SSL_set_tlsext_host_name(3) internally does not modify the host buffer
pased to it. So it is safe to DECONST the struct url* here.
Reported by: gjb
Approved by: bapt (implicit)
MFC after: 1 week
X-MFC-With: r258347
SNI is Server Name Indentification which is a protocol for TLS that
indicates the host that is being connected to at the start of the
handshake. It allows to use Virtual Hosts on HTTPS.
Submitted by: sbz
Submitted by: Michael Gmelin <freebsd@grem.de> [1]
PR: kern/183583 [1]
Reviewed by: des
Approved by: bapt
MFC after: 1 week
On machines with seveal CPUs and enough RAM this can easily twice improve
ZFS performance or twice reduce CPU usage. It was disabled three years
ago due to memory and KVA exhaustion reports, but our VM subsystem got
improved a lot since that time, hopefully enough to make another try.
This is a last resort for very low memory condition in case other measures
to free memory were ineffective. Sequentially cycle through all CPUs and
extract per-CPU cache buckets into zone cache from where they can be freed.
Lock congestion is the same, whether it happens on alloc or free, so
handle it equally. Now that we have back pressure, there is no problem
to grow buckets a bit faster. Any way growth is much slower then in 9.x.
These new buckets make bucket size self-tuning more soft and precise.
Without them there are buckets for 1, 5, 13, 29, ... items. While at
bigger sizes difference about 2x is fine, at smallest ones it is 5x and
2.6x respectively. New buckets make that line look like 1, 3, 5, 9, 13,
29, reducing jumps between steps, making algorithm work softer, allocating
and freeing memory in better fitting chunks. Otherwise there is quite a
big gap between allocating 128K and 5x128K of RAM at once.
Every time system detects low memory condition decrease bucket sizes for
each zone by one item. As result, higher memory pressure will push to
smaller bucket sizes and so smaller per-CPU caches and so more efficient
memory use.
Before this change there was no force to oppose buckets growth as result
of practically inevitable zone lock conflicts, and after some run time
per-CPU caches could consume enough RAM to kill the system.
adapters. Both devices support Gigabit Ethernet and USB 2.0, and the AX88179
supports USB 3.0. The driver was written by kevlo@ and lwhsu@, with a few
bug fixes from me.
MFC after: 2 months
- Add ' to the list of directly encoded characters and * to the list of
optionally directly encoded characters as per RFC 2152.
- In _citrus_UTF7_mbtoutf16 on end of input when the next output character
has only been partially decoded, save a copy of the buffer of input
characters (not just its length). On the next call with more input
characters this buffer is reprocessed together with the new input to
form a fully decoded output character.
- At the end of a base64 encoded sequence fully discard '-' (BASE64_OUT)
by decrementing psenc->chlen and i. This is needed to make room in
psenc->ch (input buffer) in case the next input character starts a new
base64 encoded sequence. And also, if this is the end of input and no
output character can be returned, this brings the encoder in the initial
state as indicated by _citrus_UTF7_stdenc_get_state_desc_generic which
is used by the caller to distinguish between no output and partial
output.
- In _citrus_UTF7_mbrtowc_priv pass the s parameter (input pointer)
directly to _citrus_UTF7_mbtoutf16 instead of a copy (s0). This way s
is updated correctly in case of errors.
- In _citrus_UTF7_mbrtowc_priv when called with psenc->surrogate set
(previous call did not have enough input), retrieve the previously
decoded UTF-16 character from (psenc->cache >> psenc->bits) instead of
(psenc->cache >> 2).
MFC after: 5 days
Fix several problems that can cause panics on kldload and kldunload.
* kproc_create(fasttrap_pid_cleanup_cb, ...) gets called before
fasttrap_provs.fth_table gets allocated. This can lead to a panic
on module load, because fasttrap_pid_cleanup_cb references
fasttrap_provs.fth_table. Move kproc_create down after the point
that fasttrap_provs.fth_table gets allocated, and modify the error
handling accordingly.
* dtrace_fasttrap_{fork,exec,exit} weren't getting NULLed until
after fasttrap_provs.fth_table got freed. That caused panics on
module unload because fasttrap_exec_exit calls
fasttrap_provider_retire, which references
fasttrap_provs.fth_table. NULL those function pointers earlier.
* There wasn't any code to destroy the
fasttrap_{tpoints,provs,procs}.fth_table mutexes on module unload,
leading to a resource leak when WITNESS is enabled. Destroy those
mutexes during fasttrap_unload().
Reviewed by: markj
Approved by: ken (mentor)
Sponsored by: Spectra Logic
MFC after: 4 weeks
with the additional step of fetching packages for inclusion on the
dvd image.
The 'pkg-stage' target is used to run 'scripts/pkg-stage.sh' if
the '${TARGET}/pkg-stage.conf' configuration file exists (currently
only amd64 and i386).
Allow dvd1.iso to be skipped if NODVD=1.
MFC after: 3 days
X-MFC-With: r258305, r258307, r258308, r258309
Sponsored by: The FreeBSD Foundation
the chroot directory, since hostname resolution may be
needed in the case of building a dvd image (with packages)
and also setting 'NOPORTS=1'.
MFC after: 3 days
X-MFC-With: r258305, r258307
Sponsored by: The FreeBSD Foundation
from pkg.FreeBSD.org for inclusion on release medium (dvd1.iso).
The script sources ${.CURDIR}/${TARGET}/pkg-stage.conf, which sets
several environment variables, such as the pkg(8) ABI, PACKAGESITE,
PKG_DBDIR, and PKG_CACHEDIR. PKG_CACHEDIR is set to the directory
on the release medium used by bsdconfig(8) (/packages/${ABI}). ABI
is determined by output of 'make -C /usr/src/release -V REVISION'.
See pkg.conf(5) for descripton on other variables set here.
The list of packages to include are set within the configuration
file.
The script and configuration files are intended to be run by the
'make dvd' target within the release directory, and assume the
release is built within a chroot environment (such as by using
release.sh).
Relevant updates to release/Makefile will follow.
Sponsored by: The FreeBSD Foundation
This change adds some sample test cases to share/examples/tests/
demonstrating the basic usage of the atf and plain interfaces.
These test programs are fully-functional and are installed as part
of the test suite, which guarantees that the sample code remains
correct. However, they currently mostly serve as a placeholder for
additional examples and may be incomplete (depending on how you
look at them). I will see what else can be useful while working on
documentation.
As a bonus, the addition of these tests exercise the *.test.mk files,
one of which (plain.test.mk) was not yet in use, and also demonstrates
that it's possible to mix different kinds of test programs into the
same test suite.
Approved by: rpaulo (mentor)
SRCS.<prog> must be explicitly defined when using the PROGS* functionality
for each program to be built.
As there are no plain test programs in the system yet, this was not
detected.
Approved by: rpaulo (mentor)
C++ programs need to be added to PROGS_CXX, not PROGS, and the code was
actually doing both. Just keep the registration into PROGS_CXX to
prevent possible obscure build problems.
Approved by: rpaulo (mentor)
It was not being correctly copied into the kernel on FreeBSD, and as a
result, probes with multiple probe sites were not being created properly.
To fix this, change the ioctl definition so that the fasttrap ioctl handler
is responsible for copying in userland data.
Submitted by: Prashanth Kumar <pra_udupi@yahoo.co.in>
MFC after: 1 month
This is because the atf vendor branch now includes a verbatim copy of
the distfile sources. As a result, the list of files to-be-removed from
the contrib/ directory is now more aggressive (and different) and the
upgrade notes now only describe stuff that is specific to the atf import
and is not documented in the Subversion Primer.
Approved by: rpaulo (mentor)
When building various programs from a single Makefile, program-specific
variables are of the form <VAR>.<PROG>, not <VAR>_<PROG>. Fix this
obvious typo to fix the build when WITH_TESTS=yes.
I am not sure how this ever worked before given that manual inspection
of bsd.progs.mk clearly shows that the expected character between the
two components is a dot and not an underscore... but I suspect the
changes in r258095 exposed this oddity.
Approved by: rpaulo (mentor)
FreeBSD systems usually implemented this as a third party module and
our implementation hasn't played as nicely with the old way as it could
have.
To that end:
* Rename the iconv* symbols in libc.so.7 to have a __bsd_ prefix.
* Provide .symver compatability with existing 10.x+ binaries that
referenced the iconv symbols. All existing binaries should work.
* Like on Linux/glibc systems, add a libc_nonshared.a to the ldscript
at /usr/lib/libc.so.
* Move the "iconv*" wrapper symbols to libc_nonshared.a
This should solve the runtime ambiguity about which symbols resolve
to where. If you compile against the iconv in libc, your runtime
dependencies will be unambiguous.
Old 9.x libraries and binaries will always resolve against their
libiconv.so.3 like they did on 9.x. They won't resolve against libc.
Old 10.x binaries will be satisified by the .symver helpers.
This should allow ports to selectively compile against the libiconv
port if needed and it should behave without ambiguity now.
Discussed with: kib
Per POSIX, si_status should contain the value passed to exit() for
si_code==CLD_EXITED and the signal number for other si_code. This was
incorrect for CLD_EXITED and CLD_DUMPED.
This is still not fully POSIX-compliant (Austin group issue #594 says that
the full value passed to exit() shall be returned via si_status, not just
the low 8 bits) but is sufficient for a si_status-related test in libnih
(upstart, Debian/kFreeBSD).
PR: kern/184002
Reported by: Dmitrijs Ledkovs
Tested by: Dmitrijs Ledkovs
On some machines (G5 with lots of RAM), entering OF sometimes causes the
machine to hang. Once the machine is booted, currently the only entry point
into OF is through resetting the framebuffer on mode switch on these machines.
Disabling this allows the machine to stay up at the expense of less usable
consoles after X is started.
MFC after: Never, this is only a hack
some comment I wrote about these values "lying" in the negative diff, which
referes to an earlier misunderstanding about which node to read them from.
This gets at least the PPC64 kernel booting in the mac99 system model in
QEMU after bypassing the MacIO ATA driver, which apparently still has
problems.
conditionally include (but ignore failures) /boot/loader.rc.local and
/boot/menu.rc.local -- to make customizing the menu easier.
Reviewed by: alfred
Discussed on: -hackers
