241776 Commits

Author SHA1 Message Date
hselasky
31d94fe0e7 Increase the allowed maximum number of audio channels from 31 to 127
in the PCM feeder mixer. Without this change a value of 32 channels is
treated like zero, due to using a mask of 0x1f, causing a kernel
assert when trying to playback bitperfect 32-channel audio. Also
update the AWK script which is generating the division tables to
handle more than 18 channels. This commit complements r282650.

MFC after:		3 days
2017-05-24 21:42:48 +00:00
avg
58941b0245 MFC r316908: 7541 zpool import/tryimport ioctl returns ENOMEM because provided buffer is too small for config
illumos/illumos-gate@8b65a70b76
8b65a70b76

https://www.illumos.org/issues/7541
  When calling zpool import, zpool does a few ioctls to ZFS.
  zpool allocates a buffer in userland and passes it to the kernel so that ZFS
  can copy info into it. ZFS will use it to put the nvlist that describes the
  pool configuration.
  If the allocated buffer is too small, ZFS will return ENOMEM and the call will
  have to be redone. This wastes CPU time and slows down the import process. This
  happens very often for the ZFS_IOC_POOL_TRYIMPORT call.

Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Dan Kimmel <dan.kimmel@delphix.com>
Approved by: Dan McDonald <danmcd@omniti.com>
Author: Pavel Zakharov <pavel.zakharov@delphix.com>
MFC after:	2 weeks
2017-05-24 21:32:35 +00:00
avg
5eb7cd055b MFC r316907: 1300 filename normalization doesn't work for removes
illumos/illumos-gate@1c17160ac5
1c17160ac5

https://www.illumos.org/issues/1300

FreeBSD note: recent FreeBSD was not affected by the issue fixed as the
name cache is completely bypassed when normalization is enabled.
The change is imported for the sake of ZAP infrastructure modifications.

Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
Reviewed by: Pavel Zakharov <pavel.zakharov@delphix.com>
Reviewed by: Matt Ahrens <mahrens@delphix.com>
Approved by: Dan McDonald <danmcd@omniti.com>
Author: Kevin Crowe <kevin.crowe@nexenta.com>

MFC after:	3 weeks
2017-05-24 21:29:31 +00:00
trasz
8f0e46db35 Don't end up manpage titles with a full stop.
MFC after:	2 weeks
2017-05-24 21:02:53 +00:00
avg
04f9183a0c MFC r316904: 7729 libzfs_core`lzc_rollback() leaks result nvl
illumos/illumos-gate@ac428481f9
ac428481f9

https://www.illumos.org/issues/7729
  libzfs_core`lzc_rollback() doesn't free the result nvl after lzc_ioctl() call.

Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Prakash Surya <prakash.surya@delphix.com>
Approved by: Dan McDonald <danmcd@omniti.com>
Author: Yuri Pankov <yuri.pankov@nexenta.com>

MFC after:	2 weeks
2017-05-24 20:53:01 +00:00
avg
980be3f7ab MFV r316860: 7545 zdb should disable reference tracking
illumos/illumos-gate@4dd77f9e38
4dd77f9e38

https://www.illumos.org/issues/7545
  When evicting from the ARC, we manipulate some refcount_t's, e.g. arcs_size.
  When using zdb to examine a large amount of data (e.g. zdb -bb on a large pool
  with small blocks), the ARC may have a large number of entries. If reference
  tracking is enabled, there will be ~1 reference for each block in the ARC. When
  evicting, we decrement the refcount and have to search all the references to
  find the one that we are removing, which is very slow.
  Since zdb is typically used to find problems with the on-disk format, and not
  with the code it is running, we should disable reference tracking in zdb.

Reviewed by: Dan Kimmel <dan.kimmel@delphix.com>
Reviewed by: Steve Gonczi <steve.gonczi@delphix.com>
Reviewed by: George Wilson <george.wilson@delphix.com>
Approved by: Robert Mustacchi <rm@joyent.com>
Author: Matthew Ahrens <mahrens@delphix.com>

MFC after:	2 weeks
2017-05-24 20:41:26 +00:00
jhb
330705f598 Remove constants and comments for unimplemented entries in the default LDT.
These entries will never be added to the default LDT in the future.
2017-05-24 18:54:21 +00:00
gjb
6970151cf6 Update the "first appeared in" version in several manual pages.
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2017-05-24 17:50:34 +00:00
gjb
52288fdf3c Update the "first appeared in" version in several manual pages.
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2017-05-24 17:47:49 +00:00
glebius
7845c5b75c o Rearrange struct inpcb fields to optimize the TCP output code path
considering cache line hits and misses.  Put the lock and hash list
  glue into the first cache line, put inp_refcount inp_flags inp_socket
  into the second cache line.
o On allocation zero out entire structure except the lock and list entries,
  including inp_route inp_lle inp_gencnt.  When inp_route and inp_lle were
  introduced, they were added below inp_zero_size, resulting on not being
  cleared after free/alloc.  This definitely was a source of bugs with route
  caching.  Could be that r315956 has just fixed one of them.
  The inp_gencnt is reinitialized on every alloc, so it is safe to clear it.

This has been proved to improve TCP performance at Netflix.

Obtained from:		rrs
Differential Revision:	D10686
2017-05-24 17:47:16 +00:00
emaste
606f083e34 UPDATING: clarify ino64 upgrade instructions even further
- mention COMPAT_FREEBSD11 earlier so that the steps are in chronological
  order
- suggest removing /usr/obj before build to ensure there are no stale
  objects

Reviewed by:	allanjude, kib
Sponsored by:	The FreeBSD Foundation
2017-05-24 17:11:10 +00:00
asomers
13565abca5 Fix a buffer overflow in bootparamd(8)
If /etc/bootparams contains a line with an excessively long pathname, and a
client asks for that path, then bootparamd will overflow a buffer and crash
while parsing that line.  This is not remotely exploitable since it requires
a malformed /etc/bootparams file.

Reported by:	Coverity
CID:		1305954
MFC after:	1 week
Sponsored by:	Spectra Logic Corp
2017-05-24 16:30:38 +00:00
cy
dc5c0f46d3 Ifdef out a redundant if statement when LARGE_NAT is disabled.
MFC after:	1 week
2017-05-24 14:36:51 +00:00
pfg
040f93fba7 bhyvegc_resize: make use of reallocarray(3) for bounds-checking.
Also add __FBSDID.

Reviewed by:	grehan

This file lacks a license(!) so for this change the following declaration
applies:

To the greatest extent permitted by, but not in contravention of,
applicable law, Affirmer hereby overtly, fully, permanently, irrevocably
and unconditionally waives, abandons, and surrenders all of Affirmer's
Copyright and Related Rights and associated claims and causes of action,
whether now known or unknown (including existing as well as future claims
and causes of action).
2017-05-24 14:24:47 +00:00
kib
ac8326156f Add BIT_OR2(), BIT_AND2(), BIT_NAND2(), BIT_XOR() and BIT_XOR2().
Submitted by:	Sebastian Huber <sebastian.huber@embedded-brains.de>
MFC after:	2 weeks
2017-05-24 10:09:54 +00:00
kib
d39171bb1f Use __BSD_VISIBLE test instead checking for absense of _POSIX_SOURCE.
The Termios headers <termios.h> and <sys/_termios.h> used sometimes
_POSIX_SOURCE directly to determine if a thing should be exposed to
the user.  This circumvented the feature mechanisms of <sys/cdefs.h>.

Submitted by:	Sebastian Huber <sebastian.huber@embedded-brains.de>
MFC after:	2 weeks
2017-05-24 09:25:13 +00:00
np
9a83cfe808 cxgbe/iw_cxgbe: sodisconnect failures are harmless and should not be
treated as fatal errors.

MFC after:	3 days
Sponsored by:	Chelsio Communications
2017-05-24 04:48:09 +00:00
kevlo
5f05351c98 Add missing MLINKS for functions decribed in iflibdd(9), iflibdi(9), and
iflibtxrx(9).
2017-05-24 01:03:30 +00:00
adrian
7a650e6a6a [ath] begin migration of AHB support to use the PCI style board data API for calibration data.
This brings the AHB support in line with the PCI support - now other "things"
can wrap up the calibration / board data into a firmware blob and have them
probe/attach after the system has finished booting.

Note that this change requires /all/ of the AHB using kernel configurations
to change - so until I drop those changes in, this breaks AHB.

Fear not, I'll do that soon.

TODO:

* the above stuff.

Tested:

* AR9331, carambola 2, loading if_ath / wlan as modules at run time
2017-05-24 01:02:35 +00:00
allanjude
a607ab76a6 Followup to r318765 (capsicumize cpuset_*affinity)
Update *sysent files
2017-05-24 01:01:57 +00:00
kevlo
4319f6518f Remove duplicate definition of iflib_led_create(). 2017-05-24 01:01:43 +00:00
allanjude
56f722576f Allow cpuset_{get,set}affinity in capabilities mode
bhyve was recently sandboxed with capsicum, and needs to be able to
control the CPU sets of its vcpu threads

Reviewed by:	emaste, oshogbo, rwatson
MFC after:	2 weeks
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D10170
2017-05-24 00:58:30 +00:00
np
95e69f2666 cxgbe(4): Update the T4, T5, and T6 firmwares to 1.16.45.0.
The latest firmware has a number of link related fixes, support for a
new custom card, and the fix for a bug that affected rate limiting on
FreeBSD.

Obtained from:	Chelsio Communications
MFC after:	1 week
Sponsored by:	Chelsio Communications
2017-05-23 23:40:17 +00:00
jhb
5387dbf595 Remove the BSD/OS 2.1 system call gate LDT entry.
An extra copy of the system call gate was added to the default LDT back
in 1996 (r18513 / r18514).  However, the ability to run BSD/OS 2.1
i386 binaries under FreeBSD's native ABI is most likely no longer
needed.

Discussed with:	kib
2017-05-23 22:34:18 +00:00
landonf
f7cde62b72 bhnd(4): Fix a SPROM identification regression introduced in r315866
In r315866, we introduced a direct read of the 8-bit sromrev field from the
memory mapped SPROM/OTP device. On OTP devices that require 16-bit access
alignment, this read fails, preventing identification of the SPROM layout.

So, let's perform an aligned read of the combined 16-bit sromrev/crc field
instead.

Approved by:	adrian (mentor, implicit)
2017-05-23 22:30:15 +00:00
emaste
c1c12fb80b UPDATING: ino64 upgrade should include COMPAT_FREEBSD11
The upgrade process requires COMPAT_FREEBSD11 to support the combination
of "old" userland and "new" kernel that exists after "make kernel" and
reboot.  Mention this explicitly for those using custom kernel configs.
Once the "new" world is installed the COMPAT_FREEBSD11 could be removed
again, but that does not seem necessary to mention in UPDATING.

Reported by:	kib
Sponsored by:	The FreeBSD Foundation
2017-05-23 20:51:48 +00:00
emaste
3d9a7d5ed0 Add note to UPDATING for ino64 to follow the standard upgrade process
The existing upgrade process documented in UPDATING is both necessary
and sufficient for upgrading across the ino64 change.  However, the
shortcut of installing both kernel + world before a single reboot has
been possible for quite some time, and several developers and users
were surprised by fallout from ino64.  Add an explicit entry pointing
out that the full process must be followed.

Reviewed by:	allanjude, gjb, vangyzen
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D10877
2017-05-23 20:25:49 +00:00
lidl
ce5ee08751 Extend libblacklist support with new action types
The original blacklist library supported two notification types:
 - failed auth attempt, which incremented the failed login count
   by one for the remote address
 - successful auth attempt, which reset the failed login count
   to zero for that remote address

When the failed login count reached the limit in the configuration
file, the remote address would be blocked by a packet filter.

This patch implements a new notification type, "abusive behavior",
and accepts, but does not act on an additional type, "bad username".
It is envisioned that a system administrator will configure a small
list of "known bad usernames" that should be blocked immediately.

Reviewed by:	emaste
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D10604
2017-05-23 19:03:07 +00:00
jhb
ef98161e5d Pass -N directly to ld via -Wl rather than passing it to the compiler driver.
In particular, clang doesn't accept -N.

Obtained from:	CheriBSD
Sponsored by:	DARPA / AFRL
2017-05-23 17:41:09 +00:00
ngie
605df5070b directory(3): add trailing comma after e.g., missed in r318699
Submitted by:	bjk
MFC after:	2 weeks
MFC with:	r318699
Sponsored by:	Dell EMC Isilon
2017-05-23 17:34:10 +00:00
swills
060fd93669 Add security.bsd.see_jail_proc
Add security.bsd.see_jail_proc sysctl to hide jail processes from non-root
users

Reviewed by:	jamie
Approved by:	allanjude
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D10770
2017-05-23 16:59:24 +00:00
pfg
2aca2aa22f Bring some rough support for FreeBSD S/390 to the GNU toolchain.
This is no-op and only for reference: the S/390 port seems to be elusive
in the BSDs so it is convenient to keep some trace from past efforts.
It is likely newer attempts will focus on a newer toolchain using clang
instead.

Obtained from:	Perforce depot/projects/s390
2017-05-23 16:38:10 +00:00
vangyzen
99a8da4537 libthr: fix warnings from GCC when WARNS=6
Fix warnings about:
- redundant declarations
- a local variable shadowing a global function (dlinfo)
- an old-style function definition (with an empty parameter list)
- a variable that is possibly used uninitialized

"make tinderbox" passes this time, except for a few unrelated
kernel failures.

Reviewed by:	kib
MFC after:	3 days
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D10870
2017-05-23 16:12:50 +00:00
gjb
d94dc630cb Honor WITHOUT_TFTP for check-old* and delete-old* targets.
Submitted by:	philippe dot michel7 at sfr dot fr
PR:		217949
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2017-05-23 15:46:21 +00:00
cy
230e3480a9 Remove redundant variable declaration.
MFC after:	3 days
2017-05-23 14:38:59 +00:00
kib
66ff0fc9c0 Add COMPAT_FREEBSD11 on arm64, the arch is almost tier-1.
Discussed with:	andrew, emaste
Sponsored by:	The FreeBSD Foundation
2017-05-23 13:57:55 +00:00
trasz
b3ed18fe97 Remove superfluous parentheses.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-05-23 12:00:08 +00:00
trasz
8b467a9f79 Remove unneccessary call to mtree, which, when building as an unprivileged
user (with -DNO_ROOT), resulted in warnings looking like these:

share/man/cat8:
        user (9, 3819, not modified: Operation not permitted)
        permissions (0755, 0700, modified)

The BSD.usr.mk is already taken care of in etc/Makefile.

Submitted by:	Alex Richardson <alr48@cl.cam.ac.uk>
Reviewed by:	bdrewery
MFC after:	1 month
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D9212
2017-05-23 11:08:36 +00:00
kib
32b7611c73 For ld.so direct execution mode, implement -p option: search for the
binary in $PATH.

Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D10790
2017-05-23 10:00:52 +00:00
ae
565b5a2e9e Fix possible double releasing for SA and SP references.
There are two possible ways how crypto callback are called: directly from
caller and deffered from crypto thread.

For outbound packets the direct call chain is the following:
 IPSEC_OUTPUT() method -> ipsec[46]_common_output() ->
 -> ipsec[46]_perform_request() -> xform_output() ->
 -> crypto_dispatch() -> crypto_invoke() -> crypto_done() ->
 -> xform_output_cb() -> ipsec_process_done() -> ip[6]_output().

The SA and SP references are held while crypto processing is not finished.
The error handling code wrongly expected that crypto callback always called
from the crypto thread context, and it did references releasing in
xform_output_cb(). But when the crypto callback called directly, in case of
error the error handling code in ipsec[46]_perform_request() also did
references releasing.

To fix this, remove error handling from ipsec[46]_perform_request() and do it
in xform_output() before crypto_dispatch().

MFC after:	10 days
2017-05-23 09:32:26 +00:00
kib
a40411ddce Regen. 2017-05-23 09:30:42 +00:00
kib
e75ba1d5c4 Commit the 64-bit inode project.
Extend the ino_t, dev_t, nlink_t types to 64-bit ints.  Modify
struct dirent layout to add d_off, increase the size of d_fileno
to 64-bits, increase the size of d_namlen to 16-bits, and change
the required alignment.  Increase struct statfs f_mntfromname[] and
f_mntonname[] array length MNAMELEN to 1024.

ABI breakage is mitigated by providing compatibility using versioned
symbols, ingenious use of the existing padding in structures, and
by employing other tricks.  Unfortunately, not everything can be
fixed, especially outside the base system.  For instance, third-party
APIs which pass struct stat around are broken in backward and
forward incompatible ways.

Kinfo sysctl MIBs ABI is changed in backward-compatible way, but
there is no general mechanism to handle other sysctl MIBS which
return structures where the layout has changed. It was considered
that the breakage is either in the management interfaces, where we
usually allow ABI slip, or is not important.

Struct xvnode changed layout, no compat shims are provided.

For struct xtty, dev_t tty device member was reduced to uint32_t.
It was decided that keeping ABI compat in this case is more useful
than reporting 64-bit dev_t, for the sake of pstat.

Update note: strictly follow the instructions in UPDATING.  Build
and install the new kernel with COMPAT_FREEBSD11 option enabled,
then reboot, and only then install new world.

Credits: The 64-bit inode project, also known as ino64, started life
many years ago as a project by Gleb Kurtsou (gleb).  Kirk McKusick
(mckusick) then picked up and updated the patch, and acted as a
flag-waver.  Feedback, suggestions, and discussions were carried
by Ed Maste (emaste), John Baldwin (jhb), Jilles Tjoelker (jilles),
and Rick Macklem (rmacklem).  Kris Moore (kris) performed an initial
ports investigation followed by an exp-run by Antoine Brodin (antoine).
Essential and all-embracing testing was done by Peter Holm (pho).
The heavy lifting of coordinating all these efforts and bringing the
project to completion were done by Konstantin Belousov (kib).

Sponsored by:	The FreeBSD Foundation (emaste, kib)
Differential revision:	https://reviews.freebsd.org/D10439
2017-05-23 09:29:05 +00:00
ae
b4462c9dd3 Fix possible double releasing for SA reference.
There are two possible ways how crypto callback are called: directly from
caller and deffered from crypto thread.

For inbound packets the direct call chain is the following:
 IPSEC_INPUT() method -> ipsec_common_input() -> xform_input() ->
 -> crypto_dispatch() -> crypto_invoke() -> crypto_done() ->
 -> xform_input_cb() -> ipsec[46]_common_input_cb() -> netisr_queue().

The SA reference is held while crypto processing is not finished.
The error handling code wrongly expected that crypto callback always called
from the crypto thread context, and it did SA reference releasing in
xform_input_cb(). But when the crypto callback called directly, in case of
error (e.g. data authentification failed) the error handling in
ipsec_common_input() also did SA reference releasing.

To fix this, remove error handling from ipsec_common_input() and do it
in xform_input() before crypto_dispatch().

PR:		219356
MFC after:	10 days
2017-05-23 09:01:48 +00:00
ngie
2b6f093ae4 bsdinstall(8): fix manpage issues
- Start new sentences on new lines.
- Separate e.g. (more of an igor thing) with commas, and rewrite some examples
  not to be enclosed in parentheses.

Reported by:	igor, make manlint
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-05-23 08:01:11 +00:00
ngie
356b3a6a26 sade(8): start new sentence on new line
Reported by:	make manlint
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-05-23 07:50:42 +00:00
ngie
e49d6b2d35 kill(2): add missing section for sysctl(9)
Reported by:	make manlint
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-05-23 07:46:10 +00:00
ngie
60a426ba2e ptrace(2): clean up trailing whitespace
Reviewed by:	make manlint
MFC after:	2 weeks
2017-05-23 07:45:29 +00:00
ngie
e928dd7c1a open(2): fix manlint warnings
- Sort SEE ALSO .Xr entries.
- Sort sections (HISTORY comes after STANDARDS).

Reported by:	make manlint
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-05-23 07:44:43 +00:00
ngie
115bac87e0 rctl_add_rule(2): fix manlint warnings
- Fix commas (either missing or misused) after .Nm entries in SYNOPSIS

Reported by:	make manlint
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-05-23 07:32:57 +00:00
ngie
b573b1873f cap_enter(2): fix manlint issues
- Sort SEE ALSO section appropriately.
- Correct section for sysctl(9).

Reported by:	make manlint
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-05-23 07:31:03 +00:00