The inpcb needs to be locked when we update output packet options.
Otherwise it is possible for the IPV6_2292PKTOPTIONS handler to free
packet option structures while another thread is reading or updating
them.
Note that the option handler is still kind of broken. For instance it
frees all options before performing privilege checks for individual
options. However, this can be fixed separately.
Reported by: syzbot+52eb0fd4ddc119787f9d@syzkaller.appspotmail.com
Reviewed by: bz, tuexen
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D24125
we have crc32(const void *, size_t) in libsa. Unfortunately zlib has
crc32(long, const unigned char *, unsigned) and we have conflict.
Since we do build libsa with zlib, we can use zlib version instead.
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D24068
armv7 crash due to misligned access of dos_partition dp_start field.
Allocate and make copy of dos_partition array to make sure the data
is aligned.
Reported by: marklmi at yahoo.com
Broadcom 9400-8i8e HBAs report virtual SES device, where slots representing
external connectors are reported having no phys. Since sasdev_phys is NULL
there and proto_hdr is a union, ses_paths_iter() misinterpreted them as ATA.
Add explicit protocol check to properly differentiate them.
MFC after: 1 week
Sponsored by: iXsystems, Inc.
filecaps_free_prep() bzeros the capabilities structure and we need to be
careful to synchronize with unlocked readers, which expect a consistent
rights structure.
Reviewed by: kib, mjg
Reported by: syzbot+5f30b507f91ddedded21@syzkaller.appspotmail.com
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D24120
The Capsicum system calls modify file descriptor table entries. To
ensure that readers observe a consistent snapshot of descriptor writes,
the system calls need to signal to unlocked readers that an update is
pending.
Note that ioctl rights are always checked with the descriptor table lock
held, so it is not strictly necessary to signal unlocked readers.
However, we probably want to enable lockless ioctl checks eventually, so
use seqc_write_begin() in kern_cap_ioctls_limit() too.
Reviewed by: kib
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D24119
r343287 / D18759 introduced ifa_add_groups_to_map() which is now run by
ifa_load/ifa_lookup/host_if. When loading an anchor or ruleset via pfctl that
does NOT contain ifnames as hosts, host() still ends up iterating all
interfaces twice, grabbing SIOCGIFGROUP ioctl twice for each. This adds an
unnecessary amount of time on systems with thousands or tens of thousands of
interfaces.
Prioritize the IPv4/6 check over the interface name lookup, which skips loading
the iftab and iterating all interfaces when the configuration does not contain
interface names.
Submitted by: Nick Rogers
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D24100
Two arguments were reversed in calls to cam_strvis() in
nvme_da.c. This was found by a Coverity scan of this code within Dell
(Isilon). These are also marked in the FreeBSD Coverity scan as CIDs
1400526 & 1400531.
Submitted by: robert.herndon@dell.com
Reviewed by: vangyzen@, imp@
MFC after: 3 days
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D24117
The geli(8) manual page has an example for preloading keyfiles during boot.
There is no detail though on how the lookup of these variables actually
works.
Let's document that the name of a device does not have to be a part
of the variable.
PR: 243261
Submitted by: johannes@jo-t.de
Approved by: bcr (mentor)
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D24114
The current code uses a rwlock to protect the cached list, which
in turn holds a list of catentry objects, and increments reference
count while holding only read lock.
Fix this by converting the reference counter to use atomic operations.
While I'm there, also perform some clean ups around memory operations.
PR: 202636
Reported by: Henry Hu <henry.hu.sh@gmail.com>
Reviewed by: markj
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D24095
We've observed that on some highly fragmented pools, most metaslab
allocations are small (~2-8KB), but there are some large, 128K
allocations. The large allocations are for ZIL blocks. If there is a
lot of fragmentation, the large allocations can be hard to satisfy.
The most common impact of this is that we need to check (and thus load)
lots of metaslabs from the ZIL allocation code path, causing sync writes
to wait for metaslabs to load, which can take a second or more. In the
worst case, we may not be able to satisfy the allocation, in which case
the ZIL will resort to txg_wait_synced() to ensure the change is on
disk.
To provide a workaround for this, this change adds a tunable that can
reduce the size of ZIL blocks.
External-issue: DLPX-61719
Reviewed-by: George Wilson <george.wilson@delphix.com>
Reviewed-by: Paul Dagnelie <pcd@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Matthew Ahrens <mahrens@delphix.com>
Closes#8865openzfs/zfs@b8738257c2
MFC after: 2 weeks
If EOI suppression is supported but reported ioapic version is so old
that it does not has EOI register (weird virtualization setup), fix
Intel trick of eoi-ing by flipping pin type (edge/level) to account
for the disabled pin.
Reported by: Juniper
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D23965
It does not serve any purpose now, the io apic id is not seen by
software, and some Intel documents claim that the register is
implemented for FUD reasons. More, renumbering seems to not work on
new Intel machines which actually have mismatched MADT and hw IDs.
On older machines where separate APIC bus existed, unique numbering of
all APICs was required for bus arbitration to work, but it is no
longer true (that machines were SMP from pre-Pentium IV era).
When matching PCIe IOAPIC device against MADT-enumerated IOAPICs,
compare io_apic_id from BAR against io_apic_id read from the
MADT-pointed register page.
Reviewed by: jhb
Tested by: flo (previous version), pho
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D23965
Delete the conditions that forcibly disabled GOOGLETEST and LLDB for
pre-C++11 C++ compilers, since we no longer support such compilers.
Also delete the complicated method of defaulting LIBCPLUSPLUS to YES.
Prodded by: kevans
Sponsored by: The FreeBSD Foundation
It seems that the newer Intel chipset did that, and Linux reads 8
bits. The only detail is that all seen datasheets, even under NDA,
claim that io apic id is 4 bits.
Submitted by: jeff
Reviewed by: jhb
Tested by: flo, pho
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D23965
r359083 introduced a workaround for stale libomp dependencies during a
regular (no -DNO_CLEAN) buildworld. r359088 addressed the reason the
clean step missed libomp, so revert the workaround.
Sponsored by: The FreeBSD Foundation
We no longer support older C++ compilers, so do not need to explicitly
test for C++11 support.
After r339946 we stopped running `cc --version` during cleandir/obj
stages, so stopped setting COMPILER_FEATURES. This in turn meant
lib/libomp was excluded from the clean stage in a normal buildworld
(i.e., one without -DNO_CLEAN), and this is what caused recent build
failures with errors about missing ittnotify_static.c.
This commit should obviate the need for the workaround committed in
r359083. Thanks to bdrewery for the insight and for pushing for a
correct fix. There are more cleanups to be done, but this change is
a simplification and an improvement over r359083.
Sponsored by: The FreeBSD Foundation
Fix -Wdeprecated-copy-dtor and -Wdeprecated-dynamic-exception-spec
warnings.
Summary:
The former are like:
libcxx/include/typeinfo:322:11: warning: definition of implicit copy
constructor for 'bad_cast' is deprecated because it has a
user-declared destructor [-Wdeprecated-copy-dtor]
virtual ~bad_cast() _NOEXCEPT;
^
libcxx/include/typeinfo:344:11: note: in implicit copy constructor
for 'std::bad_cast' first required here
throw bad_cast();
^
Fix these by adding an explicitly defaulted copy constructor.
The latter are like:
libcxx/include/codecvt:105:37: warning: dynamic exception
specifications are deprecated [-Wdeprecated-dynamic-exception-spec]
virtual int do_encoding() const throw();
^~~~~~~
Fix these by using the _NOEXCEPT macro instead.
Reviewers: EricWF, mclow.lists, ldionne, #libc
Reviewed By: EricWF, #libc
Subscribers: dexonsmith, libcxx-commits
Tags: #libc
Differential Revision: https://reviews.llvm.org/D76150
This is because we use -Wsystem-headers during buildworld, and the two
warnings above are now triggered by default with clang 10, preventing
most C++ code from compiling without NO_WERROR.
Requested by: brooks
MFC after: 6 weeks
X-MFC-With: 358851
Differential Revision: https://reviews.freebsd.org/D24049
[EarlyCSE] avoid crashing when detecting min/max/abs patterns (PR41083)
As discussed in PR41083:
https://bugs.llvm.org/show_bug.cgi?id=41083
...we can assert/crash in EarlyCSE using the current hashing scheme
and instructions with flags.
ValueTracking's matchSelectPattern() may rely on overflow (nsw, etc)
or other flags when detecting patterns such as min/max/abs composed
of compare+select. But the value numbering / hashing mechanism used
by EarlyCSE intersects those flags to allow more CSE.
Several alternatives to solve this are discussed in the bug report.
This patch avoids the issue by doing simple matching of min/max/abs
patterns that never requires instruction flags. We give up some CSE
power because of that, but that is not expected to result in much
actual performance difference because InstCombine will canonicalize
these patterns when possible. It even has this comment for abs/nabs:
/// Canonicalize all these variants to 1 pattern.
/// This makes CSE more likely.
(And this patch adds PhaseOrdering tests to verify that the expected
transforms are still happening in the standard optimization
pipelines.
I left this code to use ValueTracking's "flavor" enum values, so we
don't have to change the callers' code. If we decide to go back to
using the ValueTracking call (by changing the hashing algorithm
instead), it should be obvious how to replace this chunk.
Differential Revision: https://reviews.llvm.org/D74285
This fixes an assertion when building the math/gsl port on PowerPC64.
Requested by: pkubja
MFC after: 6 weeks
X-MFC-With: 358851
[ELF][PPC32] Don't report "relocation refers to a discarded section"
for .got2
Similar to D63182 [ELF][PPC64] Don't report "relocation refers to a
discarded section" for .toc
Reviewed By: Bdragon28
Differential Revision: https://reviews.llvm.org/D75419
This is needed to fix compile errors when building for ppc32/lld10.
Requested by: bdragon
MFC after: 6 weeks
X-MFC-With: 358851
Differential Revision: https://reviews.freebsd.org/D24110
[ELF][PPC32] Fix canonical PLTs when the order does not match the PLT order
Reviewed By: Bdragon28
Differential Revision: https://reviews.llvm.org/D75394
This is needed to fix miscompiled canonical PLTs on ppc32/lld10.
Requested by: bdragon
MFC after: 6 weeks
X-MFC-With: 358851
Differential Revision: https://reviews.freebsd.org/D24109
Apparently make ${CLEANDIR} is leaving stale entries in .depend files;
for now invoke the hacky cleanup in both the -DNO_CLEAN and normal
(no -DNO_CLEAN) cases.
In collaboration with: dim
Sponsored by: The FreeBSD Foundation
This hook can be useful, for example to run a local function to choose
different modules to load when a user has picked a different kernel
from the menu.
Reviewed by: kevans
Approved by: mav (mentor)
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D24115
On UFS with SU+J, sometimes fsck's default recovery from journal marks the
filesystem as clean but some errors remain.
With SU only, default fsck in preen mode sometimes thinks all errors have
been fixed but some still remain.
To address the issues above, this change adds a new config option:
fsck_flags. By default it's set to -p, but the user may change it to -y
or -f -y, for instance, to force a full fsck after a system crash.
Submitted by: jhibbits@ (original version)
Reviewed by: mckusick
Differential Revision: https://reviews.freebsd.org/D24087