old files to delete. Partly
just because this is the right thing to do, but also to silently
fix the extra log that would have been left behind forever with the
previous method.
bz [Wed, 30 Nov 2011 12:47:36 +0000 (12:47 +0000)]
MFC r224638,224640,224642 (by brooks):
Add support for dynamically adjusted buffers to allow the full use of
the bandwidth of long fat pipes (i.e. 100Mbps+ trans-oceanic or
trans-continental links). Bandwidth-delay products up to 64MB are
supported.
Also add support (not compiled by default) for the None cypher. The
None cypher can only be enabled on non-interactive sessions (those
without a pty where -T was not used) and must be enabled in both
the client and server configuration files and on the client command
line. Additionally, the None cypher will only be activated after
authentication is complete. To enable the None cypher you must add
-DNONE_CIPHER_ENABLED to CFLAGS via the make command line or in
/etc/make.conf.
This code is a style(9) compliant version of these features extracted
from the patches published at:
http://www.psc.edu/networking/projects/hpn-ssh/
Enable keyword expansion for $FreeBSD$ on files.
MFC r225852 (by des):
Regenerate (ssh_namespace.h) after application of the HPN patch.
marius [Tue, 29 Nov 2011 19:49:09 +0000 (19:49 +0000)]
MFC: r227960
Increase the CDMA sync timeout for Schizo bridges to 15 seconds as used by
OpenSolaris. One second turned out to be not enough for certain loads while
10 seconds were sufficient.
Reported by: Peter Jeremy
marius [Tue, 29 Nov 2011 19:45:58 +0000 (19:45 +0000)]
MFC: r228028
- Based on a report on sparc64@ move V245 to the list of known working
machines.
- Mention that V480 with broken centerplanes have a chance of working with
the WAR in the upcoming 8.3-RELEASE and 9.0-RELEASE.
qingli [Mon, 28 Nov 2011 19:53:16 +0000 (19:53 +0000)]
MFC 227460
A default route learned from the RAs could be deleted manually
after its installation. This removal may be accidental and can
prevent the default route from being installed in the future if
the associated default router has the best preference. The cause
is the lack of status update in the default router on the state
of its route installation in the kernel FIB. This patch fixes
the described problem.
kib [Sun, 27 Nov 2011 19:36:36 +0000 (19:36 +0000)]
MFC r227485:
To limit amount of the kernel memory allocated, and to optimize the
iteration over the fdsets, kern_select() limits the length of the
fdsets copied in by the last valid file descriptor index. If any bit
is set in a mask above the limit, current implementation ignores the
filedescriptor, instead of returning EBADF.
Fix the issue by scanning the tails of fdset before entering the
select loop and returning EBADF if any bit above last valid
filedescriptor index is set. The performance impact of the additional
check is only imposed on the (somewhat) buggy applications that pass
bad file descriptors to select(2) or pselect(2).
marius [Fri, 25 Nov 2011 17:08:33 +0000 (17:08 +0000)]
MFC: r227829, r227844
- Add a DEVMETHOD_END alias for KOBJMETHOD_END so that along with 'driver_t'
and DEVMETHOD() we can fully hide the explicit mention of kobj(9) from
device drivers.
- Update the device driver examples to use DEVMETHOD_END.
kib [Fri, 25 Nov 2011 09:46:36 +0000 (09:46 +0000)]
MFC r227657:
Consistently use process spin lock for protection of the
p->p_boundary_count. Race could cause the execve(2) from the threaded
process to hung since thread boundary counter was incorrect and
single-threading never finished.
gjb [Wed, 23 Nov 2011 12:24:29 +0000 (12:24 +0000)]
MFC r227769, 227770, 227771:
- Add a note to src/Makefile that explains that 'rm' runs twice because
thesecond invocation only needs to operate on files with the immutable
flag set.
- Fix the note in r227769 to be less specific to the immutable flag.
- Replace 'chflags' with 'file flags' in a comment, since 'chflags'is a
command, not a flag itself.
marius [Sat, 19 Nov 2011 13:29:55 +0000 (13:29 +0000)]
MFC: r227539
Define curthread as an inline function that loads the thread pointer
directly from g7, the pcpu pointer. This guarantees correct behavior
when the thread migrates to a different CPU.
Commit message stolen from r205431. Additional testing by Peter Jeremy.
marius [Sat, 19 Nov 2011 13:03:14 +0000 (13:03 +0000)]
MFC: r227537
As it turns out, r186347 actually is insufficient to avoid the use of the
curthread-accessing part of mtx_{,un}lock(9) when using a r210623-style
curthread implementation on sparc64, crashing the kernel in its early
cycles as PCPU isn't set up, yet (and can't be set up as OFW is one of the
things we need for that, which leads to a chicken-and-egg problem). What
happens is that due to the fact that the idea of r210623 actually is to
allow the compiler to cache invocations of curthread, it factors out
obtaining curthread needed for both mtx_lock(9) and mtx_unlock(9) to
before the branch based on kobj_mutex_inited when compiling the kernel
without the debugging options. So change kobj_class_compile_static(9)
to just never acquire kobj_mtx, effectively restricting it to its
documented use, and add a kobj_init_static(9) for initializing objects
using a class compiled with the former and that also avoids using mutex(9)
(and malloc(9)). Also assert in both of these functions that they are
used in their intended way only.
While at it, inline kobj_register_method() and kobj_unregister_method()
as there wasn't much point for factoring them out in the first place
and so that a reader of the code has to figure out the locking for
fewer functions missing a KOBJ_ASSERT.
Tested on powerpc{,64} by andreast.
dougb [Fri, 18 Nov 2011 21:04:59 +0000 (21:04 +0000)]
MFC r213077:
Simplify how we find the kernel source.
MFC r222218:
expr -> sh arithmetic expansion
MFC r226863:
Fix svnversion for svn 1.7.x by not looking for .svn in ${SYSDIR}
(since it no longer exists). Instead, run svnversion if we can find
the binary and test that the output looks like a version string.
rmacklem [Thu, 17 Nov 2011 01:02:45 +0000 (01:02 +0000)]
MFC: r227059
Both a crash reported on freebsd-current on Oct. 18 under the
subject heading "mtx_lock() of destroyed mutex on NFS" and
PR# 156168 appear to be caused by clnt_dg_destroy() closing
down the socket prematurely. When to close down the socket
is controlled by a reference count (cs_refs), but clnt_dg_create()
checks for sb_upcall being non-NULL to decide if a new socket
is needed. I believe the crashes were caused by the following race:
clnt_dg_destroy() finds cs_refs == 0 and decides to delete socket
clnt_dg_destroy() then loses race with clnt_dg_create() for
acquisition of the SOCKBUF_LOCK()
clnt_dg_create() finds sb_upcall != NULL and increments cs_refs to 1
clnt_dg_destroy() then acquires SOCKBUF_LOCK(), sets sb_upcall to
NULL and destroys socket
This patch fixes the above race by changing clnt_dg_destroy() so
that it acquires SOCKBUF_LOCK() before testing cs_refs.
dougb [Thu, 17 Nov 2011 00:36:10 +0000 (00:36 +0000)]
Upgrade to BIND 9.6-ESV-R5-P1 to address the following DDOS bug:
Recursive name servers are failing with an assertion:
INSIST(! dns_rdataset_isassociated(sigrdataset))
At this time it is not thought that authoritative-only servers
are affected, but information about this bug is evolving rapidly.
Because it may be possible to trigger this bug even on networks
that do not allow untrusted users to access the recursive name
servers (perhaps via specially crafted e-mail messages, and/or
malicious web sites) it is recommended that ALL operators of
recursive name servers upgrade immediately.
For more information see:
https://www.isc.org/software/bind/advisories/cve-2011-tbd
which will be updated as more information becomes available.
jhb [Wed, 16 Nov 2011 18:33:17 +0000 (18:33 +0000)]
MFC 220791,220793,220846,221836,226364:
Add the posix_fallocate(2) syscall. The default implementation in
vop_stdallocate() is filesystem agnostic and will run as slow as a
read/write loop in userspace; however, it serves to correctly
implement the functionality for filesystems that do not implement a
VOP_ALLOCATE.
Allow VOP_ALLOCATE to be iterative, and have kern_posix_fallocate(9)
drive looping and potentially yielding.
jhb [Wed, 16 Nov 2011 17:48:05 +0000 (17:48 +0000)]
Partially MFC 218195, 218424, and 221829:
- Put the general logic for being a CPU hog into a new function
should_yield().
- Encapsulate the common case of check-and-yield into a new function
maybe_yield().
- Add kern_yield() as a more generic version of uio_yield() and reimplement
uio_yield() in terms of kern_yield().
To preserve the ABI of struct thread, should_yield() in 8 continues to
use PCPU_GET(switchticks) rather than the td_swvolticks added in 9. Also,
existing users of uio_yield() are left unchanged. Instead, the routines
are merely added for use by new code.
ae [Wed, 16 Nov 2011 16:42:23 +0000 (16:42 +0000)]
MFC r227272:
Add reference to gpart(8).
MFC r227292:
Improve error reporting when MBR can not be written.
Remove obsolete code which uses DIOCSMBR ioctl.
When writing MBR first check that GEOM_MBR is available, if it is not
available, then try write MBR directly to provider. If both are failed,
then recommend to use gpart(8).
ae [Wed, 16 Nov 2011 16:24:36 +0000 (16:24 +0000)]
MFC r227231:
To be in sync with GEOM_PART_BSD limit the maximum number of supported
partitions to 20.
MFC r227248:
bsdlabel(8) could automatically fill many of disklabel's deprecated
fields, but user could specify some of those fields when edits disklabel
with `bsdlabel -e`. But without -A flag these fields might be
overwritten with default values from the virgin disklabel.
So, don't overwrite such fields if they are not zero. Also add checks
to prevent creating disklabel with less than DEFPARTITIONS and more
than MAXPARTITIONS partitions.
PR: bin/162332
Tested by: Eugene Grosbein
MFC r227262:
Remove unneeded checks.
MFC r227270:
Add recommendation to use gpart(8) when user tries write disklabel
or bootcode to already opened provider.
fabient [Wed, 16 Nov 2011 15:25:12 +0000 (15:25 +0000)]
MFC r226514,r226526,r226986:
Add a flush of the current PMC log buffer before displaying the next top.
As the underlying block is 4KB if the PMC throughput is low the measurement
will be reported on the next tick. pmcstat(8) use the modified flush API to
reclaim current buffer before displaying next top.
rstone [Fri, 11 Nov 2011 02:15:44 +0000 (02:15 +0000)]
MFC 224156:
Fix a LOR between hwpmc and the kernel linker. When a system-wide
sampling mode PMC is allocated, hwpmc calls linker_hwpmc_list_objects()
while already holding an exclusive lock on pmc-sx lock. list_objects()
tries to acquire an exclusive lock on the kld_sx lock. When a KLD module
is loaded or unloaded successfully, kern_kld(un)load calls into the pmc
hook while already holding an exclusive lock on the kld_sx lock. Calling
the pmc hook requires acquiring a shared lock on the pmc-sx lock.
Fix this by only acquiring a shared lock on the kld_sx lock in
linker_hwpmc_list_objects(), and also downgrading to a shared lock on the
kld_sx lock in kern_kld(un)load before calling into the pmc hook. In
kern_kldload this required moving some modifications of the linker_file_t
to happen before calling into the pmc hook.
This fixes the deadlock by ensuring that the hwpmc -> list_objects() case
is always able to proceed. Without this patch, I was able to deadlock a
multicore system within minutes by constantly loading and unloading an KLD
module while I simultaneously started a sampling mode PMC in a loop.
rstone [Fri, 11 Nov 2011 02:13:35 +0000 (02:13 +0000)]
MFC 221081:
If the 4BSD scheduler tries to schedule a thread that has been pinned or
bound to an AP before SMP has started, the system will panic when we try
to touch per-CPU state for that AP because that state has not been
initialized yet. Fix this in the same way as ULE: place all threads in
the global run queue before SMP has started.
rstone [Fri, 11 Nov 2011 02:10:24 +0000 (02:10 +0000)]
MFC 220888
r179417 introduced a bug into pthread_once(). Previously pthread_once()
used a global pthread_mutex_t for synchronization. r179417 replaced that
with an implementation that directly used atomic instructions and thr_*
syscalls to synchronize callers to pthread_once. However, calling
pthread_mutex_lock on the global mutex implicitly ensured that
_thr_check_init() had been called but with r179417 this was no longer
guaranteed. This meant that if you were unlucky enough to have your first
call into libthr be a call to pthread_once(), you would segfault when
trying to access the pointer returned by _get_curthread().
The fix is to explicitly call _thr_check_init() from pthread_once().
rstone [Fri, 11 Nov 2011 02:02:55 +0000 (02:02 +0000)]
MFC 220227:
GNU awk does not output escaped newlines in multi-line printc statements.
This leads to compile errors when trying to compile firmware(9) stubs
created with gawk, as multiple #include statements end up on the same
line. Replace the multi-line printc statement that outputs all of the
#includes with one printc per #include. This allows modules compatible
with firmware(9) to be cross-built from a Linux machine without requiring
the one true awk to be installed.
I've intentionally done the minimal set of changes necessary to make gawk
produce valid (but not pretty) C code, to reduce the churn and keep
fw_stubs.awk as readable as possible.
rstone [Fri, 11 Nov 2011 01:37:48 +0000 (01:37 +0000)]
MFC 215507:
When doing a camcontrol rescan all or a camcontrol reset all, use the wildcard
path id for enumerating the available busses. Previously camcontrol was
implicitly passing 0 as the first path id, which meant that if bus 0 was not
present camcontrol would fail with EINVAL instead of rescanning/resetting any
busses that were present.
marius [Mon, 7 Nov 2011 13:45:18 +0000 (13:45 +0000)]
MFC: r227006, r227281, r227282
Add a PCI front-end to esp(4) allowing it to support AMD Am53C974 and
replace amd(4) with the former in the amd64, i386 and pc98 GENERIC kernel
configuration files. Besides duplicating functionality, amd(4), which
previously also supported the AMD Am53C974, unlike esp(4) is no longer
maintained and has accumulated enough bit rot over time to always cause
a panic during boot as long as at least one target is attached to it
(see PR 124667).
marius [Mon, 7 Nov 2011 13:17:40 +0000 (13:17 +0000)]
MFC: r226947, r226949, r227284
- Use device_t rather than the NetBSDish struct device.
- Move esp_devclass to ncr53c9x.c in order to allow different bus front-ends
to use it.
- Use KOBJMETHOD_END.
- Remove the gl_clear_latched_intr hook as it's not needed for any of the
chips nor the front-ends supported in FreeBSD and likely never will be.
- Correct the DMA constraints and only limit the tag used for the transfer
buffers to 32-bit DMA as that address is written into a 32-bit register.
- The ESP200 also only supports up to 64k transfers.
- Don't let the DMA and SBus front-end supply a maximum transfer size larger
than MAXPHYS as that's the maximum the upper layers use and we otherwise
just waste resources unnecessarily.
- Initialize the ECB callout and don't zero the handle when returning ECBs
to the free list so that ncr53c9x_callout() actually is called with the
driver lock held.
- On detach the driver lock should be held across cam_sim_free() according
to isp(4) and a panic received.
- Check the return value of NCRDMA_SETUP(), i.e. bus_dmamap_load(9), and try
to handle failures gracefully.
- In ncr53c9x_action() replace N calls to xpt_done() in a switch with just
one at the end.
- On XPT_PATH_INQ report "NCR" rather than "Sun" as the vendor as the former
is somewhat more correct as well as the maximum supported transfer size via
maxio in order to take advantage of controllers that that can handle more
than DFLTPHYS.
- Freeze the device queue if a request didn't complete without error and
isn't already frozen.
- Print the number of MESSAGE (EXTENDED) rejected.
- Fix the path encoded in the multiple inclusion protection of ncr53c9xvar.h.
- Correct the DMA constraints used in the LSI64854 core to not exceed the
maximum supported transfer size and include the boundary so we don't need
to check on every setup of a DMA transfer.
- Let the bus DMA map callbacks do nothing in case of an error.
- Correctly handle > 64k transfers for FAS366 in the LSI64854. A new feature
flag NCR_F_LARGEXFER was introduced so we just need to check for this one
and not for individual controllers supporting large transfers in several
places.
- Let the LSI64854 core load transfer buffers using BUS_DMA_NOWAIT as the
NCR53C9x core can't handle EINPROGRESS. Due to lack of bounce buffers
support, sparc64 doesn't actually use EINPROGRESS and likely never will,
as an example for writing additional front-ends for the NCR53C9x core it
makes sense to set BUS_DMA_NOWAIT anyway though.
- Some minor cleanup.
marius [Mon, 7 Nov 2011 11:31:14 +0000 (11:31 +0000)]
Automatically compile in mii_bitbang.c if one of the drivers depending on
it since r227278 is compiled into the kernel. This restores POLA for people
that don't use "options miibus" but "options mii" and individual PHY drivers
instead.
This is a direct commit to stable/8.