RL_TXCFG register to identify a device in device probe. Reflect the
fact by modifing device description with general ethernet
controller family.
Note, rl_basetype in struct rl_type is not used and the more
detailed information is provided with rl_hwrev structure.
Previously we reused the space in the request buffer after the request
header to hold config pages during a transaction. This does not work when
reading large pages however. Also, we were already malloc'ing a buffer to
do a copyin/copyout w/o holding locks that was then copied into/out of the
request buffer. Instead, go ahead and use bus dma to alloc a buffer for
each config page request (and RAID actions that have an associated
ActionSGE). This results in fewer data copies and allows for larger sized
requests. For now the maximum size of a request is arbitrarily limited to
16 MB.
MFC after: 2 weeks
locally configured. This is more in line with the behaviour of other popular
bridging implementations and makes bridges more predictable after reboots for
example.
Reviewed by: thompsa
MFC after: 1 week
rather than write locking: while we need to maintain a valid reference
to the inpcb and fix its state, no protocol layer state is modified
during an IPv4 UDP receive -- there are only changes at the socket
layer, which is separately protected by socket locking.
While parallel concurrent receive on a single UDP socket is currently
relatively unusual, introducing read locking in the transmit path,
allowing concurrent receive and transmit, will significantly improve
performance for loads such as BIND, memcached, etc.
MFC after: 2 months
Tested by: gnn, kris, ps
in practice, the error (currently) makes no difference because the computation
performed by KVADDR() hides the error. This revision fixes the error.
Also, eliminate a (now) unused definition.
maximum size of the kmem map can be greater than 4GB, there is little point
in making the kernel virtual address space larger than 6GB.
Tested by: kris@
Now that the pseudo-interface cloner has an internal list of instances,
there is no need to create a softc. The softc only contains a pointer to
the ifp, which means there is no valid reason to keep it. While there,
remove the corresponding malloc-pool.
Approved by: philip (mentor)
Adaptec RAID 2045
Adaptec RAID 2405
Adaptec RAID 2445
Adaptec RAID 2805
Without this change these devices are supported by the driver's family
support, but they then appear as "Adaptec RAID Controller" in boot
messages and the dev.aac.0.%desc sysctl.
This includes hotkeys support and sysctl variables to control camera
and card reader. These new sysctls don't have CTFLAG_ANYBODY set.
While there add entries to devd.conf related to the Eee volume keys.
Reviewed by: phillip
MFC after: 1 week
Also tested by: lme (previous version)
semaphores. Specifically, semaphores are now represented as new file
descriptor type that is set to close on exec. This removes the need for
all of the manual process reference counting (and fork, exec, and exit
event handlers) as the normal file descriptor operations handle all of
that for us nicely. It is also suggested as one possible implementation
in the spec and at least one other OS (OS X) uses this approach.
Some bugs that were fixed as a result include:
- References to a named semaphore whose name is removed still work after
the sem_unlink() operation. Prior to this patch, if a semaphore's name
was removed, valid handles from sem_open() would get EINVAL errors from
sem_getvalue(), sem_post(), etc. This fixes that.
- Unnamed semaphores created with sem_init() were not cleaned up when a
process exited or exec'd. They were only cleaned up if the process
did an explicit sem_destroy(). This could result in a leak of semaphore
objects that could never be cleaned up.
- On the other hand, if another process guessed the id (kernel pointer to
'struct ksem' of an unnamed semaphore (created via sem_init)) and had
write access to the semaphore based on UID/GID checks, then that other
process could manipulate the semaphore via sem_destroy(), sem_post(),
sem_wait(), etc.
- As part of the permission check (UID/GID), the umask of the proces
creating the semaphore was not honored. Thus if your umask denied group
read/write access but the explicit mode in the sem_init() call allowed
it, the semaphore would be readable/writable by other users in the
same group, for example. This includes access via the previous bug.
- If the module refused to unload because there were active semaphores,
then it might have deregistered one or more of the semaphore system
calls before it noticed that there was a problem. I'm not sure if
this actually happened as the order that modules are discovered by the
kernel linker depends on how the actual .ko file is linked. One can
make the order deterministic by using a single module with a mod_event
handler that explicitly registers syscalls (and deregisters during
unload after any checks). This also fixes a race where even if the
sem_module unloaded first it would have destroyed locks that the
syscalls might be trying to access if they are still executing when
they are unloaded.
XXX: By the way, deregistering system calls doesn't do any blocking
to drain any threads from the calls.
- Some minor fixes to errno values on error. For example, sem_init()
isn't documented to return ENFILE or EMFILE if we run out of semaphores
the way that sem_open() can. Instead, it should return ENOSPC in that
case.
Other changes:
- Kernel semaphores now use a hash table to manage the namespace of
named semaphores nearly in a similar fashion to the POSIX shared memory
object file descriptors. Kernel semaphores can now also have names
longer than 14 chars (up to MAXPATHLEN) and can include subdirectories
in their pathname.
- The UID/GID permission checks for access to a named semaphore are now
done via vaccess() rather than a home-rolled set of checks.
- Now that kernel semaphores have an associated file object, the various
MAC checks for POSIX semaphores accept both a file credential and an
active credential. There is also a new posixsem_check_stat() since it
is possible to fstat() a semaphore file descriptor.
- A small set of regression tests (using the ksem API directly) is present
in src/tools/regression/posixsem.
Reported by: kris (1)
Tested by: kris
Reviewed by: rwatson (lightly)
MFC after: 1 month
unsynchronized. While races were extremely rare, we've now had a
couple of reports of panics in environments involving large numbers of
IPSEC tunnels being added very quickly on an active system.
- Add accessor functions ifnet_byindex(), ifaddr_byindex(),
ifdev_byindex() to replace existing accessor macros. These functions
now acquire the ifnet lock before derefencing the table.
- Add IFNET_WLOCK_ASSERT().
- Add static accessor functions ifnet_setbyindex(), ifdev_setbyindex(),
which set values in the table either asserting of acquiring the ifnet
lock.
- Use accessor functions throughout if.c to modify and read
ifindex_table.
- Rework ifnet attach/detach to lock around ifindex_table modification.
Note that these changes simply close races around use of ifindex_table,
and make no attempt to solve the probem of disappearing ifnets. Further
refinement of this work, including with respect to ifindex_table
resizing, is still required.
In a future change, the ifnet lock should be converted from a mutex to an
rwlock in order to reduce contention.
Reviewed and tested by: brooks
- Each log entry contains a text description in the "description" field of
the entry. The existing decode logic always ended up duplicating
information that was already in the description string. This made the
logs overly verbose. Now we just print out the description string.
- Add some simple parsing of the timestamp and event classes.
Reviewed by: ambrisko, scottl
MFC after: 2 weeks
- Fetch events from the controller in batches of 15 rather than a single
event at a time.
- When fetching events from the controller, honor the event class and
locale settings (via hw.mfi tunables). This also allows the firmware to
skip over unwanted log entries resulting in fewer requests to the
controller if there many unwanted log entries since the last clean
shutdown.
- Don't drop the driver mutex while decoding an event.
- If we get an error other than MFI_STAT_NOT_FOUND (basically EOF for
hitting the end of the event log) then emit a warning and bail on
processing further log entries.
Reviewed by: ambrisko, scottl
MFC after: 2 weeks
to INT_MAX. Otherwise, a process could create a semaphore (or increase
its value via ksem_post()) beyond INT_MAX and sem_getvalue() would return
a negative value. sem_getvalue() is only supposed to return a negative
value if that is the number of waiters for that semaphore.
MFC after: 2 weeks
provides the correct semantics for flock(2) style locks which are used by the
lockf(1) command line tool and the pidfile(3) library. It also implements
recovery from server restarts and ensures that dirty cache blocks are written
to the server before obtaining locks (allowing multiple clients to use file
locking to safely share data).
Sponsored by: Isilon Systems
PR: 94256
MFC after: 2 weeks
Bonus: including kern.mk just to pick kernel warning flags
was an extremely bad idea anyway, because it also picked
up CFLAGS (it probably wasn't the case at the time of CVS
rev. 1.1, I haven't checked). Remove duplicate CWARNFLAGS
from CFLAGS.
so we cannot compile it with -fstack-protector[-all] flags (or
it will self-recurse); this is ensured in sys/conf/files. This
OTOH means that checking for defines __SSP__ and __SSP_ALL__ to
determine if we should be compiling the support is impossible
(which it was trying, resulting in an empty object file). Fix
this by always compiling the symbols in this files. It's good
because it allows us to always have SSP support, and then compile
with SSP selectively.
Repoted by: tinderbox
- It is opt-out for now so as to give it maximum testing, but it may be
turned opt-in for stable branches depending on the consensus. You
can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
It is harmless to steal the knob as SSP symbols have been provided
by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
(sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
libc will be automatically downgraded to -fstack-protector because it
breaks rtld otherwise.
- This option is unavailable on ia64.
Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
that modify condition codes (the carry bit, in this case). Without
"__volatile", the compiler might add the inline assembler instructions
between unrelated code which also uses condition codes, modifying the
latter.
This prevents the TCP pseudo header checksum calculation done in
tcp_output() from having effects on other conditions when compiled
with GCC 4.2.1 at "-O2" and "options INET6" left out. [1]
Reported & tested by: Boris Kochergin [1]
MFC after: 3 days
Now that st_rdev is being automatically generated by the kernel, there
is no need to define static major/minor numbers for the iodev and
memdev. We still need the minor numbers for the memdev, however, to
distinguish between /dev/mem and /dev/kmem.
Approved by: philip (mentor)
in_ifaddrhashtbl in in_ifinit because error handler in in_control removes
entries only for AF_INET addresses. If in_ifinit is called for the cloned
inteface that has just been created its address family is not AF_INET and
therefor LIST_REMOVE is not called for respective LIST_INSERT_HEAD and
freed entries remain in in_ifaddrhashtbl and lead to memory corruption.
PR: kern/124384
locked and unlocked completely in userland. by locking and unlocking mutex
in userland, it reduces the total time a mutex is locked by a thread,
in some application code, a mutex only protects a small piece of code, the
code's execution time is less than a simple system call, if a lock contention
happens, however in current implemenation, the lock holder has to extend its
locking time and enter kernel to unlock it, the change avoids this disadvantage,
it first sets mutex to free state and then enters kernel and wake one waiter
up. This improves performance dramatically in some sysbench mutex tests.
Tested by: kris
Sounds great: jeff
problem where Adaptec's arcconf monitoring tool hangs after producing
its expected output.
Submitted by: Adaptec, via driver ver 15317
MFC after: 1 week
from the softc.
- Rework the watchdog timer to match other NIC drivers:
- Start a timer in fe_init() that runs once a second and checks a counter
in the softc that is identical to the deprecated 'if_timer'.
- Just adjust the softc tx timeout value when sending packets instead of
scheduling the timer.
- Use IFQ_SET_MAXLEN().
Tested by: WATANABE Kazuhiro
FIFO, as required by SUSv3. No specific privilege check is performed
in this case, as FIFOs may be created by unprivileged processes
(subject to the normal file system name space restrictions that may be
in place).
Unlike the Apple implementation, we reject requests to create a FIFO
using mknod(2) if there is a non-zero dev argument to the system call,
which is permitted by the Open Group specification ("... undefined
..."). We might want to revise this if we find it causes
compatibility problems for applications in practice.
PR: kern/74242, kern/68459
Obtained from: Apple, Inc.
MFC after: 3 weeks
performed. Otherwise if ruleset is used by given mountpoint and is empty
it's freed by devfs_ruleset_reap and pointer becomes bogus.
Submitted by: Mateusz Guzik <mjguzik@gmail.com>
PR: kern/124853
some time now so collapse calls accordingly.
o Given that gem_load_txmbuf() is allowed to fail resulting in a packet
drop also for quite some time now implement the functionality of
gem_txcksum() by means of m_pullup(9), which de-obfuscates the code
and allows to always retrieve the correct length of the IP header.
o Add missing BUS_DMASYNC_PREREAD when syncing the control DMA maps in
gem_rint() and gem_start_locked().
o Correct some bus_barrier(9) calls to do a read/write barrier as we
do a read after a write. Add some missing ones in gem_mii_readreg()
and gem_mii_writereg().
o According to the Apple GMAC driver, the GEM ASIC specification and
the OpenSolaris eri(7D) the TX FIFO threshold has to be set to 0x4ff
for the Gigabit variants and 0x100 for the ERI in order do avoid TX
underruns.
o In gem_init_locked():
- be conservative and enable the RX and TX MACs,
- don't clear GEM_LINK otherwise we don't ever mark the link as up
again if gem_init_locked() is called from gem_watchdog(),
- remove superfluous setting of sc_ifflags.
o Don't bother to check whether the interface is running or whether its
queue is empty before calling gem_start_locked() in gem_tint(), the
former will check these anyway.
o Call gem_start_locked() in gem_watchdog() in order to try to get
some more packets going.
o In gem_mii_writereg() after reseting the PCS restore its configuration.
GMAC testing: grehan, marcel
MFC after: 2 weeks
on the amd64 architecture. The amd64 architecture requires kernel code and
global variables to reside in the highest 2GB of the 64-bit virtual address
space. Thus, the memory allocated during bootstrap, before the call to
kmem_init(), starts at KERNBASE, which is not necessarily the same as
VM_MIN_KERNEL_ADDRESS on amd64.
PowerPC/AIM. Consequently, it should not be used to determine the maximum
number of kernel map entries. Intead, use VM_MIN_KERNEL_ADDRESS, which marks
the start of the kernel map on all architectures.
Tested by: marcel@ (PowerPC/AIM)
KERNBASE and VM_MIN_KERNEL_ADDRESS are no longer the same, the physical
memory allocated during bootstrap will be offset from the low-end of the
kernel's page table.
address space on the amd64 architecture. The amd64 architecture
requires kernel code and global variables to reside in the highest 2GB
of the 64-bit virtual address space. Thus, KERNBASE cannot change.
However, KERNBASE is sometimes used as the start of the kernel virtual
address space. Henceforth, VM_MIN_KERNEL_ADDRESS should be used
instead. Since KERNBASE and VM_MIN_KERNEL_ADDRESS are still the same
address, there should be no visible effect from this change (yet).
That said, kris@ has tested crash dumps under the full patch that
increases the kernel virtual address space on amd64 to 6GB.
Tested by: kris@
address space on the amd64 architecture. The amd64 architecture
requires kernel code and global variables to reside in the highest 2GB
of the 64-bit virtual address space. Thus, KERNBASE cannot change.
However, KERNBASE is sometimes used as the start of the kernel virtual
address space. Henceforth, VM_MIN_KERNEL_ADDRESS should be used
instead. Since KERNBASE and VM_MIN_KERNEL_ADDRESS are still the same
address, there should be no visible effect from this change (yet).
This is needed for correct behavior when packets are lost or reordered.
PR: kern/123950
Reviewed by: andre@, silby@
Reported by: Yahoo!, Wang Jin
MFC after: 1 week
needed to promote cdev to cdev_priv, the si_priv pointer was followed.
Use member2struct() to calculate address of the wrapping cdev_priv.
Rename si_priv to __si_reserved.
Tested by: pho
Reviewed by: ed
MFC after: 2 weeks
libi386's time(), caused by a qemu bug. The bug might
be present in other BIOSes, too.
qemu either does not simulate the AT RTC correctly or
has a broken BIOS 1A/02 implementation, and will return
an incorrect value if the RTC is read while it is being
updated.
The effect is worsened by the fact that qemu's INT 15/86
function ("wait" a.k.a. usleep) is non-implmeneted or
broken and returns immediately, causing beastie.4th to
spin in a tight loop calling the "read RTC" function
millions of times, triggering the problem quickly.
Therefore, we keep reading the BIOS value until we get
the same result twice. This change fixes beastie.4th's
countdown under qemu.
Approved by: des (mentor)
