The beri boot loaders depend on symbols defined in linker scripts or
assembly files. The boot loaders do not care about the type of these
symbols but just want to extract a pointer to them. Older versions of
GCC permitted external symbols to be declared of type 'void' and then
'&foo' generated a void pointer to the memory at the symbol's address.
However, void objects are not valid C and newer versions of GCC error if
these are used. Instead, declare these symbols as being bytes (or
an array of bytes in the cheri_sdcard_vaddr case).
Sponsored by: DARPA / AFRL
Prior to r325114, bsd.init.mk was included after assignments to CFLAGS and
LDFLAGS in these Makefiles. After r325114, bare assignments (= rather than
+=) lost system-assigned default values that are needed when compiling with
an external toolchain. CFLAGS in both Makefiles already uses +=. This
commit changes LDFLAGS to use +=. While here, depend on the LDFLAGS update
in the parent Makefile.inc to set -nostdlib.
Sponsored by: DARPA / AFRL
SDM editions 64 and below stated that it is enough to use MFENCe or
LFENCE to serialize x2APIC register writes. New edition 65 requires
either full serialization instruction or MFENCE;LFENCE sequence. Use
the later, FreeBSD needs serialization to ensure that writes done
before IPI request are visible to the target IPI CPU.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Enable the hardclock-based watchdog previously conditional on the
SW_WATCHDOG option whenever hardware watchdogs are not found, and
watchdogd attempts to enable the watchdog. The SW_WATCHDOG option
still causes the sofware watchdog to be enabled even if there is a
hardware watchdog. This does not change the other software-based
watchdog enabled by the --softtimeout option to watchdogd.
Note that the code to reprime the watchdog during kernel core dumps is
no longer conditional on SW_WATCHDOG. I think this was previously a bug.
Reviewed by: imp alfred bjk
MFC after: 1 week
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D13713
Apply the fix from r327499 to additional ioctl handlers.
Reported by: Ilja van Sprundel <ivansprundel@ioactive.com>
MFC after: 1 week
MFC with: r327499
Sponsored by: The FreeBSD Foundation
The ath_btcoex_ioctl handler allocated a buffer without M_ZERO and
returned it to userland without writing to it.
The device has permissions only for root so this is not urgent, and the
fix can be MFCd and considered for a future EN.
Reported by: Ilja van Sprundel <ivansprundel@ioactive.com>
Submitted by: Domagoj Stolfa <domagoj.stolfa@gmail.com>
Reviewed by: adrian
MFC after: 1 week
The hpt{nr,rr} ioctl handler allocates a buffer without M_ZERO and calls
hpt_do_ioctl(), which might not overwrite the entire buffer.
Also zero bytesReturned in case it is not written by hpt_do_ioctl().
The hpt27{nr,rr} device has permissions only for root so this is not urgent,
and the fix can be MFCd and considered for a future EN.
The same issue was reported in the hpt27xx driver by Ilja Van Sprundel.
Reviewed by: jhb, kib
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
The hpt27xx ioctl handler allocates a buffer without M_ZERO and calls
hpt_do_ioctl(), which might not overwrite the entire buffer.
Also zero bytesReturned in case it is not written by hpt_do_ioctl().
The hpt27xx device has permissions only for root so this is not urgent,
and the fix can be MFCd and considered for a future EN.
Reported by: Ilja van Sprundel <ivansprundel@ioactive.com>
Submitted by: Domagoj Stolfa <domagoj.stolfa@gmail.com> (M_ZERO)
Reviewed by: jhb, kib
MFC after: 3 days
Security: info leak in root-only ioctl
Sponsored by: The FreeBSD Foundation
- BIO_FLUSH requests were dispatched to the disks directly from
g_mirror_start() rather than going through the mirror's I/O request
queue, so they could have been reordered with preceding writes.
Address this by processing such requests from the queue, avoiding
direct dispatch.
- Handling for collisions with synchronization requests was too
fine-grained and could cause reordering of writes. In particular,
BIO_ORDERED was not being honoured. Address this by effectively
freezing the request queue any time a collision with a synchronization
request occurs. The queue is unfrozen once the collision with the
first frozen request is over.
- The above-mentioned collision handling allowed reads to jump ahead
of writes to the same offset. Address this by freezing all request
types when a collision occurs, not just BIO_WRITEs and BIO_DELETEs.
Also add some more fail points for use in testing error handling.
Reviewed by: imp
MFC after: 3 weeks
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D13559
If a signal was delivered while the main thread was not in poll(2) and after
check was performed, we could reenter poll and never detect termination. Fix
this with the pipefd trick. (This race was introduced very recently, in
r327482.)
PR: 224503
Reported by: kib
Reviewed by: kib, markj
Sponsored by: Dell EMC Isilon
There has been some fallout from the change. The change itself was not valueable
enough to spend time investigating the corner cases, let's just back it out.
Reported by: flo
Previously elfcopy used elf_getdata to obtain data from ELF sections
being copied to binary output, but elf_getdata returns data that has
been translated - that is, data is in host byte order. When the host and
target differ in endianness (e.g., converting a big-endian MIPS ELF
object to binary on an x86 host) this resulted in byte-swapped data in
certain sections such as .dynamic.
Instead use elf_rawdata to keep data in the original, target endianness.
Reported by: Hiroki Mori <yamori83@yahoo.co.jp>, Bill Yuan
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
foundation for invoking efibootmgr as part of new-style EFI booting on
x86. On PS3 and PowerNV, which are booted using Linux kexec from petitboot
rather than by loader(8), install the kernel and the rest of /boot to a
FAT partition and set up the appropriate petitboot configuration file
there.
The new bootconfig installer stage can do platform-dependent modifications
more complex than partition layout and installation of boot blocks and can
be used to (as here) set up some special configuration files, run efibootmgr,
or boot0cfg.
MFC after: 1 month
one of the directories in the filesystem hierarchy is a FAT mountpoint,
settings its times will fail, which would cause installation to abort.
Instead, make this a best-effort thing.
Handling this error is a hack and a better internal scheme for handling
this should be added to libarchive.
rather than kmem arena size to determine available memory.
Initialize the UMA limit to LONG_MAX to avoid spurious wakeups on boot before
the real limit is set.
PR: 224330 (partial), 224080
Reviewed by: markj, avg
Sponsored by: Netflix / Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D13494
Add missed unistd.h include. Not sure where it was lost; I believe it
compiled before I submitted the change.
PR: 224503
Reported by: Cy Schubert <Cy.Schubert AT komquats.com>
Sponsored by: Dell EMC Isilon
syslog(3), routines used in write_warmstart(), and exit(3) are all
signal-unsafe. Instead, set a signal-safe flag and check the flag in the
rpcbind main loop to shutdown safely.
PR: 224503
Reviewed by: kib, markj
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D13728
This removes the direct WME info access in the ieee80211com struct and instead
provides a method of fetching the data. Right now it's a no-op but eventually
it'll turn into a per-VAP method for drivers that support it (eg iwn, iwm,
upcoming ath10k work) as things like p2p support require this kind of behaviour.
Tested:
* ath(4), STA and AP mode
TODO:
* yes, this is slightly stack size-y, but it is an important first step
to get drivers migrated over to a sensible WME API. A lot of per-phy things
need to be converted to per-VAP before P2P, 11ac firmware, etc stuff shows up.
The original bug describes it best:
When an absolute time is specified to shutdown, the program's
behavior depends on whether that time has passed during the
current calendar day. POLA would suggest that for shutdown,
whose time argument is always supposed to be in the future,
absolute times specified without a specific date should refer
to the next occurrence of that time, rather than erroring out
if that time has already passed during the current day.
PR: 32411
Submitted by: wollman@khavrinen.lcs.mit.edu
Submitted on: 2001-11-30 20:30:01 UTC
Reviewed by: asmodai (at time of bug submission)
Some users, especially those that are new, might be confused when passwd
does not echo anything. Inform users that the password will not be
visible.
PR: 196113
Submitted by: Byron Grobe <grobe0ba@gmail.com>
It does not change anything in the behavior of trap_pfault(), while
eliminating obfuscation of jumping to the code which checks for the
condition reversed of the goto cause. Also avoid force initialize the
rv variable, since it is now only accessed after storing vm_fault()
return value.
Reviewed by: alc
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D13725
On a load where single anonymous object consumes almost all memory on
the large system, swapout code executes the iteration over the
corresponding object page queue for long time, owning the map and
object locks. This blocks pagedaemon which tries to lock the object,
and blocks other threads in the process in vm_fault() waiting for the
map lock.
Handle the issue by terminating the deactivation loop if we executed
too long and by yielding at the top level in vm_daemon.
Reported by: peterj, pho
Reviewed by: alc
Tested by: pho (as part of the larger patch)
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D13671
is now unobtanium. It's only had API changes in the last 7 years, and
is responsible for a very large number of them. In addition, there's a
lot of code that reimplements base FreeBSD functionality, diminishing
the chances it still works. Without hardware to teset it on, or
prospects of obtaining such hardware and without vendor support, it's
time to move on.
Suggested by: kan@ in mips@ retirement discussion
it's at least 5 years out of production. I couldn't find a used one on
ebay and other secondary markets just now, nor when I tried 4 years
ago. It dates from the initial project/mips2 merge 8 years ago, and
hasn't been updated since.
Discussed on: mips@ (with some dissent)