Commit Graph

226878 Commits

Author SHA1 Message Date
Kristof Provost
96b90524d1 pf tests: Remove temporary files
Remove the created_jails.lst and created_interfaces.lst files in the
cleanup code.
2017-10-26 20:55:33 +00:00
Kristof Provost
57d465298a pf tests: Fragmentation (v6) test
Test fragmentation handling (i.e. scrub fragment reassemble) code for
IPv6.

Two simple tests: Ping a host (jail) and test forwarding of fragmented
packets.
2017-10-26 20:54:52 +00:00
Kristof Provost
da86443874 pf tests: destroy jails before destroying interfaces
When cleaning up we must destroy the jails before we destroy the interfaces.
Otherwise we might try to destroy interfaces that belong to a jail, which won't
work and fail to completely clean up.
2017-10-26 20:53:56 +00:00
Mariusz Zaborski
23c5a51e92 Introduce cnvlist_name() and cnvlist_type() functions.
Those function can be used when we are iterating over nvlist to reduce
amount of extra variables we need to declare.

MFC after:	1 month
2017-10-26 20:44:42 +00:00
Alan Somers
df485bdb3c Fix aio_suspend in 32-bit emulation
An off-by-one error has been present since the system call was first present
in 185878.  It additionally became a memory corruption bug after change
324941.  The failure is actually revealed by our existing AIO tests.
However, apparently nobody's been running those in 32-bit emulation mode.

Reported by:	Coverity, cem
CID:		1382114
MFC after:	18 days
X-MFC-With:	324941
Sponsored by:	Spectra Logic Corp
2017-10-26 19:45:15 +00:00
Jilles Tjoelker
9a8ce256ed libnv: Fix strict-aliasing violation with cookie
In rS323851, some casts were adjusted in calls to nvlist_next() and
nvlist_get_pararr() in order to make scan-build happy. I think these changes
just confused scan-build into not reporting the strict-aliasing violation.

For example, nvlist_xdescriptors() is causing nvlist_next() to write to its
local variable nvp of type nvpair_t * using the lvalue *cookiep of type
void *, which is not allowed. Given the APIs of nvlist_next(),
nvlist_get_parent() and nvlist_get_pararr(), one possible fix is to create a
local void *cookie in nvlist_xdescriptors() and other places, and to convert
the value to nvpair_t * when necessary. This patch implements that fix.

Reviewed by:	oshogbo
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D12760
2017-10-26 18:32:04 +00:00
Alan Somers
33d9904abc Partially revert r325011: restore Guid's default constructor
Reported by:	ohartmann
MFC after:	3 weeks
X-MFC-With:	325011
Sponsored by:	Spectra Logic Corp
2017-10-26 17:56:34 +00:00
Warner Losh
bf8d9a5b94 Add a 'place holder' arm struct efi_fb until a real one comes
along. This allows the arm efi boot loader to compile again.

Sponsored by: Netflix
2017-10-26 16:36:27 +00:00
Warner Losh
b102a7e856 Remove now-empty directories 2017-10-26 16:02:38 +00:00
Alan Somers
12a88a3d63 zfsd should be able to online an L2ARC that disappears and returns
Previously, this didn't work because L2ARC devices' labels don't contain
pool GUIDs.  Modify zfsd so that the pool GUID won't be required:

lib/libdevdctl/guid.h
	Change INVALID_GUID from a uint64_t constant to a function that
	returns an invalid Guid object.  Remove the void constructor.
	Nothing uses it, and it violates RAII.

cddl/usr.sbin/zfsd/case_file.h
cddl/usr.sbin/zfsd/case_file.cc
	Allow CaseFile::Find to match a CaseFile based on Vdev GUID alone.
	In CaseFile::ReEvaluate, attempt to online devices even if the newly
	arrived device has no pool GUID.

cddl/usr.sbin/zfsd/vdev_iterator.cc
	Iterate through a pool's cache devices as well as its regular
	devices.

Reported by:	avg
Reviewed by:	avg
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D12791
2017-10-26 15:28:18 +00:00
Dag-Erling Smørgrav
79b67c8d4a If the user-provided password exceeds the maximum password length, don't
bother passing it to crypt().  It won't succeed and may allow an attacker
to confirm that the user exists.

Reported by:	jkim@
MFC after:	1 week
Security:	CVE-2016-6210
2017-10-26 13:23:13 +00:00
Edward Tomasz Napierala
0d73fface2 Make gmountver(8) use direct dispatch.
MFC after:	2 weeks
2017-10-26 10:18:31 +00:00
Don Lewis
4001fcbe0a Fix Dummynet AQM packet marking function ecn_mark() and fq_codel /
fq_pie schedulers packet classification functions in layer2 (bridge mode).

Dummynet AQM packet marking function ecn_mark() and fq_codel/fq_pie
schedulers packet classification functions (fq_codel_classify_flow()
and fq_pie_classify_flow()) assume mbuf is pointing at L3 (IP)
packet. However, this assumption is incorrect if ipfw/dummynet is
used to manage layer2 traffic (bridge mode) since mbuf will point
at L2 frame.  This patch solves this problem by identifying the
source of the frame/packet (L2 or L3) and adding ETHER_HDR_LEN
offset when converting an mbuf pointer to ip pointer if the traffic
is from layer2.  More specifically, in dummynet packet tagging
function, tag_mbuf(), iphdr_off is set to ETHER_HDR_LEN if the
traffic is from layer2 and set to zero otherwise. Whenever an access
to IP header is required, mtodo(m, dn_tag_get(m)->iphdr_off) is
used instead of mtod(m, struct ip *) to correctly convert mbuf
pointer to ip pointer in both L2 and L3 traffic.

Submitted by:	lstewart
MFC after:	2 weeks
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D12506
2017-10-26 10:11:35 +00:00
Edward Tomasz Napierala
0a8cfed8cf Make gmountver(8) use G_PF_ACCEPT_UNMAPPED.
MFC after:	2 weeks
2017-10-26 09:29:35 +00:00
Warner Losh
2703928ae4 Fix typo and bump .Dd date.
Noticed by: Richard Tector
Sponsored by: Netflix
2017-10-25 23:24:30 +00:00
Bryan Drewery
a13a8505db Cleanup pieces missed in r315057 which made mandoc mandatory
Sponsored by:	Dell EMC Isilon
2017-10-25 21:46:39 +00:00
Bryan Drewery
ca95e9dd77 Fix native-xtools build to use a proper sysroot.
This takes longer but should reliably produce working binaries.
The old version linked against system libraries and headers
which would be a problem if building a native-xtools against
a newer source than the host system.  With a proper sysroot made
first this is not a problem.

This also allows:
- NXBDIRS to be built in parallel
- NXBDIRS to be installed to NXBDESTDIR in parallel
- SYSTEM_COMPILER logic to work again.  Note that because this change
  is adding a sysroot phase the compiler may be built up to twice now.
  The first is the "cross-compiler" even though it is for the native
  architecture, but it is still built to ensure the latest compiler
  is used to generate the binaries, unless SYSTEM_COMPILER allows
  /usr/bin/cc to be used.  Then the target compiler is built
  which is actually a cross-compiler since it runs on native host
  but generates TARGET.TARGET_ARCH binaries.

Note this also changes the path used for the OBJDIR.  It used to use
/usr/obj/target.target_arch/nxb/<srcdir> for objects and
/usr/obj/target.target_arch/nxb-bin for installed files, but now uses
/usr/obj/nxb/target.target_arch/<srcdir> for objects and
/usr/obj/nxb/target.target_arch/<srcdir>/nxb-bin for installed files.
  - NXBDESTDIR can be specified for where to install or queried with
    `make -f Makefile.inc1 TARGET=... TARGET_ARCH=... -V NXBDESTDIR`

This could potentially be improved to reuse an existing sysroot.  The
problem is with building the SUBDIR_OVERRIDE list it needs to use a
different OBJDIR since it is building all statically.  We don't want to
pollute the existing 'buildworld' OBJDIR and cause confusion on the next
build.  Using a separate OBJDIR for the 'everything' phase mostly works
except for some things like linking in INTERNALLIBS that exist in the
other OBJDIR.

MFC after:	1 month
Sponsored by:	Dell EMC Isilon
2017-10-25 21:46:36 +00:00
Bryan Drewery
e0dd694935 native-xtools: Override proper NXBDESTDIR.
The new native-xtools uses 'make toolchain' so overriding DESTDIR
as a make argument may interfere with WORLDTMP handling.
The target also does a 'mkdir -p ${NXBDESTDIR}/usr', so we should
be modifying that rather than DESTDIR.

Note this causes the native-xtools binaries to be installed in
NANO_WORLDDIR/usr NANO_WORLDDIR/bin rather than NANO_WORLDDIR/nxb-bin/usr
and NANO_WORLDDIR/nxb-bin/bin.  This was the case before this change
as well.

MFC after:	2 weeks
Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D12782
2017-10-25 21:46:33 +00:00
Bryan Drewery
b12371422a META_MODE: Follow-up r319593: Don't use host headers in a fresh new build.
Sponsored by:	Dell EMC Isilon
2017-10-25 21:46:30 +00:00
Bryan Drewery
59696d216c Prefix {TARGET,BUILD}_TRIPLE with LLVM_ to avoid Makefile.inc1 collision.
The Makefile.inc1 TARGET_TRIPLE is for specifying which -target is used
during the build of world.

MFC after:	2 weeks
Reviewed by:	dim, imp
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D12792
2017-10-25 21:45:55 +00:00
Kristof Provost
a0bf3ee425 Evaluate packet size after the firewall had its chance in the ip6 fast path
Defer the packet size check until after the firewall has had a look at it. This
means that the firewall now has the opportunity to (re-)fragment an oversized
packet.
This mirrors what the slow path does.

Reviewed by:	ae
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D12779
2017-10-25 19:21:48 +00:00
Emmanuel Vadot
7562d7ddbd loader.efi: Make framebuffer commands available for arm64
Move framebuffer.{c,h} to sys/boot/efi/loader and add the efifb
related metadata and pass it to the kernel

Reviewed by:	imp, andrew
Differential Revision:	https://reviews.freebsd.org/D12757
2017-10-25 18:55:04 +00:00
Sean Bruno
3de0952fba Enable i386 build of the Cavium LiquidIO driver (lio) module.
Submitted by:	pkanneganti@cavium.com (Prasad V Kanneganti)
MFC after:	1 week
Sponsored by:	Cavium Networks
Differential Revision:	https://reviews.freebsd.org/D12415
2017-10-25 17:49:17 +00:00
John Baldwin
54cfb29e3a Add a test for sending a signal while stepping a thread via PT_STEP.
MFC after:	1 week
2017-10-25 17:23:33 +00:00
Mark Johnston
4c52a9993b Make drain_output() use bufobj_wwait().
No functional change intended.

Reviewed by:	kib
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D12790
2017-10-25 17:20:18 +00:00
Alan Somers
63f8025d6a Fix zpool_read_all_labels when vfs.aio.enable_unsafe=0
Previously, zpool_read_all_labels was trying to do 256KB reads, which are
greater than the default MAXPHYS and therefore must go through the slow,
unsafe AIO path.  Shrink these reads to 112KB so they can use the safe, fast
AIO path instead.

MFC after:	1 week
X-MFC-With:	324568
Sponsored by:	Spectra Logic Corp
2017-10-25 16:01:19 +00:00
Warner Losh
1170c2fecc Implement IPMI support for RB_POWRECYCLE
Some BMCs support power cycling the chassis via the chassis control
command 2 subcommand 2 (ipmitool called it 'chassis power cycle').  If
the BMC supports the chassis device, register a shutdown_final handler
that sends the power cycle command if request and waits up to 10s for
it to take effect. To minimize stack strain, we preallocate a ipmi
request in the softc. At the moment, we're verbose about what we're
doing.

Sponsored by: Netflix
2017-10-25 15:30:53 +00:00
Warner Losh
6a9fbe3a70 Handle RB_POWERCYCLE in ada driver
Allow the disks to be spun down when doing a POWERCYCLE as well as
POWEROFF.

Sponsored by: Netflix
2017-10-25 15:30:48 +00:00
Warner Losh
7d41b6f078 Handle RB_POWERCYCLE in the MI part of the kernel
Signal init with SIGWINCH in shutdown_nice for RB_POWERCYCLE.

Sponsored by: Netflix
2017-10-25 15:30:44 +00:00
Warner Losh
35c1d16e3e Implement power cycle in init.
If SIGWINCH is received, then halt with power cycle.

Sponsored by: Netflix
2017-10-25 15:30:40 +00:00
Warner Losh
7d7d9013f1 Add power cycle support to reboot/halt as -c.
When -c is specified, the system will be power cycled if the
underlying hardware supports it. Otherwise the system will be halted
or rebooted depending on which command was used.

Sponsored by: Netflix
2017-10-25 15:30:35 +00:00
Warner Losh
e60baa7252 Add power cycle support (-c) to shutdown.
Sponsored by: Netflix
2017-10-25 15:30:30 +00:00
Warner Losh
dae8f61f5b RB_POWERCYCLE needs to be handled like RB_POWEROFF for decoding.
Sponsored by: Netflix
2017-10-25 15:30:25 +00:00
Warner Losh
06828ffb88 Define RB_POWERCYCLE
RB_POWERCYCLE instructs the platform to power off and then power back
on a short time later, if that's possible. Otherwise, degrade to the
RB_POWEROFF behavior.

Sponsored by: Netflix
2017-10-25 15:30:20 +00:00
Warner Losh
e1b6a0cd96 Remove sys/boot/arm/at91 and ixp425
Remove at91 bootloader. It only worked on AT91RM9200, and only
specific boards that were all EOLd 10 years ago.

Remove ixp425. It doesn't build anymore and is for boards that were
EOLd 8 years ago.

Sponsored by: Netflix
2017-10-25 15:28:05 +00:00
Warner Losh
b533f63ed0 Move BINDIR definition to defs.mk, and override where it isn't /boot
(those files already do that so weren't changed).

Sponsored by: Netflix
2017-10-25 15:27:58 +00:00
Warner Losh
2125122d25 Use BOOTDIR consistently. We need to include bsd.init.mk early to make
this happen. This will cause src.opts.mk to be included, so remove
that. This needs to propigate through the sys/boot tree.

Sponsored by: Netflix
2017-10-25 15:27:53 +00:00
Warner Losh
9bd6ac8da0 Do a chdir to SRCTOP/sys/boot before starting the run. This lets one
run this script from anywhere, but makes it only work on sys/boot.

Sponsored by: Netflix
2017-10-25 15:27:48 +00:00
Warner Losh
24e99dabf7 Report only the valid slots in the firmware log page.
Printing the entire log page is causing confusion over available
slots. Report only those slots that are valid. In the case where the
firmware download isn't supported, assume that only the first slot is
valid (I have no hardware to test this assumption though)

Sponsored by: Netflix
2017-10-25 15:26:03 +00:00
Warner Losh
8ce85adf7d Add nvme_controller_data argument to all print functions.
It's desirable to access controler data to inform printing log pages
(such as limiting the printing to valid ranges).

Sponsored by: Netflix
2017-10-25 15:25:55 +00:00
Konstantin Belousov
24e470ef9c Limit top display of total swap size by the max swap size system can
handle.

Keep both pagesize and the new swap_maxpages in the static variables
to save sysctl calls.

Submitted by:	ota@j.email.ne.jp
PR:	223149
MFC after:	2 weeks
2017-10-25 11:44:46 +00:00
Michael Tuexen
8d9b040dd4 Fix a bug reported by Felix Weinrank using the libfuzzer on the
userland stack.

MFC after:	3 days
2017-10-25 09:12:22 +00:00
Mark Johnston
64a16434d8 Add support for compressed kernel dumps.
When using a kernel built with the GZIO config option, dumpon -z can be
used to configure gzip compression using the in-kernel copy of zlib.
This is useful on systems with large amounts of RAM, which require a
correspondingly large dump device. Recovery of compressed dumps is also
faster since fewer bytes need to be copied from the dump device.

Because we have no way of knowing the final size of a compressed dump
until it is written, the kernel will always attempt to dump when
compression is configured, regardless of the dump device size. If the
dump is aborted because we run out of space, an error is reported on
the console.

savecore(8) is modified to handle compressed dumps and save them to
vmcore.<index>.gz, as it does when given the -z option.

A new rc.conf variable, dumpon_flags, is added. Its value is added to
the boot-time dumpon(8) invocation that occurs when a dump device is
configured in rc.conf.

Reviewed by:	cem (earlier version)
Discussed with:	def, rgrimes
Relnotes:	yes
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D11723
2017-10-25 00:51:00 +00:00
Stephen Hurd
7b79d6d61a bnxt: add support for Flow control setting using sysctl
Created sysctl node dev.bnxt.0.fc with following options.

A. dev.bnxt.0.fc.autoneg
B. dev.bnxt.0.fc.rx
C. dev.bnxt.0.fc.tx

Description:-
dev.bnxt.0.fc: flow ctrl
dev.bnxt.0.fc.autoneg: Enable or Disable Autoneg Flow Ctrl: 0 / 1
dev.bnxt.0.fc.rx: Enable or Disable Rx Flow Ctrl: 0 / 1
dev.bnxt.0.fc.tx: Enable or Disable Tx Flow Ctrl: 0 / 1

Submitted by:	Bhargava Chenna Marreddy <bhargava.marreddy@broadcom.com>
Reviewed by:	shurd, sbruno
Approved by:	sbruno (mentor)
Sponsored by:	Broadcom Limited
Differential Revision:	https://reviews.freebsd.org/D12599
2017-10-24 21:18:50 +00:00
Fedor Uporov
ffbde5ea28 Fix physical block number overflow in different places.
Approved by:    pfg (mentor)
MFC after:      6 months
2017-10-24 20:10:08 +00:00
Fedor Uporov
dc262e5bc2 Set doreallocblks sysctl value to zero by default because of
possibility of filesystem corruption.

Approved by:    pfg (mentor)
MFC after:      2 weeks
2017-10-24 19:16:25 +00:00
Fedor Uporov
f0a993bbdb Do not free bufs in case of extents metadata blocks + remove unneeded asserts.
Approved by:    pfg (mentor)
MFC after:      6 months
2017-10-24 19:14:33 +00:00
Alan Cox
3a757e5403 Micro-optimize the handling of fictitious pages in vm_page_free_prep().
A fictitious page is always wired, so there is no point in trying to
remove one from the page queues.

Completely remove one inaccurate comment from vm_page_free_prep() and
correct another.

Reviewed by:	kib, markj
MFC after:	1 week
2017-10-24 17:14:53 +00:00
Ruslan Bukin
d27927f731 Extract a set of pmcstat functions and interfaces to the new internal
library -- libpmcstat.

This includes PMC logging module, symbols lookup functions,
ELF parsing, process management, PMC attachment, etc.

This allows to reuse code while building new hwpmc(4)-based applications.

Also add pmcstat_symbol_search_by_name() function that allows to find
mapped IP range for a given function name.

Reviewed by:	kib
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12718
2017-10-24 16:28:00 +00:00
Michael Tuexen
701492a5f6 Fix a bug in handling special ABORT chunks.
Thanks to Felix Weinrank for finding this issue using libfuzzer with
the userland stack.

MFC after:	3 days
2017-10-24 16:24:12 +00:00