216574 Commits

Author SHA1 Message Date
Alexander Motin
769cbdb7a3 Do not retry on some security sense codes.
MFC after:	1 week
2016-10-05 00:45:58 +00:00
Kurt Lidl
d3de26c3d0 Make 502.pfdenied find blacklistd/* filter names dynamically
This change is needed to make the 520.pfdenied script find the new
blacklistd/* anchor points for reporting blocked traffic.

Reviewed by:	kp
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2016-10-04 23:12:35 +00:00
Kurt Lidl
30f7128157 Make blacklist-helper commands emit a message when successful
The blacklistd daemon expects to see a message on stdout, instead
of just relying on the exit value from any invoked programs.

Change the pf filtering to create multiple filters, attached under
a the "blacklist/*" anchor point.  This prevents the filtering for
each port's filtering rule from overwriting the previously installed
filtering rule.  Check for an existing filtering rule for each port,
so the installation of a given filtering rule only happens once.
Reinstalling the same rule resets the counters for the pf rule, and
we don't want that.

Reported by:	David Horn (dhorn2000 at gmail.com)
Reviewed by:	emaste
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D8081
2016-10-04 23:10:43 +00:00
Jung-uk Kim
c5b5d71ad3 MFV: r306687
Merge byacc 20160606.
2016-10-04 22:22:32 +00:00
Bryan Drewery
0617f64ec6 Correct some comments after r294299.
Sponsored by:	Dell EMC Isilon
2016-10-04 21:44:20 +00:00
Jung-uk Kim
710e7be2e2 Import byacc 20160606. 2016-10-04 20:54:49 +00:00
Jung-uk Kim
493deb390b Merge ACPICA 20160930. 2016-10-04 20:27:15 +00:00
Kristof Provost
813196a11a pf: remove fastroute tag
The tag fastroute came from ipf and was removed in OpenBSD in 2011. The code
allows to skip the in pfil hooks and completely removes the out pfil invoke,
albeit looking up a route that the IP stack will likely find on its own.
The code between IPv4 and IPv6 is also inconsistent and marked as "XXX"
for years.

Submitted by:	Franco Fichtner <franco@opnsense.org>
Differential Revision:	https://reviews.freebsd.org/D8058
2016-10-04 19:35:14 +00:00
Ed Maste
65eea7ede6 ANSIfy inflate.c
Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D8143
2016-10-04 17:57:30 +00:00
Konstantin Belousov
83c001d3c2 Re-apply r306516 (by cem):
Reduce the cost of TLB invalidation on x86 by using per-CPU completion flags

Reduce contention during TLB invalidation operations by using a per-CPU
completion flag, rather than a single atomically-updated variable.

On a Westmere system (2 sockets x 4 cores x 1 threads), dtrace measurements
show that smp_tlb_shootdown is about 50% faster with this patch; observations
with VTune show that the percentage of time spent in invlrng_single_page on an
interrupt (actually doing invalidation, rather than synchronization) increases
from 31% with the old mechanism to 71% with the new one.  (Running a basic file
server workload.)

Submitted by:	Anton Rang <rang at acm.org>
Reviewed by:	cem (earlier version)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D8041
2016-10-04 17:01:24 +00:00
Gleb Smirnoff
37d0ac15e6 Fix indentation.
CID:	1363671
2016-10-04 16:44:40 +00:00
Adrian Chadd
85ab1aeccf [geom_redboot] Extend geom_redboot to handle non-zero fis offset.
Submitted by:	Mori Hiroki <yamori813@yahoo.co.jp>
Differential Revision:	https://reviews.freebsd.org/D7237
2016-10-04 16:35:38 +00:00
Allan Jude
452bd5bf51 GELIBoot may attempt to read past the end of the disk
Usually there is some slack after the last partition due to 4k alignment
In the 10.3 EC2 images, there was not. EC2 seems to hang if you try to
read past the end of the disk in the loader, resulting in an unbootable
instance after upgrading to 11.0

PR:		213196
Reported by:	Peter Ankerstal <peter@pean.org>
Tested by:	cperciva
Reviewed by:	tsoome
MFC after:	3 days
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D8144
2016-10-04 16:33:03 +00:00
Adrian Chadd
f7948591dc Add AR531x port options.
Submitted by: Mori Hiroki <yamori813@yahoo.co.jp>
Differential Revision:	https://reviews.freebsd.org/D7237
2016-10-04 16:29:26 +00:00
Adrian Chadd
7c12b677f5 [ar531x] add initial port for the AR231x/531x series of SoCs.
These are older MIPS4kc parts from Atheros.  They typically ran at
sub-200MHz and have 11bg, 11a, or 11abg wifi MAC/PHYs integrated.

This port is the initial non-wifi pieces required to bring up the
chip.  I'll commit the redboot and other pieces later, and then
hopefully(!) wifi support will follow.

Submitted by:   Mori Hiroki <yamori813@yahoo.co.jp>
Differential Revision:  https://reviews.freebsd.org/D7237
2016-10-04 16:27:36 +00:00
Konstantin Belousov
5420f76b59 Style.
Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2016-10-04 15:23:03 +00:00
Mariusz Zaborski
059cc32342 libcapsicum: limit stderr
Don't limit stdout twice, instead limit stderr.

Pointed out by:	rpokala@
2016-10-04 13:33:43 +00:00
Andrew Turner
1834282de6 Split CPU_CORTEXA into CPU_CORTEXA8, for the Cortex-A8, and CPU_CORTEXA_MP,
for later Cortex-A CPUs that support the Multiprocessor Extensions. This
will be needed to support both in a single GENERIC kernel while still
being able to only build for a single SoC.

Reviewed by:	mmel
Relnotes:	yes
Sponsored by:	ABT Systems Ltd
Differential Revision:	https://reviews.freebsd.org/D8138
2016-10-04 12:25:44 +00:00
Andrew Turner
d029cb6152 Read the Multiprocessing Extensions bit from the Multiprocessor Affinity
register.

Sponsored by:	ABT Systems Ltd
X-Differential Revision:	https://reviews.freebsd.org/D8092
2016-10-04 12:01:08 +00:00
Martin Matuska
f3e9b21a7a MFV r306669:
Sync libarchive with vendor including security fixes.

Important vendor bugfixes (relevant to FreeBSD):
#747: Out of bounds read in mtree parser
#761: heap-based buffer overflow in read_Header (7-zip)
#784: Invalid file on bsdtar command line results in internal errors (1)

PR:		213092 (1)
MFC after:	1 week
2016-10-04 11:56:46 +00:00
Martin Matuska
adb01b286d Update vendor/libarchive to git 024be27d1b299c030e8841bed3002ee07ba9eedc
Important vendor bugfixes (relevant to FreeBSD):
#747: Out of bounds read in mtree parser
#761: heap-based buffer overflow in read_Header (7-zip)
#784: Invalid file on bsdtar command line results in internal errors (1)

PR:		213092 (1)
Obtained from:	https://github.com/libarchive/libarchive
2016-10-04 11:44:21 +00:00
Michal Meloun
fe8151a0e3 ARM: Add mising early clobber modifier in atomic_swap_32().
MFC after: 2 weeks
2016-10-04 09:59:37 +00:00
Michal Meloun
6542d1a4e7 ARM: Add atomic_swap_64(). It's need by linuxkpi and drm-next-4.7.
MFC after: 2 weeks
2016-10-04 09:51:54 +00:00
Michal Meloun
c7533311be TEGRA: Fix PCIe link timeout.
MFC after: 2 weeks
2016-10-04 09:14:48 +00:00
Andriy Gapon
9ba3abc30e zfs: fix a wrong assertion for extended attributes
For the extended attributes the order between z_teardown_lock and the
vnode lock is different.
The bug was triggered only with DIAGNOSTIC turned on.
This fix is developed in cooperation with avos.

PR:		213112
Reported by:	avos
Tested by:	avos
MFC after:	1 week
2016-10-04 08:09:25 +00:00
Jared McNeill
1ef15cafa0 Clear GT_CTRL_ENABLE to stop the timer.
Reviewed by:	andrew
2016-10-03 21:42:05 +00:00
Mariusz Zaborski
7a6e3cf83e libcapsicum: introduce Capsicum helpers
Capsicum helpers are a set of inline functions which goal is to reduce
duplicated patterns used to Capsicumize applications.

Reviewed by:	cem, AllanJude, bapt, ed, emaste
Differential Revision:	https://reviews.freebsd.org/D8013
2016-10-03 20:48:18 +00:00
Andrew Turner
c6b8d2a2a3 Use the cortex functions when booting on one of the Cortex-A ARMv8 CPUs.
This list is incomplete, however we don't have the ID values for the
missing Cortex-A32 or A35.

Submitted by:	loos (Cortex-A53)
Sponsored by:	ABT Systems Ltd
2016-10-03 20:05:33 +00:00
Luiz Otavio O Souza
430d5eb47d Enable the TX completion interrupt for the cpsw NIC to assure the free tx
descriptors are reclaimed as soon as possible.

Without this the free buffers are reclaimed only on watchdog runs or after
trying to enqueue more packets.

Sponsored by:	Rubicon Communications, LLC (Netgte)
2016-10-03 19:48:56 +00:00
Oleksandr Tymoshenko
82e4e00f18 Add Tegra TK1 DTBs to GENERIC kernel
Approved by:	andrew
2016-10-03 19:34:32 +00:00
Eric van Gyzen
35ef77a2ef Update arp(4) to document the net.link.ether.inet.garp_rexmit_count sysctl.
Submitted by:	David A. Bright <david.a.bright@dell.com>
Requested by:	markj
Reviewed by:	markj, badger
MFC after:	4 weeks
X-MFC with:	r306577
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D8136
2016-10-03 19:02:22 +00:00
Ed Schouten
1a466ddc79 Remove setkey(), encrypt(), des_setkey() and des_cipher().
The setkey() and encrypt() functions are part of XSI, not the POSIX base
definitions. There is no strict requirement for us to provide these,
especially if we're only going to keep these around as undocumented
stubs. The same holds for des_setkey() and des_cipher().

Instead of providing functions that only generate warnings when linking,
simply disallow linking against them. The impact of this is relatively
low. It only causes two leaf ports to break. I'll see what I can do to
help out to get those fixed.

PR:		211626
2016-10-03 18:20:58 +00:00
Andrew Turner
905339874b Add the Cortex-A{53,57,72} ID register values. These can all run 32-bit
code so could run a 32-bit kernel.

Sponsored by:	ABT Systems Ltd
2016-10-03 18:00:10 +00:00
Ed Maste
9ce3c6b09a Retire WITHOUT_ELFCOPY_AS_OBJCOPY option
In FreeBSD 11 ELF Tool Chain's elfcopy is installed as objcopy by
default, with the option to switch back to GNU objcopy by setting
WITHOUT_ELFCOPY_AS_OBJCOPY in make.conf.

We plan to remove the outdated in-tree binutils in FreeBSD 12, so
remove the temporary transition aid.

Reviewed by:	brooks, imp
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7337
2016-10-03 17:49:26 +00:00
Ed Maste
b31f85961d Don't build libdialog if WITHOUT_DIALOG is set
X-MFC-With:	r306375
2016-10-03 17:34:50 +00:00
Oleksandr Tymoshenko
5163e77fad const-ify struct evdev_methods
Submitted by:	Vladimir Kondratiev <wulf@cicgroup.ru>
Suggested by:	hselasky
2016-10-03 17:20:34 +00:00
Andrew Turner
18f555023a Remove the old Allwinner std.* files, these are not part of the common
Allwinner kernel configs.

Sponsored by:	ABT Systems Ltd
2016-10-03 16:47:46 +00:00
Andrew Turner
0e484d95ca Remove unused functions on armv6. Some of the cache handling code is still
used in the elf trampoline so add a macro to handle this.

Sponsored by:	ABT Systems Ltd
2016-10-03 16:10:38 +00:00
Andrew Turner
610d93d80a Remove the parts of cpu_functions from armv6 that are unused on that
architecture.

Sponsored by:	ABT Systems Ltd
2016-10-03 14:43:57 +00:00
Andrew Turner
d15a8db5ad Only define the CF_* macros on ARMv4/v5. They are unused on armv6.
Sponsored by:	ABT Systems Ltd
2016-10-03 14:26:55 +00:00
Andrew Turner
f4b146b989 Split the compiler command line for building the arm elf trampoline code
so common parts of the command are on separate lines.

Sponsored by:	ABT Systems Ltd
2016-10-03 14:18:13 +00:00
Toomas Soome
ef97c45728 Fix remaining bugs in libstancd/cd9660.c reported by Bruce Evans.
Fixed text in comments.

Reported by:	Bruce Evans <brde@optusnet.com.au>
Reviewed by:	allanjude
Approved by:	allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D8119
2016-10-03 14:07:15 +00:00
Andrew Gallatin
edb2994a62 Conditionally move initial vfs bio alloc above 4G
On machines with just the wrong amount of physical memory (enough to
have a lot of bufs, but not enough to use VM_FREELIST_DMA32) it is
possible for 32-bit address limited devices to have little to no
memory left when attaching, due to potentially large vfs bio configs
consuming all memory below 4GB not protected by VM_FREELIST_ISADMA.
This causes the 32-bit devices to allocate from VM_FREELIST_ISADMA,
leaving that freelist emtpy when ISA devices need DMAable memory.

Rather than decrease VM_DMA32_NPAGES_THRESHOLD, use the time honored
technique of putting initially allocated kernel data structs
at the end (or at least not the beginning) of memory.

Since this allocation is done at boot and is wired, is not freed,
so the system is low on 32-bit (and ISA) dma'ble memory forever.
So it is a good candidate to move above 4GB.

While here, remove an unneeded round_page() from kmem_malloc's size
argument as suggested by alc.  The first thing kmem_malloc() does
is a round_page(size), so there is no need to do it before the call.

Reviewed by: alc
Sponsored by: Netflix
2016-10-03 13:23:43 +00:00
Ed Maste
5c1ea1fcd0 libc arc4_stir: use only kern.arandom sysctl
The sysctl cannot fail. If it does fail on some FreeBSD derivative or
after some future change, just abort() so that the problem will be found
and fixed.

It's preferable to provide an arc4random() function that cannot fail and
cannot return poor quality random data. While abort() is not normally
suitable for a library, it makes sense here.

Reviewed by:	ed, jonathan, markm
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D8077
2016-10-03 13:12:44 +00:00
Hans Petter Selasky
6a3536aaee Change from passive to active english. Correctly specify that the task
is being drained and not the queue.

Submitted by:	wblock @
MFC after:	3 days
2016-10-03 12:48:55 +00:00
Andrew Turner
037a0903ee Use C99 designated initializers to create the armv6 cpu_functions structs.
This will help with a later cleanup of what functions we implement.

Sponsored by:	ABT Systems Ltd
2016-10-03 11:57:10 +00:00
Marcel Moolenaar
4ac1e8d30f Replace OFF_MAX with INT64_MAX. The former is defined on Linux. 2016-10-03 04:00:30 +00:00
Marcel Moolenaar
6b1235713e Prefer <stdint.h> over <sys/types.h>. While here remove redundant
inclusion of <sys/queue.h>.

Move the inclusion of the disk partitioning headers out of order
and inbetween standard headers and local header. They will change
in a subsequent commit.
2016-10-03 02:37:28 +00:00
Marcel Moolenaar
1080fb197b Replace STAILQ with TAILQ. TAILQs are portable enough that they can
be used on both macOS and Linux. STAILQs are not. In particular,
STAILQ_LAST does not next on Linux. Since neither STAILQ_FOREACH_SAFE
nor TAILQ_FOREACH_SAFE exist on Linux, replace its use with a regular
TAILQ_FOREACH. The _SAFE variant was only used for having the next
pointer in a local variable.
2016-10-03 01:46:47 +00:00
Oleksandr Tymoshenko
2abb9b42a5 Add rpi_ft5406 module and add it to extra modules in Raspberry Pi configs 2016-10-03 01:08:34 +00:00