The most important change in this release is the removal of the
poll_fd() system call; CloudABI's equivalent of kevent(). Though I think
that kqueue is a lot saner than many of its alternatives, our
experience is that emulating this system call on other systems
accurately isn't easy. It has become a complex API, even though I'm not
convinced this complexity is needed. This is why we've decided to take a
different approach, by looking one layer up.
We're currently adding an event loop to CloudABI's C library that is API
compatible with libuv (except when incompatible with Capsicum).
Initially, this event loop will be built on top of plain inefficient
poll() calls. Only after this is finished, we'll work our way backwards
and design a new set of system calls to optimize it.
Interesting challenges will include integrating asynchronous I/O into
such a system call API. libuv currently doesn't aio(4) on Linux/BSD, due
to it being unreliable and having undesired semantics.
Obtained from: https://github.com/NuxiNL/cloudabi
Instead, use a runtime decision to handle COP1 traps. If floating point
support is present in the current CPU, enable saving of the floating point
state. If support is not present, fail with SIGILL.
Reviewed by: imp, br
Sponsored by: DARPA / AFRL
Differential Revision: https://reviews.freebsd.org/D12707
All of the kernel dump implementations keep track of the current offset
("dumplo") within the dump device. However, except for textdumps, they
all write the dump sequentially, so we can reduce code duplication by
having the MI code keep track of the current offset. The new
dump_append() API can be used to write at the current offset.
This is needed to implement support for kernel dump compression in the
MI kernel dump code.
Also simplify dump_encrypted_write() somewhat: use dump_write() instead
of duplicating its bounds checks, and get rid of the redundant offset
tracking.
Reviewed by: cem
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D11722
Now that OBJS has grown an OBJS_SRCS_FILTER variable, use this variable
in the computation of BCOBJS and LLOBJS too. Also move BCOBJS and LLOBJS
computation to be next to the OBJS computation: this should both make
the parallel structure clearer and serve to remind people changing OBJS
that parallel changes are required in BCOBJS and LLOBJS.
A side effect of this change is that BCOBJS and LLOBJS will be available
even when LLVM_LINK has not been defined, but that seems like a positive
change: there's no reason we can't ask "what bitcode files would you
generate" just because we can't link those files together into a
complete bitcode representation of a binary or library.
Reviewed by: sjg
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D12701
The build rule describing how to create ${PROG_FULL}.{bc,ll} is only
dependent on LLVM_LINK being defined, not on MK_DEBUG_FILES being "yes".
Move the addition of ${PROG_FULL}.{bc,ll} out of the conditional block
under `.if ${MK_DEBUG_FILES} != "no"` and up next to where the build
rules for ${PROG_FULL}.{bc,ll} are defined.
Reviewed by: emaste
MFC after: 1 week
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D12703
mbpool existed to support NICs with memory interfaces and all remaining
comsumers were removed earlier this year with NATM.
Reviewed by: jhb
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D10513
Back out the unification commit to boot1. There's some issues on the
arm and arm64 platforms that need to be addressed with code
changes. There's also a discussion on arch@ about the future of
boot1.efi vs just using loader.efi that needs to play out. So take a
pause on these changes until the arm issues can be fixed and it's
clear boot1.efi will survive into FreeBSD 12.
OK'd by: Eric@meatspace
Ensure that we are called with two arguments, and that the output file
is writable. Also, if we cannot find the mfs section report the output
file name rather than "kernel", as this script may be used with other
than kernels.
Sponsored by: The FreeBSD Foundation
r324539 gathered some vnet decls into netinet/tcp_var.h, so that they
are now redundant in dev/cxgbe/tom/{t4_cpl_io.c,t4_ddp.c}. This triggers
gcc -Wredundant-decls.
Reviewed by: np
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D12674
MNT_VNODE_FOREACH_ALL() is supposed to avoid returning doomed vnodes,
but the VI_DOOMED check it used was done without the vnode interlock
held, so it could race with a concurrent vgone().
Submitted by: Don Morris <don.morris@isilon.com>
Reviewed by: kib, mckusick
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D12704
We don't normally provide special handling for optionally-included src
files, but md.o depends on both md.c and the value of ${MD_IMAGE_SIZE}.
Previously if one built with MD_IMAGE_SIZE, executed "make clean", and
then built with a different MD_IMAGE_SIZE md.o would not be rebuilt.
Reported by: Zakary Nafziger
Sponsored by: The FreeBSD Foundation
hostapd: Avoid key reinstallation in FT handshake
Prevent reinstallation of an already in-use group key
Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
Fix TK configuration to the driver in EAPOL-Key 3/4 retry case
Prevent installation of an all-zero TK
Fix PTK rekeying to generate a new ANonce
TDLS: Reject TPK-TK reconfiguration
WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use
WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used
WNM: Ignore WNM-Sleep Mode Response without pending request
FT: Do not allow multiple Reassociation Response frames
TDLS: Ignore incoming TDLS Setup Response retries
Submitted by: jhb
Obtained from: https://w1.fi/security/2017-01/ (against later version)
Security: FreeBSD-SA-17:07
Security: CERT VU#228519
Security: CVE-2017-13077
Security: CVE-2017-13078
Security: CVE-2017-13079
Security: CVE-2017-13080
Security: CVE-2017-13081
Security: CVE-2017-13082
Security: CVE-2017-13086
Security: CVE-2017-13087
Security: CVE-2017-13088
Differential Revision: https://reviews.freebsd.org/D12693
We previously taught the build system how to create files like libfoo.bc,
but neglected to teach it about cleaning such files up. Rectify this now.
MFC after: 1 week
Sponsored by: DARPA, AFRL
CAM_REQ_ABORTED sounds natural for aborting outstanding requests when
tearing down a session, but that status actually causes eligible
requests to be tried again. That's completely useless, so let's use
CAM_DEV_NOT_THERE instead. Perhaps there is a better status, but this
should be good enough. The change should affect only the session
termination.
Tested by: Ben RUBSON <ben.rubson@gmail.com>
Reviewed by: mav, trasz
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D12653
It should be sufficient to hold the lock just for removing the session
from the session list. Everything else should be covered by the session
specific lock.
On top of that, at present we can get a deadlock caused by waiting on
the CAM SIM reference count while holding the global lock. A specific
scenario involving ZFS is this:
- concurrent termination of two sessions, S1 and S2
- session S1 completed all I/Os and sleeps in CAM waiting for device
close by ZFS;
- session S2 is also dead now, but can not forcefully complete
outstanding requests by calling iscsi_session_cleanup() from
iscsi_maintenance_thread_terminate(), since it can't get the same
global sc_lock;
- as soon as there are unfinished requests, ZFS can not do
spa_config_enter() as writer, and so can not close the device for
session S1;
- deadlock.
Reported by: Ben RUBSON <ben.rubson@gmail.com>
Tested by: Ben RUBSON <ben.rubson@gmail.com>
Reviewed by: mav, trasz
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D12652
In FreeBSD 11 and later debug.iosize_max_clamp defaults to 0, and the
maximum nbytes count for write(2) is SSIZE_MAX. Update the man page to
document this, and mention the sysctl that can be set to obtain the
previous behaviour.
PR: 196666
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
This is a NFC patch to move around the Search:memory implementation so
that it doesn't exceed the standard column width and doesn't take so
much vertical space in gdb_trap.
Submitted by: Daniel O'Connor <darius@dons.net.au>
Reviewed by: cem, jhb
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D12684
When the NFSv4.1 pNFS client is using a Flexible File Layout specifying
mirrored Data Servers, it must do the writes and commits to all mirrors.
This patch modifies the client to use a taskqueue to perform these writes
and commits concurrently.
The number of threads can't be changed for taskqueue(9), so it is set
to 4 * mp_ncpus by default, but this can be overridden by setting the
sysctl vfs.nfs.pnfsiothreads.
Differential Revision: https://reviews.freebsd.org/D12632
- Fix it by replacing m_cat() with m_prev->m_next = m_new
(m_cat() will try to append data - as a result, there will be no
fragmentation).
- Move some constants out of the loop.
Was previously tested with D4077.
Differential Revision: https://reviews.freebsd.org/D4090
Allocate smallest unit number from pool via ifc_alloc_unit_next()
and exact unit number (if available) via ifc_alloc_unit_specific().
While here, address possible deadlock (mentioned in PR).
PR: 217401
MFC after: 5 days
Differential Revision: https://reviews.freebsd.org/D12551
The stop drops process lock, which allows the signal mask to be
changed and our selected signal might become blocked, i.e. should be
returned to the process queue instead of delivery.
Also, for the existing check of the process no longer having an
attached debugger, we should not loose the signal, but requeue it.
Reported and tested by: bdrewery
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Split two conditions into separate asserts. Print additional details,
like the signal number and action value.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
geom_gettree(3) and geom_deletetree(3) functions provided by libgeom and are
not documented in libgeom(3).
Reviewed by: mav, bjk, allanjude
Approved by: allanjude
Differential Revision: https://reviews.freebsd.org/D12679
In r324542 I neglected to reset the first and last fields of struct
unrhdr. This causes a tmpfs to fail the unr(9) consistency checks with
DIAGNOSTIC on. Fix this by resetting the fields by calling init_unrhdr.
While here, change a loop to use TAILQ_FOREACH_SAFE since it is more
readable and equally fast.
Reported by: David Wolfskill <david@catwhisker.org>
Approved by: rstone (mentor)
Sponsored by: Dell EMC Isilon
For processing, reclaim_pv_chunk() removes the pv_chunk from the lru
list, which makes pc_lru linkage invalid. Then the pmap lock is
released, which allows for other thread to free the last pv entry
allocated from the chunk and call free_pv_chunk(), which tries to
modify the invalid linkage.
Similarly, the chunk is inserted into the private tailq new_tail
temporary. Again, free_pv_chunk() might be run and corrupt the
linkage for the new_tail after the pmap lock is dropped.
This is a consequence of r299788 elimination of pvh_global_lock, which
allowed for reclaim to run in parallel with other pmap calls which
free pv chunks.
As a fix, do not remove the chunk from pc_lru queue, use a marker to
remember the position in the queue iteration. We can safely operate
on the chunks after the chunk's pmap is locked, we fetched the chunk
after the marker, and we checked that chunk pmap is same as we have
locked, because chunk removal from pc_lru requires both pv_chunk_mutex
and the pmap mutex owned.
Note that the fix lost an optimization which was present in the
previous algorithm. Namely, new_tail requeueing rotated the pv chunks
list so that reclaim didn't scan the same pv chunks that couldn't be
freed (because they contained a wired and/or superpage mapping) on
every invocation. An additional change is planned which would improve
this.
Reported and tested by: pho
Reviewed by: alc
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Pass/block packets in the forwarding path with pf.
Introduce the pft_set_rules() helper function, because we need to
remember to flush states between individual tests. If not we can get
packets passing despite rules blocking them because they match states
created in a previous test.
Extend pft_ping.py to be able to send IPv6 echo requests.
