Commit Graph

254982 Commits

Author SHA1 Message Date
gjb
166f8f4c6d Fix the distribution path for -ALPHA builds, which are under
the snapshots directory, not releases.

Reported by:	David Marec david.marec _at_ davenulle _dot_ org
Approved by:	re (rgrimes)
Sponsored by:	The FreeBSD Foundation
2018-10-08 19:48:58 +00:00
jhb
7319ac8127 Add support for relocations in RISC-V kernel modules to kldxref.
Reviewed by:	br, markj
Approved by:	re (gjb)
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D17415
2018-10-08 19:15:58 +00:00
kib
d5fe04e8d7 Disallow zero day of month from strptime("%d").
It is required by POSIX, specified in our man page, and followed by
Linux.

PR:	232072
Reported by:	miguel_tete17@hotmail.com
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
2018-10-08 18:45:40 +00:00
mav
1bf3ea6b7d Fix r336951 mismerge -- use of uninitialized variable.
Reported by:	tsoome
Approved by:	re (gjb)
MFC after:	3 days
2018-10-08 15:19:03 +00:00
hselasky
13a9a83f85 Add missing steering rules for virtual function, VF, in mlx4en(4) driver.
When acting as a VF it is required to add steering rules for all unicast
addresses. Even if promiscious mode is selected. Else incoming data packets
will be dropped.

MFC after:		3 days
Approved by:		re (gjb)
Sponsored by:		Mellanox Technologies
2018-10-08 14:52:21 +00:00
vangyzen
c0b412ce93 em/igb: Do not print link state messages
These messages are totally redundant with the iflib messages.
They're also not very useful, since they don't include the
interface name.

Discussed with:	shurd
Approved by:	re (rgrimes)
Sponsored by:	Dell EMC Isilon
2018-10-08 01:28:46 +00:00
allanjude
0bdd1ef9bb Teach truss how to display shm_open(2), shm_unlink(2)
Submitted by:	Thomas Munro <munro@ip9.org>
Reviewed by:	tuexen, kib
Approved by:	re (rgrimes)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D17457
2018-10-07 19:50:44 +00:00
tuexen
9d144c6451 Address the warning regarding duplicate option 'GEOM_PART_GPT' when
configuring kernels for i386, amd64, and arm64.
The 'GEOM_PART_GPT' option was added to the DEFAULTS configuration
in r337967.

Approved by:		re (kib@)
Reviewed by:		ler@
Differential Revision:	https://reviews.freebsd.org/D17458
Sponsored by:		Netflix, Inc.
2018-10-07 15:54:13 +00:00
kevans
6f7e20e2a7 lualoader: Honor boot_* variables at lua init
For non-UEFI systems, boot.config(5) may have -s or -v specified for
single-user and verbose boot respectively. These were not being properly
taken into account and reflected in the "Boot Options" submenu. When we
initialize core.lua, we'll record boot_single and boot_verbose as we do ACPI
and consider these the system defaults.

Reported by:	David Wolfskill <david@catwhisker.org>
Approved by:	re (kib)
2018-10-07 15:28:50 +00:00
tuexen
d78994fa55 Avoid truncating unrecognised parameters when reporting them.
This resulted in sending malformed packets.

Approved by:		re (kib@)
MFC after:		1 week
2018-10-07 15:13:47 +00:00
tuexen
b898ff0bb1 Enable TCP Fast Open support for PPC platforms.
Reviewed by:		kbowling@, andreast@
Approved by:		re (kib@)
Differential Revision:	https://reviews.freebsd.org/D17407
2018-10-07 12:56:05 +00:00
tuexen
31b6fdc2c2 Ensure that the ips_localout counter is incremented for
locally generated SCTP packets sent over IPv4. This make
the behaviour consistent with IPv6.

Reviewed by:		ae@, bz@, jtl@
Approved by:		re (kib@)
MFC after:		1 week
Differential Revision:	https://reviews.freebsd.org/D17406
2018-10-07 11:26:15 +00:00
kevans
d2a92930a7 lualoader: Create a module blacklist, add DRM modules to it
This is a step in the process of easing migration into the new world order
of DRM drivers. Strongly encourage users towards loading DRM modules via
rc.conf(5) instead of loader.conf(5) by failing the load from loader(8).
Users so inclined may wipe out the blacklist via module_blacklist="" in
loader.conf(5), and it is expected that these modules will eventually be
removed from the blacklist. They may still be loaded as dependencies of
other modules or explicitly via the loader prompt, but this should not be a
major problem.

Approved by:	re (rgrimes)
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D16914
2018-10-07 01:53:43 +00:00
emaste
df69fc9823 sshd: address capsicum issues
* Add a wrapper to proxy login_getpwclass(3) as it is not allowed in
  capability mode.
* Cache timezone data via caph_cache_tzdata() as we cannot access the
  timezone file.
* Reverse resolve hostname before entering capability mode.

PR:		231172
Submitted by:	naito.yuichiro@gmail.com
Reviewed by:	cem, des
Approved by:	re (rgrimes)
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D17128
2018-10-06 21:32:55 +00:00
jhibbits
1a3c051aca powerpc/pseries: EOI interrupts in XICS by setting lowest priority
Discussing with Benjamin Herrenschmidt, OPAL_INT_GET_XIRR masks the
returned priority, so must be resumed before more interrupts can be
handled at this priority.  Since there are only two priorities used in
FreeBSD, we know that the previous priority in an EOI will always be
0xff (lowest priority).

Reviewed by:	nwhitehorn
Approved by:	re(rgrimes)
Differential Revision: https://reviews.freebsd.org/D17361
2018-10-06 18:51:49 +00:00
trasz
886d6e92be Remove BUGS section from nscd.conf(5) man page. This was missed in r339194.
Approved by:	re (rgrimes)
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-10-06 17:40:14 +00:00
emaste
3af09b53ad openssh: cherry-pick OpenSSL 1.1.1 compatibility
Compatibility with existing OpenSSL versions is maintained.

Upstream commits:
482d23bcac upstream: hold our collective noses and use the openssl-1.1.x
48f54b9d12 adapt -portable to OpenSSL 1.1x API
86e0a9f3d2 upstream: use only openssl-1.1.x API here too
a3fd8074e2 upstream: missed a bit of openssl-1.0.x API in this unittest
cce8cbe0ed Fix openssl-1.1 fallout for --without-openssl.

Trivial conflicts in sshkey.c and test_sshkey.c were resolved.

Connect libressl-api-compat.c to the build, and regenerate config.h

Reviewed by:	des
Approved by:	re (rgrimes)
MFC after:	2 seeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17444
2018-10-06 14:38:34 +00:00
jhibbits
9759061b7c powerpc64/powernv: Don't mask MSIs in OPAL
Summary:
Discussing with Benjamin Herrenschmidt, MSIs, and edge-triggered
interrupts in general, must not be masked in XICS and XIVE, else
subsequent interrupts may be ignored.

Testing locally on my Talos II (single CPU, 18-core POWER9), NVMe now
works with MSI, improving read throughput by ~70% (900MB/s -> 1.67GB/s,
with 64MB block size) over INTx interrupts, and snd_hda(4) now will
actually play music with MSI.  Previously, snd_hda(4) would not receive
interrupts, timing out, and declaring the channels dead.

This has also been tested by Kevin Bowling, and others, with great
success.  Kevin reported NVMe unusable on his Talos II prior to this
patch.

Reviewed by:	nwhitehorn, kbowling
Approved by:	re(rgrimes)
Differential Revision: https://reviews.freebsd.org/D17356
2018-10-06 03:20:26 +00:00
jamie
3755eafea0 Fix the test prohibiting jails from sharing IP addresses.
It's not supposed to be legal for two jails to contain the same IP address,
unless both jails contain only that one address.  This is the behavior
documented in jail(8), and is there to prevent confusion when multiple
jails are listening on IADDR_ANY.

VIMAGE jails (now the default for GENERIC kernels) test this correctly,
but non-VIMAGE jails have been performing an incomplete test when nested
jails are used.

Approved by:	re@ (kib@)
MFC after:	5 days
2018-10-06 02:10:32 +00:00
dbaio
bdd6767f98 Fix information about $firewall_myservices
After r273201 it is supported "/{udp,tcp,proto}" suffix into
$firewall_myservices, and in the rc.conf the information is outdated.

Reviewed by:	bcr, rgrimes
Approved by:	re (gjb), doc (bcr), src (rgrimes)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D17338
2018-10-05 20:35:43 +00:00
shurd
b4cf133e22 Fix igb corrupting checksums with BPF and VLAN
When using a vlan with igb and the vlanhwcsum option, any mbufs which
already had the TCP, UDP, or SCTP checksum calculated and therefore don't
have the CSUM_[IP|IP6]_[TCP|UDP|SCTP] bits set in the csum_flags field would
have the L4 checksum corrupted by the hardware.

This was caused by the driver setting E1000_TXD_POPTS_TXSM any time a
checksum bit was set OR a vlan tag was present.

The patched driver only sets E1000_TXD_POPTS_TXSM when an offload is
requested.

PR:		231416
Reported by:	pi
Approved by:	re (gjb)
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D17404
2018-10-05 20:16:20 +00:00
mjg
d769512cfe amd64: import updated kernel memset to libc
See r339205 for details.

An unused ERMS support is retained in the macro. It will be activated
after ifunc support lands.

Reviewed by:    kib
Approved by:    re (gjb)
Sponsored by:   The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17405
2018-10-05 19:27:42 +00:00
mjg
de8f0ce648 amd64: make memset less slow with mov
rep stos has a high startup time even on modern microarchitectures like
Skylake. Intel optimization manuals discuss how for small sizes it is
beneficial to go for streaming stores. Since those cannot be used without
extra penalty in the kernel I investigated performance impact of just
regular movs.

The patch below implements a very simple scheme: a 32-byte loop followed
by filling in the remainder of at most 31 bytes. It has a 256 breaking
point on which it falls back to rep stos. It provides a significant win
over the current primitive on several machines I tested (both Intel and
AMD). A 64-byte loop did not provide any benefit even for multiple of 64
sizes.

See the review for benchmark data.

Reviewed by:	kib
Approved by:	re (gjb)
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17398
2018-10-05 19:25:09 +00:00
kevans
95afcc1f4d lualoader: Don't draw loader menu with autoboot_delay=-1
This was mostly a cosmetic issue. autoboot_delay=-1 is documented to bypass
the loader menu and immediately execute the boot command, but lualoader
would draw the menu and immediately execute the boot command. No interaction
was possible with the menu.

The fix lifts autoboot_delay processing out of menu.autoboot, which now
takes a delay and does nothing if no delay is specified. This lines up with
my expectations of menu.autoboot's usage from a third party, which may
want more control over the process than the default behavior.

PR:		231610
Approved by:	re (gjb)
2018-10-05 17:07:10 +00:00
lidl
1ca17ad54b Document signal handling in blacklistd(8).
Reviewed by:	bcr@, 0mp@
Approved by:	re (gjb@)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D17423
2018-10-05 16:52:21 +00:00
mav
dd429b1c32 Add sysctls for dbuf metadata cache variables added in r336959.
Approved by:	re (gjb)
MFC after:	1 week
2018-10-05 16:05:59 +00:00
thj
558062352d Convert UDP length to host byte order
When getting the number of bytes to checksum make sure to convert the UDP
length to host byte order when the entire header is not in the first mbuf.

Reviewed by: jtl, tuexen, ae
Approved by: re (gjb), jtl (mentor)
Differential Revision:  https://reviews.freebsd.org/D17357
2018-10-05 12:51:30 +00:00
trasz
e6e0207b9b Remove the BUGS section of nscd(8) man page. According to bushman@'s
reponse quoted in PR, he no longer maintains it.

PR:		210590
Approved by:	re (kib)
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-10-05 12:08:32 +00:00
0mp
8f45b071b5 bsdinstall(8): Fix a typo.
Reported by:	Jose Luis Duran
Reviewed by:	bcr
Approved by:	re (gjb), krion (mentor, implicit), mat (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D17409
2018-10-05 08:17:29 +00:00
0mp
5c156eb4b5 MODULE_PNP_INFO(9): Fix a grammar mistake.
Reported by:	ak
Reviewed by:	imp, Yuri Pankov <yuripv@yuripv.net>
Approved by:	re (gjb), krion (mentor, implicit), mat (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D17403
2018-10-05 08:00:45 +00:00
mmacy
e651a0b9c0 hwpmc: Refactor sample ring buffer handling to fix races
Refactor sample ring buffer ring handling to make it more robust to
long running callchain collection handling

r338112 introduced a (now fixed) regression that exposed a number of race
conditions within the management of the sample buffers. This
simplifies the handling and moves the decision to overwrite a
callchain sample that has taken too long out of the NMI in to the
hardlock handler. With this change the problem no longer shows up as a
ring corruption but as the code spending all of its time in callchain
collection.

- Makes the producer / consumer index incrementing monotonic, making it
  easier (for me at least) to reason about.
- Moves the decision to overwrite a sample from NMI context to interrupt
  context where we can enforce serialization.
- Puts a time limit on waiting to collect a user callchain - putting a
  bound on head-of-line blocking causing samples to be dropped
- Removes the flush routine which was previously needed to purge
  dangling references to the pmc from the sample buffers but now is only
  a source of a race condition on unload.

Previously one could lock up or crash HEAD by running:
pmcstat -S inst_retired.any_p -T and then hitting ^C

After this change it is no longer possible.

PR:	231793
Reviewed by:	markj@
Approved by:	re (gjb@)
Differential Revision:	https://reviews.freebsd.org/D17011
2018-10-05 05:55:56 +00:00
mmacy
9a1ff096d9 eliminate locking surrounding ui_vmsize and swap reserve by using atomics
Change swap_reserve and swap_total to be in units of pages so that
swap reservations can be done using only atomics instead of using a single
global mutex for swap_reserve and a single mutex for all processes running
under the same uid for uid accounting.

Results in mmap speed up and a 70% increase in brk calls / second.

Reviewed by:	alc@, markj@, kib@
Approved by:	re (delphij@)
Differential Revision:	https://reviews.freebsd.org/D16273
2018-10-05 05:50:56 +00:00
brooks
eb4c557ad1 Revert r339174: Move 32-bit compat support for FIODGNAME to the right place.
A case was missed in this commit which breaks sshing into a 32-bit sshd
on a 64-bit system.

Approved by:	re (gjb)
2018-10-04 23:55:03 +00:00
rstone
05d785dcc2 Hold a write lock across udp_notify()
With the new route cache feature udp_notify() will modify the inp when it
needs to invalidate the route cache.  Ensure that we hold a write lock on
the inp before calling the function to ensure that multiple threads don't
race while trying to invalidate the cache (which previously lead to a page
fault).

Differential Revision: https://reviews.freebsd.org/D17246
Reviewed by: sbruno, bz, karels
Sponsored by: Dell EMC Isilon
Approved by:	re (gjb)
2018-10-04 22:03:58 +00:00
brooks
8ccec35d90 Reduce NL_ARGMAX to 4096 to match Linux.
NL_ARGMAX is the maximum number of positional arguments supported by
printf(3). Prior to r308145 it was declared as 99 and not enforced.
r308145 added enforcement and increased the value to 64k.

Unfortunately, development versions of PostgreSQL used the system
definition to allocate and zero an NL_ARGMAX * 4 sized array on the
stack of its snprintf implementation with measurable performance
impacts. This has been fixed in new PostgreSQL versions, but it is
possible that other programs suffer from this problem.

A value of 4096 puts us on par with Linux and is certainly large enough
for any reasonable program.

Reviewed by:	mjg
Reported by:	mjg
Approved by:	re (gjb)
Differential revision:	https://reviews.freebsd.org/D17387
Differential revision:	https://reviews.freebsd.org/D8286
2018-10-04 21:55:58 +00:00
mjg
b99621727b amd64: hide non-erms jump label under non-erms copyin/copyout
This change is a no-op in terms of semantics, but has a side effect
of removing a perfectly useless nop sled for CPUs with ERMS.

Approved by:	re (gjb)
Sponsored by:   The FreeBSD Foundation
2018-10-04 20:01:48 +00:00
gonzo
f60e955b61 [ig4] style(9) clean-up
Submitted by:	Rajesh Kumar <rajfbsd@gmail.com>
Approved by:	re (gjb, kib)
2018-10-04 19:54:47 +00:00
emaste
b4764e4a0e crt: switch to standard note type definitions from elf_common.h
This makes it easier to grep the source tree for these notes, and
ensures that they will remain in sync.

Reviewed by:	kib
Approved by:	re (gjb)
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17408
2018-10-04 17:35:32 +00:00
0mp
911e0929e5 bsdinstall(8): Document ZFS installation scripting.
- Extend the bsdinstall(8) man page with ZFS installation scripting
  details. [1]
- Extend the bsdinstall(8) man page with the description of all the ZFS
  variables involved in a scripted installation of ZFS-based systems. [1]
- Extend the SCRIPTING section with an example for a ZFS-based scripted
  installation. [1]
- Create a new section explaining how ZFS datasets must be written into
  a variable to get them set on the final system. [1]

While here:
- Add Roberto to the copyrights for recognition as changes to the manual
  page are huge.
- Use "Dq" for default values.
- Use sysrc(8) instead of echo in examples.

Submitted by:	Roberto Fernandez Cueto <roberfern@gmail.com> [1]
Reviewed by:	dteske
Approved by:	re (gjb), krion (mentor, implicit), mat (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D14169
2018-10-04 09:28:40 +00:00
pjd
da8348df52 Remove invalid comments and correct some typos.
Approved by:	re (kib)
2018-10-04 05:57:27 +00:00
pjd
dd4a41d654 When the adist_free list is empty and we lose connection to the receiver we
move all elements from the adist_send and adist_recv lists back onto the
adist_free list, but we don't wake consumers waitings for the adist_free list
to become non-empty. This can lead to the sender process stopping audit trail
files distribution and waiting forever.

Fix the problem by adding the missing wakeup.

While here slow down spinning on CPU in case of a short race in
sender_disconnect() and add an explaination when it can occur.

PR:		201953
Reported by:	peter
Approved by:	re (kib)
2018-10-04 05:54:57 +00:00
pjd
55f081d363 When we look for a new trail file there might be a race between find trail
file name and opening it. This race was not properly handled, because we were
copying new name before checking for openat(2) error and when we were trying
again we were starting with the next trail file. This could result in skipping
distribution of such a trail file.

Fix this problem by checking for ENOENT first (only for .not_terminated files)
and then updating (or not) tr_filename before restarting the search.

PR:		200139
Reported by:	peter
Approved by:	re (kib)
2018-10-04 05:48:09 +00:00
gjb
a373d8a0d5 Fix the hardware.{txt,html} build in the release/Makefile 'reldoc'
target.

The doc/share/mk/doc.commands.mk sets SVN to /usr/local/bin/svn
by default, which is not necessarily installed by the documentation
project textproc/docproj port.

Ensure SVN can be evaluated properly to include the hardware pages
by iterating through /usr/local/bin and /usr/bin and looking for
both svn and svnlite binaries, and pass the SVN variable explicitly
through env(1) in the reldoc target to avoid failures if it does not
exist.

Approved by:	re (rgrimes)
Sponsored by:	The FreeBSD Foundation
2018-10-04 01:46:56 +00:00
brooks
e62dcc082e Move 32-bit compat support for FIODGNAME to the right place.
ioctl(2) commands only have meaning in the context of a file descriptor
so translating them in the syscall layer is incorrect.

The new handler users an accessor to retrieve/construct a pointer from
the last member of the passed structure and relies on type punning to
access the other member which requires no translation.

Reviewed by:	kib
Approved by:	re (rgrimes, gjb)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Review:	https://reviews.freebsd.org/D17388
2018-10-03 20:39:48 +00:00
andreast
af02cb62dc Set the default loader for powerpc64 back to to forth too.
The commit from r338893 covered only the powerpc build.

Approved by:	re (kib)
2018-10-03 19:09:09 +00:00
glebius
968d142094 In PR 227259, a user is reporting that they have code which is using
shutdown() to wakeup another thread blocked on a stream listen socket.
This code is failing, while it used to work on FreeBSD 10 and still
works on Linux.

It seems reasonable to add another exception to support something users are
actually doing, which used to work on FreeBSD 10, and still works on Linux.
And, it seems like it should be acceptable to POSIX, as we still return
ENOTCONN.

This patch is different to what had been committed to stable/11, since
code around listening sockets is different. Patch in D15019 is written
by jtl@, slightly modified by me.

PR:		227259
Obtained from:	jtl
Approved by:	re (kib)
Differential Revision:  D15019
2018-10-03 17:40:04 +00:00
emaste
6a7a6139a1 openssh: cherry-pick OpenSSL 1.1.1 compatibility
Upstream commits:
482d23bcac upstream: hold our collective noses and use the openssl-1.1.x
48f54b9d12 adapt -portable to OpenSSL 1.1x API
86e0a9f3d2 upstream: use only openssl-1.1.x API here too
a3fd8074e2 upstream: missed a bit of openssl-1.0.x API in this unittest
cce8cbe0ed Fix openssl-1.1 fallout for --without-openssl.

Trivial conflicts in sshkey.c and test_sshkey.c were resolved.

Discussed with:	des
2018-10-03 16:11:13 +00:00
markj
9dd86cea33 Fix an inverted test in ucode_load_ap().
This caused microcode to be updated only on the BSP if hyperthreading
was disabled, typically resulting in a hang or reset.

Approved by:	re (kib)
Sponsored by:	The FreeBSD Foundation
2018-10-03 14:20:43 +00:00
tuexen
a16e14a2bb Use strlcpy() instead of strncpy().
Approved by:            re (kib@)
CID:			1395980, 1395981
X-MFC with:		r339012
MFC after:              1 week
2018-10-03 07:35:16 +00:00
brooks
3a94dca87f Move 32-bit compat support for CDIOREADTOCENTRYS to the right place.
ioctl(2) commands only have meaning in the context of a file descriptor
so translating them in the syscall layer is incorrect.

The new handler users an accessor to retrieve/construct a pointer from
the last member of the passed structure and relies on type punning to
access the other members which require no translation.

Reviewed by:	kib (prior version), jhb
Approved by:	re (rgrimes)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Review:	https://reviews.freebsd.org/D17378
2018-10-02 23:23:56 +00:00