186777 Commits

Author SHA1 Message Date
Neel Natu
add611fd4c Don't expose 'vmm_ipinum' as a global. 2014-01-09 03:25:54 +00:00
Kevin Lo
115ea7c105 Replace deprecated M_DONTWAIT with M_NOWAIT. 2014-01-09 01:48:33 +00:00
Gleb Smirnoff
339f59c096 Fix build with VIMAGE. 2014-01-09 00:59:03 +00:00
Adrian Chadd
a43caef195 Refactor out the common sendfile code from the do_sendfile() and the
compat32 sendfile syscall.

Sponsored by:	Netflix, Inc.
2014-01-09 00:11:14 +00:00
Alexander V. Chernikov
7d9b6df18b Constanly use RT_ALL_FIBS everywhere instead of -1.
MFC after:	2 weeks
2014-01-08 23:09:02 +00:00
Peter Wemm
bcea84bd86 Don't expose svc_loss_reg / _unreg to userland as they're kernel-only
additions from r260229 and the SVCPOOL type doesn't exist in userland.
2014-01-08 22:37:18 +00:00
Alexander V. Chernikov
1dc8f6a82c Introduce IN6_MASK_ADDR() macro to unify various hand-rolled code
to do IPv6 addr & mask in different places.

MFC after:	2 weeks
2014-01-08 22:13:32 +00:00
John Baldwin
6d40361585 The changes in r233781 attempted to make logging during a machine check
exception more readable.  In practice they prevented all logging during
a machine check exception on at least some systems.  Specifically, when
an uncorrected ECC error is detected in a DIMM on a Nehalem/Westmere
class machine, all CPUs receive a machine check exception, but only
CPUs on the same package as the memory controller for the erroring DIMM
log an error.  The CPUs on the other package would complete the scan of
their machine check banks and panic before the first set of CPUs could
log an error.  The end result was a clearer display during the panic
(no interleaved messages), but a crashdump without any useful info about
the error that occurred.

To handle this case, make all CPUs spin in the machine check handler
once they have completed their scan of their machine check banks until
at least one machine check error is logged.  I tried using a DELAY()
instead so that the CPUs would not potentially hang forever, but that
was not reliable in testing.

While here, don't clear MCIP from MSR_MCG_STATUS before invoking panic.
Only clear it if the machine check handler does not panic and returns
to the interrupted thread.
2014-01-08 21:04:12 +00:00
Aleksandr Rybalko
92762d566e Restore VGA mode on vt switch. It fix VESA mode left by Xorg on exit.
Sponsored by:	The FreeBSD Foundation
2014-01-08 14:42:26 +00:00
Robert Millan
57a9b881a3 Fix build of vt_xboxfb. 2014-01-08 14:36:35 +00:00
Gavin Atkinson
e4b141d4eb Add support for the Intel Centrino Wireless-N 135 chipset.
MFC after:	2 weeks
2014-01-08 13:59:33 +00:00
Ganbold Tsagaankhuu
8a0a7e75c1 Update dts files of Cubieboard1,2 to use 1GB memory.
Whilst there, fix cpu config register address for Cubieboard2.

Approved by: stas (mentor)
2014-01-08 09:33:16 +00:00
Remko Lodder
a8be8e5ee3 virtio-block does not exist, the correct name is virtio-blk.
PR:		185573
Submitted by:	Allan Jude
Facilitated by:	Snow B.V.
MFC after:	3 days
2014-01-08 08:37:30 +00:00
Baptiste Daroussin
4b4a8fca31 Import byacc 20140101 which imports %token-table from bison allowing to build ntpd 2014-01-08 08:08:22 +00:00
Kevin Lo
5945b5f5ab Rename definition of IEEE80211_FC1_WEP to IEEE80211_FC1_PROTECTED.
The origin of WEP comes from IEEE Std 802.11-1997 where it defines
whether the frame body of MAC frame has been encrypted using WEP
algorithm or not.
IEEE Std. 802.11-2007 changes WEP to Protected Frame, indicates
whether the frame is protected by a cryptographic encapsulation
algorithm.

Reviewed by:	adrian, rpaulo
2014-01-08 08:06:56 +00:00
Baptiste Daroussin
88deb182c9 Import 2014-01-01 which allows to support bison's token-table and allows
to build ntpd into vendor
2014-01-08 08:02:27 +00:00
Ian Lepore
14f4ecfafa Add option USB_HOST_ALIGN to configs that contain 'device usb'. Setting
this to the cache line size is required to avoid data corruption on armv4
and armv5, and improves performance on armv6, in both cases by avoiding
partial cacheline flushes for USB IO.
2014-01-08 03:42:09 +00:00
Ian Lepore
7c2136adbb Add option USB_HOST_ALIGN to configs that contain 'device usb'. Setting
this to the cache line size is required to avoid data corruption on armv4
and armv5, and improves performance on armv6, in both cases by avoiding
partial cacheline flushes for USB IO.

All these configs already exist in 10-stable.  A few that don't (and
thus can't be MFC'd yet) will be committed separately.
2014-01-08 03:40:18 +00:00
Pyun YongHyeon
2c6d18ebc3 m_defrag(9) does not touch original mbuf chain when it can't
allocate new mbuf.  Free original mbuf chain when driver is not
able to send the packet.
2014-01-08 01:06:32 +00:00
John-Mark Gurney
4e5422a9e6 make sure that rbuf is aligned by making a union w/ the structure we
need to access...  access the struct through the union too...

PR:		185165
Submitted by:	Guy Yur
MFC after:	1 week
2014-01-07 23:01:05 +00:00
Eric Davis
0f25d857e0 defragment mbuf chains longer than hw segment limit before dropping
Approved by:	davidch
2014-01-07 22:26:20 +00:00
Luigi Rizzo
fb25194fb0 fix use after free when releasing a netmap adapter.
Submitted by:	Giuseppe Lettieri
2014-01-07 21:14:28 +00:00
Neel Natu
88c4b8d145 Use the 'Virtual Interrupt Delivery' feature of Intel VT-x if supported by
hardware. It is possible to turn this feature off and fall back to software
emulation of the APIC by setting the tunable hw.vmm.vmx.use_apic_vid to 0.

We now start handling two new types of VM-exits:

APIC-access: This is a fault-like VM-exit and is triggered when the APIC
register access is not accelerated (e.g. apic timer CCR). In response to
this we do emulate the instruction that triggered the APIC-access exit.

APIC-write: This is a trap-like VM-exit which does not require any instruction
emulation but it does require the hypervisor to emulate the access to the
specified register (e.g. icrlo register).

Introduce 'vlapic_ops' which are function pointers to vector the various
vlapic operations into processor-dependent code. The 'Virtual Interrupt
Delivery' feature installs 'ops' for setting the IRR bits in the virtual
APIC page and to return whether any interrupts are pending for this vcpu.

Tested on an "Intel Xeon E5-2620 v2" courtesy of Allan Jude at ScaleEngine.
2014-01-07 21:04:49 +00:00
Adrian Chadd
46d3e7e9c5 Reserve an event type for the upcoming EVENT_SENDFILE and
extend the event struct pointer union to allow for 'other' types.

Sponsored by:	Netflix, Inc.
2014-01-07 20:24:25 +00:00
Alexander Motin
5b4374aa27 Allow delete_method sysctl to be set to "DISABLE". 2014-01-07 20:12:10 +00:00
Xin LI
246aa294d7 MFV r260399:
Apply vendor commits:

197e0ea	Fix for TLS record tampering bug.  (CVE-2013-4353).
3462896	For DTLS we might need to retransmit messages from the
	previous session so keep a copy of write context in DTLS
	retransmission buffers instead of replacing it after
	sending CCS.  (CVE-2013-6450).
ca98926 When deciding whether to use TLS 1.2 PRF and record hash
	algorithms use the version number in the corresponding
	SSL_METHOD structure instead of the SSL structure.  The
	SSL structure version is sometimes inaccurate.
	Note: OpenSSL 1.0.2 and later effectively do this already.
	(CVE-2013-6449).

Security:	CVE-2013-4353
Security:	CVE-2013-6449
Security:	CVE-2013-6450
2014-01-07 19:58:45 +00:00
Scott Long
50b464aa1a Remove aicasm as a build dependency. It made sense when the ahc and ahd
drivers and their firmware were under active development, but those days
have passed.  The firmware now exists in pre-compiled form, no longer
dependent on it's sources or on aicasm.  If you wish to rebuild the
firmware from source, the glue still exists under the 'make firmware'
target in sys/modules/aic7xxx.

This also fixes the problem introduced with r257777 et al with building
kernels the old fashioned way in sys/$arch/compile/$CONFIG when the
ahc/ahd drivers were included.
2014-01-07 19:33:17 +00:00
Xin LI
cbbee3a581 Import vendor fixes:
197e0ea	Fix for TLS record tampering bug.  (CVE-2013-4353).
3462896	For DTLS we might need to retransmit messages from the
	previous session so keep a copy of write context in DTLS
	retransmission buffers instead of replacing it after
	sending CCS.  (CVE-2013-6450).
ca98926 When deciding whether to use TLS 1.2 PRF and record hash
	algorithms use the version number in the corresponding
	SSL_METHOD structure instead of the SSL structure.  The
	SSL structure version is sometimes inaccurate.
	Note: OpenSSL 1.0.2 and later effectively do this already.
	(CVE-2013-6449).
2014-01-07 19:02:08 +00:00
Alexander V. Chernikov
955a2deb52 Remove dead code.
Reported by:	Coverity
Coverity CID:	1018057
MFC after:	2 weeks
2014-01-07 19:00:40 +00:00
Neel Natu
79c596309c Fix a bug introduced in r260167 related to VM-exit tracing.
Keep a copy of the 'rip' and the 'exit_reason' and use that when calling
vmx_exit_trace(). This is because both the 'rip' and 'exit_reason' can
be changed by 'vmx_exit_process()' and can lead to very misleading traces.
2014-01-07 18:53:14 +00:00
Alexander V. Chernikov
50da3e886d Teach every SIOCGIFSTATUS provider to fill in ifs->ascii anyway.
Remove old bits of data concat for 'ascii' field.
Remove special SIOCGIFSTATUS handling from if.c (which Coverity yells at).

Reported by:	Coverity
Coverity CID:	1147174
MFC after:	2 weeks
2014-01-07 15:59:33 +00:00
Attilio Rao
fdac1e8bdc Use __predict_false() on sensitive lock paths as most of the times,
when PMC-soft feature is not used the check will be false.

Sponsored by:	EMC / Isilon storage division
Submitted by:	Anton Rang <anton.rang@isilon.com>
2014-01-07 14:03:42 +00:00
Luiz Otavio O Souza
c7b81b2fe5 Fix the geom mappings for WR1043ND.
The uboot mapping is only 128KiB (0x20000) and not 2MiB (0x200000).

Dynamically adjust kernel and rootfs mappings based on the
geom_uncompress(4) magic.

This makes the built images more reliable by accepting changes on kernel
size transparently and matches the images built with zrouter and
freebsd-wifi-build.

Tested by:	gjb
Approved by:	adrian (mentor)
Obtained from:	Zrouter
2014-01-07 13:09:35 +00:00
Alexander Motin
45e18ea7ea Fix off-by-one error in r260229.
Coverity CID:	1148955
2014-01-07 11:43:51 +00:00
Edward Tomasz Napierala
2901576a0d Fix a rare "truncated checksums" problem, which manifested like this:
WARNING: icl_pdu_check_data_digest: data digest check failed; got 0xf23b,
    should be 0xdb7f23b

Tested by:	Darcy Birkbeck
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2014-01-07 11:03:57 +00:00
Hans Petter Selasky
d08bc9e548 Check the XHCI event ring regardless of the XHCI status register
value. The "Intel Lynx Point" XHCI controller found in the MBP2013 has
been observed to not always set the event interrupt bit while there
are events to consume in the event ring.

MFC after:	1 week
Tested by:	Huang Wen Hui <huanghwh@gmail.com>
2014-01-07 09:52:26 +00:00
Pedro F. Giffuni
aacea395b4 gperf: reverse size_type patch from r258115.
Silencing the broken warning as done in r258139 renders the
code unreacheable. An option could've been to turn off the
warnings in gperf but given that the code is not being used
it is better to just revert the original change altogether.

This code was never MFC'd.
2014-01-07 01:40:49 +00:00
Adrian Chadd
faa9b054a0 Add a compile-time control over the size of KN_HASHSIZE.
This is needed for applications that use a lot of non-filedescriptor
knotes.

MFC after:	1 week
Sponsored by:	Netflix, Inc.
2014-01-07 01:17:27 +00:00
Neel Natu
4d1e82a88e Allow vlapic_set_intr_ready() to return a value that indicates whether or not
the vcpu should be kicked to process a pending interrupt. This will be useful
in the implementation of the Posted Interrupt APICv feature.

Change the return value of 'vlapic_pending_intr()' to indicate whether or not
an interrupt is available to be delivered to the vcpu depending on the value
of the PPR.

Add KTR tracepoints to debug guest IPI delivery.
2014-01-07 00:38:22 +00:00
Jim Harris
448cffc859 For IDENTIFY passthrough commands to Chatham prototype controllers, copy
the spoofed identify data into the user buffer rather than issuing the
command to the controller, since Chatham IDENTIFY data is always spoofed.

While here, fix a bug in the spoofed data for Chatham submission and
completion queue entry sizes.

Sponsored by:	Intel
MFC after:	3 days
2014-01-06 23:51:26 +00:00
Jim Harris
efa2980530 For "nvmecontrol devlist", show namespace sizes in terms of MB instead of
GB to improve granularity of the reporting - especially for namespaces
that are on the order of 1 or 2 GB.

Submitted by:	Tony Beltran <anthony.beltran@emc.com>
MFC after:	3 days
2014-01-06 23:48:47 +00:00
Neel Natu
c847a5062c Split the VMCS setup between 'vmcs_init()' that does initialization and
'vmx_vminit()' that does customization.

This makes it easier to turn on optional features (e.g. APICv) without
having to keep adding new parameters to 'vmcs_set_defaults()'.

Reviewed by:	grehan@
2014-01-06 23:16:39 +00:00
Alexander V. Chernikov
034c09ff10 Partially fix IPv4 interface routes deletion in RADIX_MPATH.
Noticed by:	Nikolay Denev <ndenev at gmail.com>
MFC after:	1 month
2014-01-06 22:36:20 +00:00
Gleb Smirnoff
a830c4524d When pf_get_translation() fails, it should leave *sn pointer pristine,
otherwise we will panic in pf_test_rule().

PR:		182557
2014-01-06 19:05:04 +00:00
Jens Schweikhardt
aa27ed4569 Correct a grammo in a comment; remove white space at EOL. 2014-01-06 17:23:22 +00:00
Andreas Tobler
6bb9be1b41 Fix arm build.
Reviewed by:	ian, zbb
2014-01-06 17:16:27 +00:00
Ian Lepore
358018a688 Switch to using arm_devmap_add_entry() to set up static device mapping.
This eliminates the hard-coded max kva and roughly doubles the available
kva space.
2014-01-06 16:57:22 +00:00
Ian Lepore
4f9ffa42b0 Don't try to find a static mapping before calling pmap_mapdev(), that logic
is now part of pmap_mapdev() and doesn't need to be duplicated here.
Likewise for unmapping.
2014-01-06 16:33:16 +00:00
Ian Lepore
62a70ef64d Allow 'no static device mappings' to potentially work. It's not clear that
every arm system must have some static mappings to work correctly (although
currently they all do), so remove some panic() calls (which would never
been seen anyway, because they would happen before a console is available).
2014-01-06 16:07:27 +00:00
Ian Lepore
fdadb971af Switch to using arm_devmap_add_entry() to set up static device mapping.
This eliminates the hard-coded max kva and roughly doubles the available
kva space.
2014-01-06 15:48:16 +00:00