In the current implementation, the isp_kthread() threads never exit.
The target threads do have an exit mode from isp_attach(), but it is
not invoked from isp_detach().
Ensure isp_detach() notifies threads started for each channel, such
that they exit before their parent device softc detaches, and thus
before the module does. Otherwise, a page fault panic occurs later in:
sysctl_kern_proc
sysctl_out_proc
kern_proc_out
fill_kinfo_proc
fill_kinfo_thread
strlcpy(kp->ki_wmesg, td->td_wmesg, sizeof(kp->ki_wmesg));
For isp_kthread() (and isp(4) target threads), td->td_wmesg references
now-unmapped memory after the module has been unloaded. These threads
are typically msleep()ing at the time of unload, but they could also
attempt to execute now-unmapped code segments.
MFC after: 1 month
Sponsored by: Spectra Logic
MFSpectraBSD: r1070921 on 2014/06/22 13:01:17
This enables a common root directory for all object files for a given tree,
which eases sharing a common MAKEOBJDIRPREFIX, and cleaning up of object trees.
In particular, one can simply (from the source directory) rm -rf /usr/obj$(pwd)
to destroy all object files for it. Or to copy/sync files, etc.
Reviewed by: bdrewery
CR: https://reviews.freebsd.org/D796
MFC after: 1 month
Sponsored by: Spectra Logic
MAP_PRIVATE flags to MAP_SHARED. Apparently, some code in tree, in
particular, libgeom, relied on this behaviour, see r271721. For
regular file types, the absence of the flags is interpreted as
MAP_PRIVATE, and libc nlist used this (fixed in r271723).
Allow the implicit flags for legacy binaries. Bump __FreeBSD_version
to get the ABI note on new binaries to check for in mmap code.
Remove the test for presence of one of the MAP_ANON, MAP_SHARED or
MAP_PRIVATE flags before fget_mmap(). For MAP_ANON, we already verify
that passed fd == -1. For fd != -1, test after fget_mmap() (for newer
binaries) covers the case.
Reported by: bdrewery, pho
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
than u_char.
Migrate post_filter to use an int for a CPU rather than u_char.
Change intr_event_bind() to use an int for CPU rather than u_char.
It touches the ppc, sparc64, arm and mips machdep code but it should
(hah!) be a no-op.
Tested:
* i386, AMD64 laptops
Reviewed by: jhb
This feature is required by Mesa 9.2+. Without this, a GL application
crashes with the following message:
# glxinfo
name of display: :0.0
Gen6+ requires Kernel 3.6 or later.
Assertion failed: (ctx->Version > 0), function handle_first_current,
file ../../src/mesa/main/context.c, line 1498.
Abort (core dumped)
Now, Mesa 10.2.4 and 10.3-rc3 works fine:
# glxinfo
name of display: :0
display: :0 screen: 0
direct rendering: Yes
...
OpenGL renderer string: Mesa DRI Intel(R) 965GM
OpenGL version string: 2.1 Mesa 10.2.4
...
The code was imported from Linux 3.8.13.
Reviewed by: kib@
Tested by: kwm@, danfe@, Henry Hu,
Lundberg, Johannes <johannes@brilliantservice.co.jp>,
Johannes Dieterich <dieterich.joh@gmail.com>,
Lutz Bichler <lutz.bichler@gmail.com>,
MFC after: 3 days
Relnotes: yes
in r263741. At least with CTL (slightly modified to report SPC2) there
is still some problem: it doesn't seem to find LUNs higher than 7.
Sponsored by: The FreeBSD Foundation
It seems that if a pragma is used to define a weak alias for a local
function, the pragma must appear after the function is defined.
PR: 193056
MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
seems that they would only pass by chance on illumos; on FreeBSD, they still
fail since userland CTF is not yet supported.
MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
Summary:
Fix the stack tracing for dtrace/powerpc by using the trapexit/asttrapexit
return address sentinels instead of checking within the kernel address space.
As part of this, I had to add new inline functions. FBT traces the kernel, so
we have to have special case handling for this, since a trap will create a full
new trap frame, and there's no way to pass around the 'real' stack. I handle
this by special-casing 'aframes == 0' with the trap frame. If aframes counts
out to the trap frame, then assume we're looking for the full kernel trap frame,
so switch to the real stack pointer.
Test Plan: Tested on powerpc64
Reviewers: rpaulo, markj, nwhitehorn
Reviewed By: markj, nwhitehorn
Differential Revision: https://reviews.freebsd.org/D788
MFC after: 3 week
Relnotes: Yes
This is cleaner and eliminates the unneeded startup of KVP daemon on
systems that do not run as a Hyper-V guest.
Submitted by: hrs
X-MFC-with: 271493, 271688, 271699
run when asked for by the user. Right now, hv_kvpd is run on every boot.
Don't do that.
Add hv_kvpd_enable= for this script to be run.
MFC with 271493
MFC after: 2 weeks
Relnotes: yes
commit 8bd88585ed8e3f7def0d780a1bc30d96fe642b9c
Rework atse_rx_cycles handling: count packets instead of fills, and use the
limit only when polling, not when in interrupt mode. Otherwise, we may
stop reading the FIFO midpacket and clear the event mask even though the
FIFO still has data to read, which could stall receive when a large packet
arrives. Add a comment about races in the Altera FIFO interface: we may
need to do a little more work to handle races than we are.
commit 20b39086cc612f8874dc9e6ef4c0c2eb777ba92a
Use 'sizeof(data)' rather than '4' when checking an mbuf bound, as is the
case for adjusting length/etc.
commit e18953174a265f40e9ba60d76af7d288927f5382
Break out atse_intr() into two separate routines, one for each of the two
interrupt sources: receive and transmit.
commit 6deedb43246ab3f9f597918361831fbab7fac4ce
For the RX interrupt, take interest only in ALMOSTEMPTY and OVERFLOW.
For the TX interrupt, take interest only in ALMOSTFULL and UNDERFLOW.
Perform TX atse_start_locked() once rather than twice in TX interrupt
handling -- and only if !FULL, rather than unconditionally.
commit 12601972ba08d4380201a74f5b967bdaeb23092c
Experimentation suggests that the Altera Triple-Speed Ethernet documentation
is incorrect and bits in the event and interrupt-enable registers are not
irrationally rearranged relative to the status register.
commit 3cff2ffad769289fce3a728152e7be09405385d8
Substantially rework interrupt handling in the atse(4) driver:
- Introduce a new macro ATSE_TX_PENDING() which checks whether there is
any pending data to transmit, either in an in-progress packet or in
the TX queue.
- Introduce new ATSE_RX_STATUS_READ() and ATSE_TX_STAUTS_WRITE() macros
that query the FIFO status registers rather than event registers,
offering level- rather than edge-triggered FIFO conditions.
- For RX, interrupt only on full/overflow/underflow; for TX, interrupt
only on empty/overflow/underflow.
- Add new ATSE_RX_INTR_READ() and ATSE_RX_INTR_WRITE() macros useful for
debugging interrupt behaviour.
- Add a debug.atse_intr_debug_enable sysctl that causes various pieces
of FIFO state to be printed out on each RX or TX interrupt. This is
disabled by default but good to turn on if the interface appears to
wedge. Also print debugging information when polling.
- In the watchdog handler, do receive, not just transmit, processing, to
ensure that the rx, not just tx, queue is being handled -- and, in
particular, will be drained such that interrupts can resume.
- Rework both atse_rx_intr() and atse_tx_intr() to eliminate many race
conditions, and add comments on why various things are in various
orders. Interactions between modifications to the event and interrupt
masks are quite subtle indeed, and we must actively check for a number
of races (e.g., event mask cleared; packet arrives; interrupts enabled).
We also now use the status registers rather than event registers for
FIFO status checks to avoid other races; we continue to use event
registers for underflow/overflow.
With this change, interrupt-driven operation of atse appears (for the
time being) robust.
commit 3393bbff5c68a4e61699f9b4a62af5d2a5f918f8
atse: Fix build after 3cff2ffa
Obtained from: cheribsd
Submitted by: rwatson, emaste
Sponsored by: DARPA/AFRL
MFC after: 3 days
fibs. Use the mbuf's or the socket's fib instead of RT_ALL_FIBS. Fixes PR
187553. Also fixes netperf's UDP_STREAM test on a nondefault fib.
sys/netinet/ip_output.c
In ip_output, lookup the source address using the mbuf's fib instead
of RT_ALL_FIBS.
sys/netinet/in_pcb.c
in in_pcbladdr, lookup the source address using the socket's fib,
because we don't seem to have the mbuf fib. They should be the same,
though.
tests/sys/net/fibs_test.sh
Clear the expected failure on udp_dontroute.
PR: 187553
CR: https://reviews.freebsd.org/D772
MFC after: 3 weeks
Sponsored by: Spectra Logic
This fixes a bug which resulted in a warning on the userland
stack, when compiled on Windows.
Thanks to Peter Kasting from Google for reporting the issue and
provinding a potential fix.
MFC after: 3 days
towards blind SYN/RST spoofed attack.
Originally our stack used in-window checks for incoming SYN/RST
as proposed by RFC793. Later, circa 2003 the RST attack was
mitigated using the technique described in P. Watson
"Slipping in the window" paper [1].
After that, the checks were only relaxed for the sake of
compatibility with some buggy TCP stacks. First, r192912
introduced the vulnerability, just fixed by aforementioned SA.
Second, r167310 had slightly relaxed the default RST checks,
instead of utilizing net.inet.tcp.insecure_rst sysctl.
In 2010 a new technique for mitigation of these attacks was
proposed in RFC5961 [2]. The idea is to send a "challenge ACK"
packet to the peer, to verify that packet arrived isn't spoofed.
If peer receives challenge ACK it should regenerate its RST or
SYN with correct sequence number. This should not only protect
against attacks, but also improve communication with broken
stacks, so authors of reverted r167310 and r192912 won't be
disappointed.
[1] http://bandwidthco.com/whitepapers/netforensics/tcpip/TCP Reset Attacks.pdf
[2] http://www.rfc-editor.org/rfc/rfc5961.txt
Changes made:
o Revert r167310.
o Implement "challenge ACK" protection as specificed in RFC5961
against RST attack. On by default.
- Carefully preserve r138098, which handles empty window edge
case, not described by the RFC.
- Update net.inet.tcp.insecure_rst description.
o Implement "challenge ACK" protection as specificed in RFC5961
against SYN attack. On by default.
- Provide net.inet.tcp.insecure_syn sysctl, to turn off
RFC5961 protection.
The changes were tested at Netflix. The tested box didn't show
any anomalies compared to control box, except slightly increased
number of TCP connection in LAST_ACK state.
Reviewed by: rrs
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
in order to improve user-friendliness when a system has multiple disks
encrypted using the same passphrase.
When examining a new GELI provider, the most recently used passphrase
will be attempted before prompting for a passphrase; and whenever a
passphrase is entered, it is cached for later reference. When the root
disk is mounted, the cached passphrase is zeroed (triggered by the
"mountroot" event), in order to minimize the possibility of leakage
of passphrases. (After root is mounted, the "taste and prompt for
passphrases on the console" code path is disabled, so there is no
potential for a passphrase to be stored after the zeroing takes place.)
This behaviour can be disabled by setting kern.geom.eli.boot_passcache=0.
Reviewed by: pjd, dteske, allanjude
MFC after: 7 days