because it means getdelim() returns -1 for both error and EOF, and
never returns 0. However, this is what the original GNU implementation
does, and POSIX inherited the bug.
Reported by: marcus@
Not only did these two drivers depend on IFF_NEEDSGIANT, they were
broken 7 months ago during the MPSAFE TTY import. if_ppp(4) has been
replaced by ppp(8). There is no replacement for if_sl(4).
If we see regressions in for example the ports tree, we should just use
__FreeBSD_version 800045 to check whether if_ppp(4) and if_sl(4) are
present. Version 800045 is used to denote the import of MPSAFE TTY.
Discussed with: rwatson, but also rwatson's IFF_NEEDSGIANT emails on the
lists.
driver in Linux 2.6. uscanner was just a simple wrapper around a fifo and
contained no logic, the default interface is now libusb (supported by sane).
Reviewed by: HPS
This tool creates large numbers of TCP connections, each of which will
transmit a fixed amount of data, between client and server hosts. tcpp can
use multiple workers (typically up to the number of hardware cores), and can
use multiple source IPs in order to use an expanded port/IP 4-tuple space to
avoid problems from reusing 4-tuples too quickly. Aggregate bandwidth use
will be reported after a client run.
While by no means a perfect tool, it has proven quite useful in generating
and optimizing TCP stack lock contention by easily generating high-intensity
workloads. It also proves surprisingly good at finding device driver bugs.
colliding upper case letters as the lower case letter with a '_' in
front.
MFC after: 3 days
Discussed with: ed
Spotted by: Michael David Crawford <mdc at prgmr.com>
o turn off a bunch of stuff that's unlikely to be used
o add flash support
o use mii instead of miibus to save space
o enable tdma support
o configure legacy usb as usb2 works only on 2348 w/ 64M configs
The function pow() in libmp(3) clashes with pow(3) in libm. We could
rename this single function, but we can just take the same approach as
the Solaris folks did, which is to prefix all function names with mp_.
libmp(3) isn't really popular nowadays. I suspect not a single
application in ports depends on it. There's still a chance, so I've
increased the SHLIB_MAJOR and __FreeBSD_version.
Reviewed by: deischen, rdivacky
It is only really necessary for open(2)'s third argument, which is optional and
obtained through stdarg(3). open(2)'s third argument is 32bit and we pass 64
bits. On little endian it works, because we take lower 32 bits, but on big
endian platforms we take upper 32 bits, so we end up with 0.
Reported by: Milan Čermák <Milan.Cermak@Sun.COM>
allocated in a fork(2)-inheritable way at the beginning or end of an
accept(2) system call. This test creates a test thread and blocks it
in accept(2), then forks a child process which tests to see if the
next available file descriptor is defined or not (EBADF vs EINVAL for
ftruncate(2)).
This detects a regression introduced during the network stack locking
work, in which a very narrow race during which fork(2) from one
thread during accept(2) in a second thread lead to an extra inherited
file descriptor turned into a very wide race ensuring that a
descriptor was leaked into the child even though it hadn't been
returned.
PR: kern/130348
- Print human readable time as a float with two digits of precision. Use
ns now as well since clock periods are well into the hundreds of
picoseconds now.
- Show the average duration in the stats frame. This is often more useful
than total duration.
about invalid timestamps. Nehalem CPUs seem to be synchronized but only
within a fraction of a microsecond.
- Make the Counter code more flexible to poor timestamps. In general we
now complain a lot but render as much as we can.
- Change the scaler behavior so it works better with very long and very
short traces. We now set the maximum scale such that it properly
displays the entire file by default and doesn't permit zooming out
beyond the file. This improves other awkward navigation behavior.
The interval is now set very small which can't be achieved by simply
dragging the mouse. Clicking to the left of or right of the scaler bar
will produce increments of a single, very small, interval now.
Sponsored by: Nokia
printing it to the terminal. Now only parse errors go to the terminal.
- Speedup drawing by raising and lowering tags only once everything has
been drawn. Surprisingly, it now takes a little longer to parse than
it does to draw.
- Parameterize the layout with X_ and Y_ defines that determine the sizes
of various things.
- Remove unnecessary tags.
optimized single pass function for each. This reduces the number of
tkinter calls required to the minimum.
- Add a right-click context menu for sources. Supported commands hide
the source, hide the whole group the source is in, and bring up a stat
window.
- Add a source stat frame that gives an event frequency table as well as
the total duration for each event type that has a duration. This can
be used to see, for example, the total time a thread spent running or
blocked by a wchan or lock.
quoth the README:
I have been running -current on my laptop since before FreeBSD 2.0 was
released and along the way developed this little trick to making the
task easier.
sysbuild.sh is a way to build a new FreeBSD system on a computer from
a specification, while leaving the current installation intact.
sysbuild.sh assume you have two partitions that can hold your rootfs
and can be booted, and roughly speaking, all it does is build a new
system into the one you don't use, from the one you do use.
A partition named /freebsd is assumed to be part of your layout, and
that is where the sources and ports will be found.
If you know how nanobsd works, you will find a lot of similarity.
displaying sources.
- Add functions to the main SchedGraph to facilitate source hiding. The
source is simply moved off screen and all other sources are moved to
compensate.
This no longer requires any custom classes or parsers to support new
event types.
- Add an optional command line argument for specifying the clock frequency
in ghz. This is useful for traces that do not include KTR_SCHED.
Sponsored by: Nokia
- Add support for sorting rows by clicking and dragging them to their new
position.
- Add support for configuring the cpu background colors.
- Improve the scaling so a better center is maintained as you zoom. This
is not perfect due to precision loss with floats used in the window
views.
- Add new colors and a random assignment for unknown event types. A table
is used for known event types. This is the only event specific
information.
The jot(1) regression tests directory contained two tests named `wx' and
`wX', which doesn't work on case insensitive filesystems. Rename `wX' to
`wX1'.
MFC after: 1 month
- Callwheels traced via KTR_CALLOUT. Each CPU is assigned a callwheel
source. The events on this source are the execution of individual callout
routines. Each routine shows up as a green rectangle while it is executed
and the event details include the function pointer and argument.
- Locks traced via KTR_LOCK. Currently, each lock name is assigned an event
source (since the existing KTR_LOCK traces only include lock names and
not pointers). This does mean that if multiple locks of the same name are
manipulated, the source line for that name may be confusing. However, for
many cases this can be useful. Locks are blue when they are held and
purple when contested. The contention support is a bit weak due to
limitations in the rw_rlock() and mtx_lock_spin() logging messages
currently. I also have not added support for contention on lockmgr,
sx, or rmlocks yet. What is there now can be profitably used to examine
activity on Giant however.
- Expand the width of the event source names column a bit to allow for some
of the longer names of these new source types.
(threads, CPU load counters, etc.). Each source is tagged with a group
and an order similar to the SYSINIT SI_SUB_* and SI_ORDER_*. After
the file is parsed, all the sources are then sorted. Currently, the only
affects of this are that the CPU loads are now sorted by CPU ID (so
CPU 0 is always first). However, this makes it easier to add new types
of event sources in the future and have them all clustered together
instead of intertwined with threads.
- Python lists perform insertions at the tail much faster than insertions
at the head. For a trace that had a lot of events for a single event
source, the constant insertions of new events to the head of the
per-source event list caused a noticable slow down. To compensate,
append new events to the end of the list during parsing and then
reverse the list prior to drawing.
- Somewhere in the tkinter internals the coordinates of a canvas are
stored in a signed 32-bit integer. As a result, if an the box for
an event spans 2^31, it would actually end up having a negative
X offset at one end. The result was a single box that covered the
entire event source. Kris worked around this for some traces by
bumping up the initial ticks/pixel ratio from 1 to 10. However, a
divisor of 10 can still be too small for large tracefiles (e.g.
with 4 million entries). Instead of hardcoding the initial scaling
ratio, calculate it from the time span of the trace file.
- Add support for using the mouse wheel to scroll the graph window
up and down.
o add net80211 support for a tdma vap that is built on top of the
existing adhoc-demo support
o add tdma scheduling of frame transmission to the ath driver; it's
conceivable other devices might be capable of this too in which case
they can make use of the 802.11 protocol additions etc.
o add minor bits to user tools that need to know: ifconfig to setup and
configure, new statistics in athstats, and new debug mask bits
While the architecture can support >2 slots in a TDMA BSS the current
design is intended (and tested) for only 2 slots.
Sponsored by: Intel
This bring huge amount of changes, I'll enumerate only user-visible changes:
- Delegated Administration
Allows regular users to perform ZFS operations, like file system
creation, snapshot creation, etc.
- L2ARC
Level 2 cache for ZFS - allows to use additional disks for cache.
Huge performance improvements mostly for random read of mostly
static content.
- slog
Allow to use additional disks for ZFS Intent Log to speed up
operations like fsync(2).
- vfs.zfs.super_owner
Allows regular users to perform privileged operations on files stored
on ZFS file systems owned by him. Very careful with this one.
- chflags(2)
Not all the flags are supported. This still needs work.
- ZFSBoot
Support to boot off of ZFS pool. Not finished, AFAIK.
Submitted by: dfr
- Snapshot properties
- New failure modes
Before if write requested failed, system paniced. Now one
can select from one of three failure modes:
- panic - panic on write error
- wait - wait for disk to reappear
- continue - serve read requests if possible, block write requests
- Refquota, refreservation properties
Just quota and reservation properties, but don't count space consumed
by children file systems, clones and snapshots.
- Sparse volumes
ZVOLs that don't reserve space in the pool.
- External attributes
Compatible with extattr(2).
- NFSv4-ACLs
Not sure about the status, might not be complete yet.
Submitted by: trasz
- Creation-time properties
- Regression tests for zpool(8) command.
Obtained from: OpenSolaris
"A function can be preceded by one or more '!' characters, in which
case the function shall be applied if the addresses do not select
the pattern space."
from one parent directory to another, in addition to the usual access checks
one also needs write access to the subdirectory being moved.
Approved by: rwatson (mentor), pjd
and server. This replaces the RPC implementation of the NFS client and
server with the newer RPC implementation originally developed
(actually ported from the userland sunrpc code) to support the NFS
Lock Manager. I have tested this code extensively and I believe it is
stable and that performance is at least equal to the legacy RPC
implementation.
The NFS code currently contains support for both the new RPC
implementation and the older legacy implementation inherited from the
original NFS codebase. The default is to use the new implementation -
add the NFS_LEGACYRPC option to fall back to the old code. When I
merge this support back to RELENG_7, I will probably change this so
that users have to 'opt in' to get the new code.
To use RPCSEC_GSS on either client or server, you must build a kernel
which includes the KGSSAPI option and the crypto device. On the
userland side, you must build at least a new libc, mountd, mount_nfs
and gssd. You must install new versions of /etc/rc.d/gssd and
/etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.
As long as gssd is running, you should be able to mount an NFS
filesystem from a server that requires RPCSEC_GSS authentication. The
mount itself can happen without any kerberos credentials but all
access to the filesystem will be denied unless the accessing user has
a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There
is currently no support for situations where the ticket file is in a
different place, such as when the user logged in via SSH and has
delegated credentials from that login. This restriction is also
present in Solaris and Linux. In theory, we could improve this in
future, possibly using Brooks Davis' implementation of variant
symlinks.
Supporting RPCSEC_GSS on a server is nearly as simple. You must create
service creds for the server in the form 'nfs/<fqdn>@<REALM>' and
install them in /etc/krb5.keytab. The standard heimdal utility ktutil
makes this fairly easy. After the service creds have been created, you
can add a '-sec=krb5' option to /etc/exports and restart both mountd
and nfsd.
The only other difference an administrator should notice is that nfsd
doesn't fork to create service threads any more. In normal operation,
there will be two nfsd processes, one in userland waiting for TCP
connections and one in the kernel handling requests. The latter
process will create as many kthreads as required - these should be
visible via 'top -H'. The code has some support for varying the number
of service threads according to load but initially at least, nfsd uses
a fixed number of threads according to the value supplied to its '-n'
option.
Sponsored by: Isilon Systems
MFC after: 1 month
it relies on non-portable flock(2) semantics. Not only is flock(2) not
portable, but on some OSes that do have it, it is implemented in terms
of fcntl(2) locks, which are per-process rather than per-descriptor.
will cause it to return 0, not EAGAIN.
Add UNIX domain socket support to udpzerobyte, which suggests this
regression test should be moved to the general sockets test area rather
than netinet.
possible to make NanoBSD output more quite or verbose. The default
output should remain mostly unchanged. [1]
- Add missing shift for -i.
- Clean up usage() so it's now (mostly) sorted alphabetically.
- Make command line argument handling more consistent in the code and
remove redundant semicolons.
Reviwed by: phk [1]
* Allow the image name to be renamed via NANO_IMGNAME.
* Propagate TARGET_ARCH into src top level make targets
explicitly to support cross-building.
* Increase the default size of NanoBSD media from 488MB to
584MB to accomodate a -CURRENT world.
Reviewed by: phk
control over the result of buildworld and installworld; this especially
helps packaging systems such as nanobsd
Reviewed by: various (posted to arch)
MFC after: 1 month
once it is lost, all data is gone.
Option '-B none' can by used to prevent backup. Option '-B path' can be
used to backup metadata to a different file than the default, which is
/var/backups/<prov>.eli.
The 'geli init' command also prints backup file location and gives short
procedure how to restore metadata.
The 'geli setkey' command now warns that even after passphrase change or keys
update there could be version of the master key encrypted with old
keys/passphrase in the backup file.
Add regression tests to verify that new functionality works as expected.
Update other regression tests so they don't create backup files.
Reviewed by: keramida, rink
Dedicated to: a friend who lost 400GB of his live by accidentally overwritting geli metadata
MFC after: 2 weeks
This fixes potential out-of-bound accesses when testing ciphers with block size
greater than 8 bytes (e.g. AES).
Submitted by: Bartlomiej Sieka tur ! semihalf dot com
Discussed with: pjd, sam
larger than 2GB to prevent an overflow [1].
Make case-insensitive comparison work for siliconsystems, soekris and
transcend devices.
PR: conf/126386 [1]
Submitted by: Mark A [1]
MFC after: 1 month
the first value (environ[0]) to NULL. This is in addition to the
current detection of environ being replaced, which includes being set to
NULL. Without this fix, the environment is not truly wiped, but appears
to be by getenv() until an *env() call is made to alter the enviroment.
This change is necessary to support those applications that use this
method for clearing environ such as Dovecot and Postfix. Applications
such as Sendmail and the base system's env replace environ (already
detected). While neither of these methods are defined by SUSv3, it is
best to support them due to historic reasons and in lieu of a clean,
defined method.
Add extra units tests for clearing environ using four different methods:
1. Set environ to NULL pointer.
2. Set environ[0] to NULL pointer.
3. Set environ to calloc()'d NULL-terminated array.
4. Set environ to static NULL-terminated array.
Noticed by: Timo Sirainen
MFC after: 3 days
the default ICMPv6 filter is pass all, test that we can set it to block
all and restore to pass all. No attempt is made to test that the
filtering works, just that we can get and set it.
is used to grab and hold some number of multicast addresses in order
to test what happens when an interface goes over the number of multicast
addresses it can filter in hardware.
I wrote these to test amd64 asm functions that used
maxss, maxsd, minss, and minsd, but it turns out that
those instructions don't handle NaNs and signed zero
in the same way as fmin() and fmax() are required to,
so we're stuck with the C versions for now.
The first test comes from OpenBSD, and the others are additions or
adaptations.
This is based on OpenBSD's
src/regress/lib/libc/sprintf/sprintf_test.c, v1.3.
I deliberately did not use v1.4 because it's bogus.
semaphores. Specifically, semaphores are now represented as new file
descriptor type that is set to close on exec. This removes the need for
all of the manual process reference counting (and fork, exec, and exit
event handlers) as the normal file descriptor operations handle all of
that for us nicely. It is also suggested as one possible implementation
in the spec and at least one other OS (OS X) uses this approach.
Some bugs that were fixed as a result include:
- References to a named semaphore whose name is removed still work after
the sem_unlink() operation. Prior to this patch, if a semaphore's name
was removed, valid handles from sem_open() would get EINVAL errors from
sem_getvalue(), sem_post(), etc. This fixes that.
- Unnamed semaphores created with sem_init() were not cleaned up when a
process exited or exec'd. They were only cleaned up if the process
did an explicit sem_destroy(). This could result in a leak of semaphore
objects that could never be cleaned up.
- On the other hand, if another process guessed the id (kernel pointer to
'struct ksem' of an unnamed semaphore (created via sem_init)) and had
write access to the semaphore based on UID/GID checks, then that other
process could manipulate the semaphore via sem_destroy(), sem_post(),
sem_wait(), etc.
- As part of the permission check (UID/GID), the umask of the proces
creating the semaphore was not honored. Thus if your umask denied group
read/write access but the explicit mode in the sem_init() call allowed
it, the semaphore would be readable/writable by other users in the
same group, for example. This includes access via the previous bug.
- If the module refused to unload because there were active semaphores,
then it might have deregistered one or more of the semaphore system
calls before it noticed that there was a problem. I'm not sure if
this actually happened as the order that modules are discovered by the
kernel linker depends on how the actual .ko file is linked. One can
make the order deterministic by using a single module with a mod_event
handler that explicitly registers syscalls (and deregisters during
unload after any checks). This also fixes a race where even if the
sem_module unloaded first it would have destroyed locks that the
syscalls might be trying to access if they are still executing when
they are unloaded.
XXX: By the way, deregistering system calls doesn't do any blocking
to drain any threads from the calls.
- Some minor fixes to errno values on error. For example, sem_init()
isn't documented to return ENFILE or EMFILE if we run out of semaphores
the way that sem_open() can. Instead, it should return ENOSPC in that
case.
Other changes:
- Kernel semaphores now use a hash table to manage the namespace of
named semaphores nearly in a similar fashion to the POSIX shared memory
object file descriptors. Kernel semaphores can now also have names
longer than 14 chars (up to MAXPATHLEN) and can include subdirectories
in their pathname.
- The UID/GID permission checks for access to a named semaphore are now
done via vaccess() rather than a home-rolled set of checks.
- Now that kernel semaphores have an associated file object, the various
MAC checks for POSIX semaphores accept both a file credential and an
active credential. There is also a new posixsem_check_stat() since it
is possible to fstat() a semaphore file descriptor.
- A small set of regression tests (using the ksem API directly) is present
in src/tools/regression/posixsem.
Reported by: kris (1)
Tested by: kris
Reviewed by: rwatson (lightly)
MFC after: 1 month
provides the correct semantics for flock(2) style locks which are used by the
lockf(1) command line tool and the pidfile(3) library. It also implements
recovery from server restarts and ensures that dirty cache blocks are written
to the server before obtaining locks (allowing multiple clients to use file
locking to safely share data).
Sponsored by: Isilon Systems
PR: 94256
MFC after: 2 weeks
- It is opt-out for now so as to give it maximum testing, but it may be
turned opt-in for stable branches depending on the consensus. You
can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
It is harmless to steal the knob as SSP symbols have been provided
by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
(sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
libc will be automatically downgraded to -fstack-protector because it
breaks rtld otherwise.
- This option is unavailable on ia64.
Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
fifos, as this is required by the Single UNIX Specification, although
not currently implemented on FreeBSD.
While here, fix a bug in the directory timestamp checking test by
sleeping after querying the starting timestamp, rather than before.
a. The BSD version will be built and installed unless
WITHOUT_BSD_CPIO is defined.
b. The GNU version will not be built or installed unless
WITH_GNU_CPIO is defined. If this is defined, the symlink
in /usr/bin will be to the GNU version whether the BSD
version is present or not.
When these changes are MFCed the defaults should be flipped.
2. Add a knob to disable the building of GNU grep. This will
make it easier for those that want to test the BSD version in
the ports.
Approved by: kientzle [1]
parts relied on the now removed NET_NEEDS_GIANT.
Most of I4B has been disconnected from the build
since July 2007 in HEAD/RELENG_7.
This is what was removed:
- configuration in /etc/isdn
- examples
- man pages
- kernel configuration
- sys/i4b (drivers, layers, include files)
- user space tools
- i4b support from ppp
- further documentation
Discussed with: rwatson, re
AIO calls.
This small program queues up a controllable number of concurrent AIO
read operations w/ controllable io size against a disk or regular file.
There are a few other things to add (notably optional write support!)
but it works well enough at the present time to stress the AIO code out
relatively harshly in the disk IO case.
fit in a signed char
o change default output to something more useful for sta mode
o futz w/ various field names and widths; need to do full pass over this stuff
post collection. This is too error prone and introduces uncertainty into
the timing. We'll simply have to require synchronized TSCs to run
schedgraph on MP.
Sponsored by: Nokia
