Commit Graph

264811 Commits

Author SHA1 Message Date
emaste
62ba5c5b47 cfi: #include <limits.h> for ULONG_MAX after r355101
Reported by:	rlibby
MFC with:	r355101
2019-11-26 02:26:34 +00:00
rlibby
6c18602692 in_mcast.c: need if_addr_lock around inm_release_deferred
Apply a similar fix as for in6_mcast.c.

Reviewed by:	hselasky
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D20740
2019-11-25 22:25:34 +00:00
rlibby
6751c1f63b in6_joingroup_locked: need if_addr_lock around in6m_disconnect_locked
It looks like the call that requires the lock was introduced in r337866.

Reviewed by:	hselasky
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D20739
2019-11-25 22:25:10 +00:00
emaste
1ffd865207 cfi: check for inter overflow in cfi_devioctl
Reported by:    Pietro Oliva
Reviewed by:	markj
MFC after:	3 days
Security:	Possible OOB read in root-only ioctl
Sponsored by:	The FreeBSD Foundation
2019-11-25 21:21:37 +00:00
ian
baf0ca716f Allow opt-out of automatic ntpd leapfile checking/fetching.
When a system has no internet connection, or when it is configured to obtain
ntpd leapfiles from some source other than the internet, or even when the
sysadmin has decided for some reason to customize ntp.conf to eliminate use
of the leapfile, the rc.d/ntpd script emits various error messages related
to the file.

This change allows setting the rc var ntp_db_leapfile to NONE to disable all
automatic processing related to that file in rc.d/ntpd.

Differential Revision:	https://reviews.freebsd.org/D22461
2019-11-25 19:59:53 +00:00
chs
c7d2541ea9 In ffs_freefile(), use a separate variable to hold the inode number within
the cg rather than reusuing "ino" for this purpose.  This reduces the diff
for an upcoming change that improves handling of I/O errors.

No functional change.

Reviewed by:	mckusick
Approved by:	mckusick (mentor)
Sponsored by:	Netflix
2019-11-25 19:31:38 +00:00
oshogbo
4ae67fb7ab procdesc: allow to collect status through wait(1) if process is traced
The debugger like truss(1) depends on the wait(2) syscall. This syscall
waits for ALL children. When it is waiting for ALL child's the children
created by process descriptors are not returned. This behavior was
introduced because we want to implement libraries which may pdfork(1).

The behavior of process descriptor brakes truss(1) because it will
not be able to collect the status of processes with process descriptors.

To address this problem the status is returned to parent when the
child is traced. While the process is traced the debugger is the new parent.
In case the original parent and debugger are the same process it means the
debugger explicitly used pdfork() to create the child. In that case the debugger
should be using kqueue()/pdwait() instead of wait().

Add test case to verify that. The test case was implemented by markj@.

Reviewed by:	kib, markj
Discussed with:	jhb
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D20362
2019-11-25 18:33:21 +00:00
emaste
48cbd3230e update comment (about llvm target config) to match r355095 2019-11-25 18:27:02 +00:00
emaste
ad0762566e remove armv6 LLVM workaround introduced in r341812
r341812 enabled only arm target support in LLVM on arm and armv6,
because ld.bfd 2.17.50 lacked support for range extensions required for
linking such large binaries/libraries.  r341812 indicated that the
workaround should be removed once the userland can be linked by lld.

r354289 switched armv6 to use lld by default, so remove the workaround
on armv6.  The workaround remains in place for arm (v5), and will
presumably be removed when arm is retired.

Sponsored by:	The FreeBSD Foundation
2019-11-25 18:18:28 +00:00
luporl
2179974858 [PPC64] Enable phyp vty use as a GDB DBGPORT
This change makes it possible to use a POWER Hypervisor virtual
terminal device (phyp vty) as a GDB debug port.

Similar to the uart debug port, it has to be enabled by setting
the hw.uart_phyp.dbgport variable to the vty node of the device
tree.

Reviewed by:	jhibbits
Differential Revision:	https://reviews.freebsd.org/D22205
2019-11-25 16:30:38 +00:00
kib
9da47925f0 Limit bus_dma_dmar_set_buswide() definition to kernel only.
The header is abused for inclusion into userspace, and on stable
branches neither device_t nor bool types are not defined when used
from userspace.

Sponsored by:	The FreeBSD Foundation
X-MFC after:	now
2019-11-25 14:16:41 +00:00
delphij
084caaa165 MFV r355071: libbsdxml (expat) 2.2.9.
MFC after:	2 weeks
Relnotes:	yes
2019-11-25 07:48:16 +00:00
rlibby
7a0572369e vm_object_collapse_scan_wait: drop locks before reacquiring
Regression from r352174.  In the vm_page_rename() failure case we forgot
to unlock the vm object locks before sleeping and reacquiring them.

Reviewed by:	jeff
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D22542
2019-11-25 07:38:31 +00:00
rlibby
32e5f65de4 sysctl sysctls: wire old buf before output with sysctl lock
Several sysctl sysctls output to a user buffer while holding a
non-sleepable lock that protects the sysctl topology.  They need to wire
the output buffer, or else they may try to sleep on a page fault.

Reviewed by:	cem, markj
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D22528
2019-11-25 07:38:27 +00:00
jeff
0adc679b4c Move anonymous object copying for fork into its own routine and so that we
can avoid locking non-anonymous objects.

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D22472
2019-11-25 07:13:05 +00:00
dougm
8a7e572e89 Where 'current' is used to index over vm_map entries, use
'entry'. Where 'entry' is used to identify the starting point for
iteration, use 'first_entry'. These are the naming conventions used in
most of the vm_map.c code.  Where VM_MAP_ENTRY_FOREACH can be used, do
so. Squeeze a few lines to fit in 80 columns.  Where lines are being
modified for these reasons, look to remove style(9) violations.

Reviewed by: alc, markj
Differential Revision: https://reviews.freebsd.org/D22458
2019-11-25 02:19:47 +00:00
mav
7a2e858c1f Report XLAT0 register for completeness. 2019-11-25 01:00:51 +00:00
delphij
32c7a5f253 Vendor import of expat 2.2.9 2019-11-24 23:46:29 +00:00
bz
81a051c6de Allow kernel to compile without BPF.
r297816 added some bpf magic for VIMAGE unconditionally which no longer
allows kernels to compile without bpf (but with other networking).
Add the missing ifdef checks and allow a kernel to compile without bpf
again.

PR:		242136
Reported by:	dave mischler.com
MFC after:	2 weeks
2019-11-24 23:21:47 +00:00
ian
ed38396642 When doing ARM stack unwinding as part of stack_save(9), do not search
loaded modules (pass 0/false for the can_lock arg).  Searching the unwind
info in modules acquires an exclusive sxlock, and the stack(9) functions can
be called in a context where unbounded sleeps are forbidden (such as from
the witness checkorder code).

Just ignoring the existence of modules in stack_save() is not ideal, so I'm
looking for a better solution, but this commit will make it possible to boot
an ARM kernel with WITNESS enabled again, until I get something better.

PR:		242200
2019-11-24 21:08:56 +00:00
wulf
a5c27e7b22 Linux epoll: Allow passing of any negative timeout value to epoll_wait
Linux epoll allow passing of any negative timeout value to epoll_wait()
to cause unbound blocking

Reviewed by:	emaste
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D22517
2019-11-24 20:51:09 +00:00
wulf
b52750f436 Linux epoll: Register events with zero event mask
Such an events are legal and should be interpreted as EPOLLERR | EPOLLHUP.
Register a disabled kqueue event in that case as we do not support EPOLLHUP yet.

Required by Linux Steam client.

PR:		240590
Reported by:	Alex S <iwtcex@gmail.com>
Reviewed by:	emaste
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D22516
2019-11-24 20:47:40 +00:00
wulf
73dfdf541d Linux epoll: Check both read and write kqueue events existence in EPOLL_CTL_ADD
Linux epoll EPOLL_CTL_ADD op handler should always check registration
of both EVFILT_READ and EVFILT_WRITE kevents to deceide if supplied
file descriptor fd is already registered with epoll instance.

Reviewed by:	emaste
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D22515
2019-11-24 20:44:14 +00:00
wulf
f94c7eb751 Linux epoll: Don't deregister file descriptor after EPOLLONESHOT is fired
Linux epoll does not remove descriptor after one-shot event has been triggered.
Set EV_DISPATCH kqueue flag rather then EV_ONESHOT to get the same behavior.

Required by Linux Steam client.

PR:		240590
Reported by:	Alex S <iwtcex@gmail.com>
Reviewed by:	emaste, imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D22513
2019-11-24 20:41:47 +00:00
kib
b8d6a9ae5f Ignore object->handle for OBJ_ANON objects.
Note that the change in vm_object_collapse() is arguably a correctness
fix.  We must not collapse into content-identity carrying objects.

Reviewed by:	jeff
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D22467
2019-11-24 19:18:12 +00:00
eadler
c10c454057 bsd-family-tree: correct macOS release date
Reported by: Herbert J. Skuhra <herbert@gojira.at>
Reported by: Maxim Konovalov <maxim.konovalov@gmail.com>
2019-11-24 19:16:57 +00:00
kib
404183d739 Record part of the owner struct thread pointer into busy_lock.
Record as much bits from curthread into busy_lock as fits.  Low bits
for struct thread * representation are zero due to struct and zone
alignment, and they leave space for busy flags (perhaps except
statically allocated thread0).  Upper bits are not very interesting
for assert, and in most practical situations recorded value should
allow to manually identify the owner with certainity.

Assert that unbusy is performed by the owner, except few places where
unbusy is done in io completion handler.  For this case, add
_unchecked variants of asserts and unbusy primitives.

Reviewed by:	markj (previous version)
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D22298
2019-11-24 19:12:23 +00:00
kib
fc20114fc5 tmpfs: resolve deadlock between rename and unmount.
Top-level kern_renameat() increases the writecount on the mount point,
which, together with tmpfs unmount suspending the mount, already
ensures that unmount cannot proceed while rename unlocks and relocks
all operated vnodes.

Remove vfs_busy() call from tmpfs_rename() which was done while
holding a vnode lock, creating the deadlock.  The only intent of the
busy operation seems to be the prevention of unmount, which is already
ensured.

Reported and tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-11-24 19:06:38 +00:00
kib
372acbf63e amd64: assert that EARLY_COUNTER does not corrupt memory.
Reviewed by:	imp
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D22514
2019-11-24 19:02:13 +00:00
np
ef8543ad81 cxgbe(4): sysctl to reset the temperature/voltage sensor.
# sysctl dev.<nexus>.<inst>.reset_sensor=1
# sysctl dev.t6nex.0.reset_sensor=1

MFC after:	1 week
Sponsored by:	Chelsio Communications
2019-11-24 16:40:54 +00:00
imp
a339535792 Don't need giant for these drivers dev nodes.
Also, Giant isn't required to busy / unbusy a device, so drop that too while I'm
here. It's not done elsewhere in the tree and in the future will likely be
handled by a node lock to ensure consistency. Leave Giant in place for attach
and removing childing, as that's actually still needed, even if imperfect.

Remove stale comment about contigmalloc taking Giant and calling w/o the lock
held. Neither of these is still true.
2019-11-24 15:37:19 +00:00
imp
b3cba7ef11 Hoist locking giant back up into the ioctl handler
Move the locking back into the ioctl handler. This "fixes" the race where we hve
a hot plug event just after the dropping of Giant in pci_find_dbsf, assuming the
driver doesn't then call anything that drops and picks up Giant again... It's a
little safer since don't think it doesn't, but we lack the tools to know for
sure.
2019-11-24 15:37:14 +00:00
imp
2c8883e858 Fix leak in state machine for commands.
When we get a device departed message from the firmware, we send a TARGET_REST
to the device to let the firmware know we're done and as part of the recovery
process. This will abort all the commands. While the documentation says the IOC
is responsible for writing the completion message for all the commands pending
with an aborted status, we sometimes have queued commands for the target that
haven't been completed so are in the INQUEUE state. So, when we later complete
the pending CCB as aborted, these commands are freed and we hit the "state not
busy" panic.

Elsewhere where we dequeue commands, we move the state to BUSY from INQUEUE. Do
that here as well. In talking to Ken, Scott and Justin, they recommended a
series of tests to see if this is 100% safe. Those tests are ongoing, but
preliminary tests suggest this is safe as we see no duplicate completions when
we hit this case at work. We have a machine that has a dodgy powersupply which
usually doesn't apply power to a few drives, but sometimes does when the machine
is under heavy load so we get a rash of the connect / disconnect messages over
half an hour. Without this change, we'd see state not busy panic. With this
change, the drives just annoyingly come and go without affecting the rest of the
machine, but without a complete error injection test suite, it's hard to know if
all edge cases are now covered or not.

Discussed with: scottl, ken, gibbs
2019-11-24 15:24:05 +00:00
lwhsu
399fe02b18 Fix gcc build
We have -Werror=strict-overflow so gcc complains:

In file included from /tmp/obj/workspace/src/amd64.amd64/tmp/usr/include/bitstring.h:36:0,
                 from /workspace/src/tests/sys/sys/bitstring_test.c:34:
/workspace/src/tests/sys/sys/bitstring_test.c: In function 'bit_ffc_at_test':
/workspace/src/sys/sys/bitstring.h:239:5: error: assuming signed overflow does not occur when assuming that (X + c) >= X is always true [-Werror=strict-overflow]
  if (_start >= _nbits) {
     ^

Disable assuming overflow of signed integer will never happen by specifying
-fno-strict-overflow

Sponsored by:	The FreeBSD Foundation
2019-11-24 15:03:35 +00:00
kp
48915ceec6 pf: Add endline to all DPFPRINTF()
DPFPRINTF() doesn't automatically add an endline, so be consistent and
always add it.
2019-11-24 13:53:36 +00:00
eadler
9d37f477ae bsd-family-tree: add several new entries
Reviewed by:	imp, scottl
Differential Revision:	https://reviews.freebsd.org/D22529
2019-11-24 07:52:35 +00:00
bdragon
875b476ef3 [PowerPC] Fix stack padding issue on ppc32.
Four bytes of padding are needed in the regular powerpc case to bring the
stack frame size up to a multiple of 16 bytes to meet ABI requirements.

Fixes odd hangs I was encountering during testing.
2019-11-24 06:43:03 +00:00
np
6f08e2445f cxgbe(4): Update the firmware interface header.
This allows the driver to be updated for the next firmware without
waiting for it to be released.

MFC after:	2 weeks
Sponsored by:	Chelsio Communications
2019-11-24 05:37:28 +00:00
jhibbits
64d7d02e07 rtld/powerpc: Fix _rtld_bind_start for powerpcspe
Summary:
We need to save off the full 64-bit register, not just the low 32 bits,
of all registers getting saved off in _rtld_bind_start.  Additionally,
we need to save off the other SPE registers (SPEFSCR and accumulator),
so that their program state is not affected by the PLT resolver.

Reviewed by:	bdragon
Differential Revision:	https://reviews.freebsd.org/D22520
2019-11-24 04:35:29 +00:00
imp
3193ed06d2 Add a warning about Giant Locked devices
Add a warning when a device registers with devfs and requests
D_NEEDGIANT. The warning says the device will go away before
13.0. This is needed to flush out the devices in the tree that are
still Giant locked. This warning, or some variant of it, should have
gone into the tree a long time ago...

The intention is to require all devices be converted to not use
automatic giant in this way, or remove any such devices that remain
that we don't have the hardware to test a conversion of.

kbd so far is the only device that can't leave the tree, yet needs
something sensible done to avoid the auto giant lock (even if it is
just doing the wrapping itself). There may be others added to this
list... Any discussions of this topic will take place on arch@.
2019-11-23 23:57:26 +00:00
imp
a628096c6b We don't even need Giant here. It isn't protecting anything internal
to geom, and nothing we call requires it to be held. It's left over
from a time when the latter wasn't the case. Retire it.

Reviewed in concept: scottl@
2019-11-23 23:44:00 +00:00
imp
76e7001719 Push Giant down one layer
The /dev/pci device doesn't need GIANT, per se. However, one routine
that it calls, pci_find_dbsf implicitly does. It walks a list that can
change when PCI scans a new bus. With hotplug, this means we could
have a race with that scanning. To prevent that, take out Giant around
scanning the list.

However, given that we have places in the tree that drop giant, if
held when we call into them, the whole use of Giant to protect newbus
may be less effective that we desire, so add a comment about why we're
talking it out, and we'll address the issue when we lock newbus with
something other than Giant.
2019-11-23 23:43:52 +00:00
bdragon
2b12f11a68 [PowerPC] Fix typo in _ctx_start on ppc32
Theoretically, this was breaking the size calculation for the symbol.

Noticed when doing a readthrough.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D22525
2019-11-23 23:41:21 +00:00
bdragon
259e36feb2 [PowerPC] Use QEMU-compatible version of SPE accumulator save
Switch from "evaddumiaaw 0,0" to "evmwumiaa 0,0,0" when persisting the
accumulator. This has the benefit of actually being implemented in QEMU
as it is the form Linux uses for the same task.

Both instructions are functionally equivilent, as we are using them for
their side effect of copying the accumulator to GPRs rather than for the
actual math operation that they are performing.

Reviewed by: jhibbits
2019-11-23 21:18:55 +00:00
dim
217642f2b5 libclang_rt: enable on powerpc*
Summary:
Enable on powerpc64 and in lib/libclang_rt/Makefile change
MACHINE_CPUARCH to MACHINE_ARCH because on powerpc64
MACHINE_ARCH==MACHINE_CPUARCH so the 32-bit library overwrites 64-bit
library during installworld.

This patch doesn't enable any other libclang_rt libraries because they
need to be separately ported.

I have verified that games/julius (which fails on powerpc64 elfv2
without this change because of no libclang_rt profiling library) builds.

Test Plan: Ship it, test on powerpc and powerpcspe

Submitted by:	pkubaj
Reviewed by:	dim, jhibbits
Differential Revision: https://reviews.freebsd.org/D22425
MFC after:	1 month
X-MFC-With:	r353358
2019-11-23 19:35:09 +00:00
dougm
b0a70be8e5 The error messages that indicate bugs in 'area' bitstring functions
should identify accurately which function exhibited the bug.

Reviewed by: asomers
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D22519
2019-11-23 17:22:36 +00:00
kevans
7d071614ad bcm2835_sdhci: fix non-INVARIANTS build
sc is now only used to make sure we're not re-entering the data handling
path erroneously.

Reported by:	Mark Millard
2019-11-23 13:39:47 +00:00
kevans
54618cdc3b arm64/NOTES: add SOC_BRCM_BCM2838
This should have been done back when it was added, but it was not. It only
really adds an extra entry for memory mapping bits in bcm2835_vcbus.c, so
nothing too extensive yet.
2019-11-23 03:38:26 +00:00
kevans
4abe0c3020 bcm2835_dma: rip out the "use_dma" flag, make it non-optional
Now that it works for the Raspberry Pi 4, we can discontinue our workarounds
that were put in place to at least get a bootable kernel for other testing.
2019-11-23 01:47:17 +00:00
kevans
4616df79f3 bcm2835_sdhci: "fix" DMA on the RPi 4
According to the documentation I have, DREQ pacing should be required here.
The DREQ# hasn't changed since the BCM2835. As soon as we attempt to setup
DREQ, DMA stalls and there's no clear reason why as of yet. Setting this
back to NONE seems to work just as well, though it's yet to be determined if
this is a sustainable model in high-throughput scenarios.
2019-11-23 01:46:02 +00:00