Commit Graph

18962 Commits

Author SHA1 Message Date
Kirk McKusick
75e3597abb Continuing efforts to provide hardening of FFS, this change adds a
check hash to cylinder groups. If a check hash fails when a cylinder
group is read, no further allocations are attempted in that cylinder
group until it has been fixed by fsck. This avoids a class of
filesystem panics related to corrupted cylinder group maps. The
hash is done using crc32c.

Check hases are added only to UFS2 and not to UFS1 as UFS1 is primarily
used in embedded systems with small memories and low-powered processors
which need as light-weight a filesystem as possible.

Specifics of the changes:

sys/sys/buf.h:
    Add BX_FSPRIV to reserve a set of eight b_xflags that may be used
    by individual filesystems for their own purpose. Their specific
    definitions are found in the header files for each filesystem
    that uses them. Also add fields to struct buf as noted below.

sys/kern/vfs_bio.c:
    It is only necessary to compute a check hash for a cylinder
    group when it is actually read from disk. When calling bread,
    you do not know whether the buffer was found in the cache or
    read. So a new flag (GB_CKHASH) and a pointer to a function to
    perform the hash has been added to breadn_flags to say that the
    function should be called to calculate a hash if the data has
    been read. The check hash is placed in b_ckhash and the B_CKHASH
    flag is set to indicate that a read was done and a check hash
    calculated. Though a rather elaborate mechanism, it should
    also work for check hashing other metadata in the future. A
    kernel internal API change was to change breada into a static
    fucntion and add flags and a function pointer to a check-hash
    function.

sys/ufs/ffs/fs.h:
    Add flags for types of check hashes; stored in a new word in the
    superblock. Define corresponding BX_ flags for the different types
    of check hashes. Add a check hash word in the cylinder group.

sys/ufs/ffs/ffs_alloc.c:
    In ffs_getcg do the dance with breadn_flags to get a check hash and
    if one is provided, check it.

sys/ufs/ffs/ffs_vfsops.c:
    Copy across the BX_FFSTYPES flags in background writes.
    Update the check hash when writing out buffers that need them.

sys/ufs/ffs/ffs_snapshot.c:
    Recompute check hash when updating snapshot cylinder groups.

sys/libkern/crc32.c:
lib/libufs/Makefile:
lib/libufs/libufs.h:
lib/libufs/cgroup.c:
    Include libkern/crc32.c in libufs and use it to compute check
    hashes when updating cylinder groups.

Four utilities are affected:

sbin/newfs/mkfs.c:
    Add the check hashes when building the cylinder groups.

sbin/fsck_ffs/fsck.h:
sbin/fsck_ffs/fsutil.c:
    Verify and update check hashes when checking and writing cylinder groups.

sbin/fsck_ffs/pass5.c:
    Offer to add check hashes to existing filesystems.
    Precompute check hashes when rebuilding cylinder group
    (although this will be done when it is written in fsutil.c
    it is necessary to do it early before comparing with the old
    cylinder group)

sbin/dumpfs/dumpfs.c
    Print out the new check hash flag(s)

sbin/fsdb/Makefile:
    Needs to add libufs now used by pass5.c imported from fsck_ffs.

Reviewed by: kib
Tested by: Peter Holm (pho)
2017-09-22 12:45:15 +00:00
Mariusz Zaborski
08016b3185 Remove redundant initialization. Don't use variable - just return the value.
Make scan-build happy by casting to 'void *' instead of 'void **'.

Submitted by:	pjd@
MFC after:	1 month
Found by:	scan-build and cppcheck
Sponsored by:	Wheel Systems
2017-09-21 10:00:16 +00:00
Gordon Tetlow
40427cca7a MFV r323678: file 5.32
Approved by:	emaste (mentor)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D12400
2017-09-17 19:14:38 +00:00
Ed Maste
c9c69ebad7 libsysdecode: report invalid cap_rights_t
Previously we'd have an assertion failure in cap_rights_is_set if
sysdecode_cap_rights is called with an invalid cap_rights_t, so test for
validity first.

PR:		222258
Reviewed by:	cem
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D12391
2017-09-17 14:03:54 +00:00
Ed Maste
13f2a57b0e rename(2): document capability mode errors
Reviewed by:	allanjude
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D12339
2017-09-15 20:12:38 +00:00
Ed Maste
487214afa5 open(2): update ENOTCAPABLE description for .. lookups
After r308212 Capsicum permits .. lookups in capability mode, as long as
path component traversal does not escape the directory corresponding to
the provided file descriptor.

We should add a description of the vfs.lookup_cap_dotdot and
vfs.lookup_cap_dotdot_nonlocal sysctls, perhaps as a cross-reference to
capsicum(4). I intend to look at that soon.

Reviewed by:	bjk, cem, kib
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D12343
2017-09-15 20:05:55 +00:00
Pedro F. Giffuni
98fa04efed libedit: raise the warning level to 3.
NetBSD has the warning level to 5 but that actually triggers -Wcast-qual.
2017-09-14 19:50:07 +00:00
Konstantin Belousov
587e285e97 Silently handle freeaddrinfo(NULL) for compatibility with code which
works on other OSes.  Also avoid unnecessary NULL check, free(NULL) is
valid.

Reviewed by:	bjk (man page), hrs, hselasky, ume
Sponsored by:	Mellanox Technologies
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D12354
2017-09-14 19:18:24 +00:00
John Baldwin
197e3ae5fc Add ptrace operations to fetch and store VFP registers.
Reviewed by:	mmel, kib
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D12294
2017-09-14 15:03:43 +00:00
Pedro F. Giffuni
cf7df9f141 libedit: add missing bracket.
We never hit this because we always build with widechar support.

Reported by:	cognet
MFC after:	3 days
2017-09-13 16:13:14 +00:00
Warner Losh
0e5d767884 Minor fixes to edge cases in efi_get_next_variable_name
Fix allocating more memory for the names (unlikely to be needed, but
still best to get right) to ask for the length the kernel told use we
needed, not the old length of the variable. Mind the proper NUL that
we add in the space we allocate. Free the old name string before we
allcoate a new one to limit what we leak to the last one (free passed
in name for the last one in the list), and detect the last one by rv
!= 0 and errno == ENOENT, rather then just the former to avoid false
positives if errno happens to be ENOENT on entry.

Sponsored by: Netflix
2017-09-13 04:32:23 +00:00
Toomas Soome
c7901210fb libstand: tftp_open() can leak pkt on error
The memory can be leaked if we will have pkt set and will get an error
during tftp_open() processing.

Differential Revision:	https://reviews.freebsd.org/D12202
2017-09-12 13:51:18 +00:00
Conrad Meyer
b906c1a02a libgeom: Remove redundant and duplicated code
In g_open(), g_device_path_open().

No functional change.

Sponsored by:	Dell EMC Isilon
2017-09-08 15:44:52 +00:00
David Chisnall
c0cd38223c Document some invariants for the XLC_ enum.
These can't be reordered without breaking other code.  Document that and add
some static asserts to ensure that anyone who tries gets build failures.
2017-09-07 17:51:35 +00:00
Warner Losh
1028a2d4b3 Implement efidp_size
efidp_size will return the size, in bytes, of a EFI device path
structure. This is a convenience wrapper in the same style as the
other linux routines. It's implemented by GetDevicePathSize from EDK2
we already needed for other things.

Sponsored by: Netflix
2017-09-07 07:30:14 +00:00
Dimitry Andric
c891abb2ae Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
5.0.0 release (upstream r312559).

Release notes for llvm, clang and lld will be available here soon:
<http://releases.llvm.org/5.0.0/docs/ReleaseNotes.html>
<http://releases.llvm.org/5.0.0/tools/clang/docs/ReleaseNotes.html>
<http://releases.llvm.org/5.0.0/tools/lld/docs/ReleaseNotes.html>

Relnotes:	yes
MFC after:	1 month
X-MFC-with:	r321369
2017-09-06 21:21:13 +00:00
Dimitry Andric
4bc3002fe0 Vendor import of clang 5.0.0 release r312559:
https://llvm.org/svn/llvm-project/cfe/tags/RELEASE_500/final@312559
2017-09-06 20:55:03 +00:00
Dimitry Andric
0bc1bd0d39 Vendor import of llvm 5.0.0 release r312559:
https://llvm.org/svn/llvm-project/llvm/tags/RELEASE_500/final@312559
2017-09-06 20:52:23 +00:00
Konstantin Belousov
b99b705d9c Skylake server core PMC support for hwpmc(4).
Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
Hardware provided by:	Intel
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D12221
2017-09-06 17:19:48 +00:00
Konstantin Belousov
9491ba7593 Minor style changes to make forthcoming code stand out less.
Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
X-Differential revision:	https://reviews.freebsd.org/D12221
2017-09-06 17:14:23 +00:00
Mark Johnston
2c73c414eb Avoid keeping a dangling pointer when the mappings array is resized.
Sponsored by:	Dell EMC Isilon
2017-09-06 16:24:34 +00:00
Ryan Libby
92ac7e80da libefivar: -fno-strict-aliasing
Avoid dealing with some code that uses type-punned pointers.

See D12210 and D12211 for more background.

Reviewed by:	imp
Approved by:	markj (mentor)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D12219
2017-09-04 18:59:44 +00:00
John Baldwin
39a3a4386a Decode pathconf() names, *at() flags, and sysarch() numbers in libsysdecode.
Move tables that were previously in truss over to libsysdecode.  truss
output is unchanged, but kdump has been updated to decode these fields.
In addition, sysdecode_sysarch_number() should support all platforms
whereas the old table in truss only supported x86.
2017-09-04 05:34:36 +00:00
Dimitry Andric
3ea909cc76 Upgrade our copies of clang, llvm, lldb and compiler-rt to r312293 from
the upstream release_50 branch.  This corresponds to 5.0.0 rc4.

As of this version, the cad/stepcode port should now compile in a more
reasonable time on i386 (see bug 221836 for more information).

PR:		221836
MFC after:	2 months
X-MFC-with:	r321369
2017-09-01 18:53:36 +00:00
Toomas Soome
7a42b7f27f libstand: nfs_readlink() should return proper return code
The nfs_readlink() is returning constant 0 instead of variable.

Reviewed by:	avg
Differential Revision:	https://reviews.freebsd.org/D12201
2017-09-01 16:40:12 +00:00
Dimitry Andric
8a86acebf8 Vendor import of libc++ release_50 branch r312293:
https://llvm.org/svn/llvm-project/libcxx/branches/release_50@312293
2017-09-01 16:29:22 +00:00
Dimitry Andric
ef2abedb8a Vendor import of clang release_50 branch r312293:
https://llvm.org/svn/llvm-project/cfe/branches/release_50@312293
2017-09-01 16:29:06 +00:00
Dimitry Andric
26811f17f2 Vendor import of llvm release_50 branch r312293:
https://llvm.org/svn/llvm-project/llvm/branches/release_50@312293
2017-09-01 16:28:56 +00:00
Warner Losh
ae3adc0645 Fix parsing File() nodes in device paths.
o Add File to the mUefiDevicePathLibDevPathFromTextTable table so we
  don't include 'File()' in the supposed path name. This happens because
  of a possible misfeature in the EDK2 code where any path that's not
  recognized is treated as a File() node.
o Convert utf8 input into ucs2 output rather than just copying the
  utf8 and hoping for the best (no good comes from that).
o Remove bogus comment about needing to add 1. The dummy array already
  is length 1, so that's included in sizeof the struct, so there's no
  need to add it.

Sponsored by: Netflix
2017-08-31 15:53:47 +00:00
Warner Losh
0d802f5a7a Fix printing File() nodes in device paths.
Device paths encoded into the FILEPATH_DEVICE_PATH are UCS2 not
ASCII/UTF8. Convert to utf8 and print that when printing File
paths. Also, since File may be at the end of a long device path,
output File() around the path so it doesn't just show up as random
nodes that might accidentally match real node paths names and cause
errors.
2017-08-31 15:53:27 +00:00
John Baldwin
e896328044 Don't include GNU object attributes when building with clang.
LLVM's MIPS assembler parser does not understand the GNU as
'.gnu_attribute' keyword.  This could be re-enabled if LLVM is updated
in the future.  The desired floating point ABI is already described in
the .MIPS.abiflags section.

Reviewed by:	emaste
Sponsored by:	DARPA / AFRL
2017-08-30 19:19:31 +00:00
Dimitry Andric
2b12718be6 Follow-up to r323001: if the actually selected CPUTYPE is capable of
SSE2 instructions, we can use them.

Suggested by:	jkim
PR:		221733
MFC after:	1 week
X-MFC-With:	r323001
2017-08-30 07:05:29 +00:00
Ryan Libby
fca37d4727 lib/msun: add more csqrt unit tests for precision and overflow
Reviewed by:	bde
Approved by:	markj (mentor)
Sponsored by:	Dell EMC Isilon
2017-08-29 22:37:24 +00:00
Ryan Libby
cf551d94ef lib/msun: avoid referring to broken LDBL_MAX
LDBL_MAX is broken on i386:
https://lists.freebsd.org/pipermail/freebsd-numerics/2012-September/000288.html

Gcc has produced +Infinity for LDBL_MAX on i386 and amd64 with -m32
for some time, and newer versions of gcc are now warning that the
"floating constant exceeds range of 'long double'".  Avoid this by
referring to proxy values instead.

Reviewed by:	bde
Approved by:	markj (mentor)
Sponsored by:	Dell EMC Isilon
2017-08-29 22:32:29 +00:00
Dimitry Andric
e1ca2b88e2 In compiler-rt, a few assembler implementations for i386 floating point
conversion functions use SSE2 instructions, but these are not guarded by
#ifdef __SSE2__, and there is no implementation using general purpose
registers.  For these functions, use the generic C variants instead,
otherwise they will cause SIGILL on older processors.

Reported by:	bsdpr@phoe.frmug.org
PR:		221733
MFC after:	1 week
2017-08-29 21:45:00 +00:00
Pedro F. Giffuni
be53a489c6 libc: minor indent(1) cleanups.
Illumos and Schillix is adopting some of the locale code and our style(9)
sometimes matches the Solaris cstyle, so the changes are also useful as a
way to reduce diffs.

No functional change.

Discussed with: Joerg Schilling
MFC after:	1 week
2017-08-26 16:11:21 +00:00
Enji Cooper
b92e8635f9 Revert r321457
It doesn't fail after ^/head@r322855 (the releng_50 clang merge).

PR:	220989
MFC after:	2 months
MFC with:	r321369, r322855
2017-08-26 06:44:50 +00:00
Conrad Meyer
5a28df2e13 getmntinfo(3): Scale faster, and return sooner
getmntinfo(3) is designed around a relatively static or slow growing set of
current mounts.  It tried to detect a race with somewhat concurrent mount
and re-call getfsstat(2) in that case, looping indefinitely.  It also
allocated space for a single extra mount as slop.

In the case where the user has a large number of mounts and is adding them
at a rapid pace, it fell over.

This patch makes two functional changes:

1. Allocate even more slop.  Double whatever the last getfsstat(2) returned.

2. Abort and return some known results after looping a few times
   (arbitrarily, 3).  If the list is constantly changing, we can't guarantee
   we return a full result to the user at any point anyways.

While here, add very basic functional tests for getmntinfo(3) to the libc
suite.

PR:		221743
Submitted by:	Peter Eriksson <peter AT ifm.liu.se> (earlier version)
Sponsored by:	Dell EMC Isilon
2017-08-25 16:38:21 +00:00
Dimitry Andric
0fa4377182 Upgrade our copies of clang, llvm, lldb and compiler-rt to r311606 from
the upstream release_50 branch.

As of this version, lib/msun's trig test should also work correctly
again (see bug 220989 for more information).

PR:		220989
MFC after:	2 months
X-MFC-with:	r321369
2017-08-24 20:19:27 +00:00
Dimitry Andric
965351a4eb Vendor import of compiler-rt release_50 branch r311606:
https://llvm.org/svn/llvm-project/compiler-rt/branches/release_50@311606
2017-08-24 16:35:23 +00:00
Dimitry Andric
a75fa8aaf2 Vendor import of clang release_50 branch r311606:
https://llvm.org/svn/llvm-project/cfe/branches/release_50@311606
2017-08-24 16:35:14 +00:00
Dimitry Andric
5e529592b1 Vendor import of llvm release_50 branch r311606:
https://llvm.org/svn/llvm-project/llvm/branches/release_50@311606
2017-08-24 16:35:02 +00:00
John Baldwin
de6feefdb7 Improve the coverage of debug symbols for MK_DEBUG_FILES.
- Include debug symbols in static libraries.  This permits binaries
  to include debug symbols for functions obtained from static libraries.
- Permit the C/C++ compiler flags added for MK_DEBUG_FILES to be
  overridden by setting DEBUG_FILES_CFLAGS.  Use this to limit the debug
  information for llvm libraries and binaries.

Reviewed by:	emaste
Sponsored by:	DARPA / AFRL
Differential Revision:	https://reviews.freebsd.org/D12025
2017-08-23 23:30:25 +00:00
John Baldwin
04a91333db Include {u,}{div,mod}si3() on mips in libcompiler_rt.
These builtins were listed in the mips-specific Symbol.map for libc but
were not implemented.  Compiling mips with recent clang requires these
symbols.

Sponsored by:	DARPA / AFRL
2017-08-21 17:49:01 +00:00
Konstantin Belousov
7fea98ac16 Optimize libc to get and set TLS using the RDFSBASE and RDGSBASE
instructions, if supported both by CPU and kernel.

Reviewed by:	jhb (previous version)
Tested by:	pho (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	3 weeks
Differential revision:	https://reviews.freebsd.org/D12023
2017-08-21 17:39:12 +00:00
Dimitry Andric
0554abf0e0 Upgrade our copies of clang, llvm, lld and libc++ to r311219 from the
upstream release_50 branch.

MFC after:	2 months
X-MFC-with:	r321369
2017-08-21 07:03:02 +00:00
Dimitry Andric
6aa46a19c5 Vendor import of clang release_50 branch r311219:
https://llvm.org/svn/llvm-project/cfe/branches/release_50@311219
2017-08-20 21:03:30 +00:00
Dimitry Andric
15c5c77fa0 Vendor import of llvm release_50 branch r311219:
https://llvm.org/svn/llvm-project/llvm/branches/release_50@311219
2017-08-20 21:02:43 +00:00
Dag-Erling Smørgrav
3954b52f28 In fetch_resolve(), if the port number or service name is included in
the host argument (e.g. "www.freebsd.org:443"), the service pointer,
which is supposed to point to the port or service part, instead points
to the separator, causing getaddrinfo() to fail.

Note that I have not been able to trigger this bug with fetch(1), nor
do I believe it is possible, as libfetch always parses the host:port
specification itself.  I discovered it when I copied fetch_resolve()
into an unrelated project.

MFC after:	3 days
2017-08-18 18:20:36 +00:00
Sevan Janiyan
242afab281 Add caveat to kinfo_getvmmap(3) explaining high CPU utilisation.
Based on kib's reply on https://lists.freebsd.org/pipermail/freebsd-hackers/2016-July/049710.html

PR:		210904
Submitted by:	Yuri Victorovich <yuri AT rawbw DOT com>
Reviewed by:	jilles
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D12004
2017-08-18 16:42:58 +00:00