Commit Graph

193385 Commits

Author SHA1 Message Date
pjd
58db73786b Add sysctl/tunables for various metaslab variables. 2013-09-05 00:53:01 +00:00
pjd
15d287f52f Advise a full buildworld, because of the recent Capsicum changes.
Sponsored by:	The FreeBSD Foundation
2013-09-05 00:52:16 +00:00
pjd
f740593978 Add missing '2'. 2013-09-05 00:41:07 +00:00
pjd
36c819441c Remove trailing comma. 2013-09-05 00:38:53 +00:00
pjd
add7315b85 Style fixes. 2013-09-05 00:19:30 +00:00
pjd
36e3a50584 Style fixes. Most fixes are about not treating integers and pointers as
booleans.
2013-09-05 00:17:38 +00:00
pjd
d1a65cb7ef Regenerate after r255219.
Sponsored by:	The FreeBSD Foundation
2013-09-05 00:11:59 +00:00
pjd
029a6f5d92 Change the cap_rights_t type from uint64_t to a structure that we can extend
in the future in a backward compatible (API and ABI) way.

The cap_rights_t represents capability rights. We used to use one bit to
represent one right, but we are running out of spare bits. Currently the new
structure provides place for 114 rights (so 50 more than the previous
cap_rights_t), but it is possible to grow the structure to hold at least 285
rights, although we can make it even larger if 285 rights won't be enough.

The structure definition looks like this:

	struct cap_rights {
		uint64_t	cr_rights[CAP_RIGHTS_VERSION + 2];
	};

The initial CAP_RIGHTS_VERSION is 0.

The top two bits in the first element of the cr_rights[] array contain total
number of elements in the array - 2. This means if those two bits are equal to
0, we have 2 array elements.

The top two bits in all remaining array elements should be 0.
The next five bits in all array elements contain array index. Only one bit is
used and bit position in this five-bits range defines array index. This means
there can be at most five array elements in the future.

To define new right the CAPRIGHT() macro must be used. The macro takes two
arguments - an array index and a bit to set, eg.

	#define	CAP_PDKILL	CAPRIGHT(1, 0x0000000000000800ULL)

We still support aliases that combine few rights, but the rights have to belong
to the same array element, eg:

	#define	CAP_LOOKUP	CAPRIGHT(0, 0x0000000000000400ULL)
	#define	CAP_FCHMOD	CAPRIGHT(0, 0x0000000000002000ULL)

	#define	CAP_FCHMODAT	(CAP_FCHMOD | CAP_LOOKUP)

There is new API to manage the new cap_rights_t structure:

	cap_rights_t *cap_rights_init(cap_rights_t *rights, ...);
	void cap_rights_set(cap_rights_t *rights, ...);
	void cap_rights_clear(cap_rights_t *rights, ...);
	bool cap_rights_is_set(const cap_rights_t *rights, ...);

	bool cap_rights_is_valid(const cap_rights_t *rights);
	void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src);
	void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);
	bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little);

Capability rights to the cap_rights_init(), cap_rights_set(),
cap_rights_clear() and cap_rights_is_set() functions are provided by
separating them with commas, eg:

	cap_rights_t rights;

	cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT);

There is no need to terminate the list of rights, as those functions are
actually macros that take care of the termination, eg:

	#define	cap_rights_set(rights, ...)				\
		__cap_rights_set((rights), __VA_ARGS__, 0ULL)
	void __cap_rights_set(cap_rights_t *rights, ...);

Thanks to using one bit as an array index we can assert in those functions that
there are no two rights belonging to different array elements provided
together. For example this is illegal and will be detected, because CAP_LOOKUP
belongs to element 0 and CAP_PDKILL to element 1:

	cap_rights_init(&rights, CAP_LOOKUP | CAP_PDKILL);

Providing several rights that belongs to the same array's element this way is
correct, but is not advised. It should only be used for aliases definition.

This commit also breaks compatibility with some existing Capsicum system calls,
but I see no other way to do that. This should be fine as Capsicum is still
experimental and this change is not going to 9.x.

Sponsored by:	The FreeBSD Foundation
2013-09-05 00:09:56 +00:00
gibbs
ceb5fa1b16 Correct blkback handling of the BLKIF_OP_FLUSH_DISKCACHE opcode.
Properly round-trip the "operation code" for client requests.

sys/dev/xen/blkback/blkback.c:
	In xbb_dispatch_dev() when processing a flush request,
	correctly set bio->bio_caller1 to the request list (not
	bare request) for the operation, as is expected by the
	completion handler xbb_bio_done().

	In xbb_get_resources(), initialize "operation" in the
	driver's internal request object from the client's "ring
	request", so it is correct when used to populate the reply
	when this operation completes.

Submitted by:	Roger Pau Monné
Sponsored by:	Citrix Systems R&D
Reviewed by:	gibbs
2013-09-04 23:32:49 +00:00
kib
23ba68da73 Tidy up some loose ends in the PCID code:
- Restore the pre-PCID TLB shootdown handlers for whole address space
  and single page invalidation asm code, and assign the IPI handler to
  them when PCID is not supported or disabled.  Old handlers have
  linear control flow.  But, still use the common return sequence.

- Stop using pcpu for INVPCID descriptors in the invlrg handler.  It
  is enough to allocate descriptors on the stack.  As result, two
  SWAPGS instructions are shaved off from the code for Haswell+.

- Fix the reverted condition in invlrng for checking of the PCID
  support [1], also in invlrng check that pmap is kernel pmap before
  performing other tests.  For the kernel pmap, which provides global
  mappings, the INVLPG must be used for invalidation always.

- Save the pre-computed pmap' %CR3 register in the struct pmap.  This
  allows to remove several checks for pm_pcid validity when %CR3 is
  reloaded [2].

Noted by:   gibbs [1]
Discussed with:	alc [2]
Tested by:	pho, flo
Sponsored by:	The FreeBSD Foundation
2013-09-04 23:31:29 +00:00
rmacklem
99fb6f77e5 Crashes have been observed for NFSv4.1 mounts when the system
is being shut down which were caused by the nfscbd_pool being
destroyed before the backchannel is disabled. This patch is
believed to fix the problem, by simply avoiding ever destroying
the nfscbd_pool. Since the NFS client module cannot be unloaded,
this should not cause a memory leak.

MFC after:	2 weeks
2013-09-04 22:47:56 +00:00
jilles
ad7328341a sh: Make return return from the closest function or dot script.
Formerly, return always returned from a function if it was called from a
function, even if there was a closer dot script. This was for compatibility
with the Bourne shell which only allowed returning from functions.

Other modern shells and POSIX return from the function or the dot script,
whichever is closest.

Git 1.8.4's rebase --continue depends on the POSIX behaviour.

Reported by:	Christoph Mallon, avg
2013-09-04 22:10:16 +00:00
zbb
206a10e8a6 Add myself as a new committer and cognet as my mentor.
Approved by:	cognet (mentor)
2013-09-04 20:49:32 +00:00
gonzo
1eec0c04d0 Add 32-bit support for Gxemul's oldtestmips machine emulation
Original work by: kan@
2013-09-04 20:34:36 +00:00
gnn
059527f86c Add myself to the list of ports committers.
Approved by: skreuzer (mentor)
2013-09-04 20:12:33 +00:00
eadler
3086328456 Revert r255152:
It turns out that synaptics_support was turned off by default
because its probing method is too intrusive not because it was unstable.

Once this is fixed it should be enabled once again.

Reported by:	delphij, jkim
2013-09-04 18:42:05 +00:00
jmg
237a3159e4 add links for the various vmem functions... 2013-09-04 17:48:41 +00:00
brooks
f978cc2905 MFP4 217312, 222008, 222052, 222053, 222673, 231484, 231491, 231565, 570643
Rework the timeout code to use actual time rather than a DELAY() loop and
to use both typical and maximum to allow logging of timeout failures.
Also correct the erase timeout, it is specified in milliseconds not
microseconds like the other timeouts.  Do not invoke DELAY() between
status queries as this adds significant latency which in turn reduced
write performance substantially.

Sanity check timeout values from the hardware.

Implement support for buffered writes (only enabled on Intel/Sharp parts
for now).  This yields an order of magnitude speedup on the 64MB Intel
StrataFlash parts we use.

When making a copy of the block to modify, also keep a clean copy around
until we are ready to commit the block and use it to avoid unnecessary
erases.  In the non-buffer write case, also use it to avoid
unnecessary writes when the block has not been erased.  This yields a
significant speedup when doing things like zeroing a block.

Sponsored by:	DARPA, AFRL
Reviewed by:	imp (previous version)
2013-09-04 17:19:21 +00:00
theraven
8b9f5e4153 Add a c++/v1/tr1 include directory containing symlinks to all of the standard
headrs.

Lots of third-party code expects to find C++03 headers under tr1 because that's
where GNU decided to hide them.  This should fix ports that expect them there.

MFC after:	1 week
2013-09-04 15:02:14 +00:00
jhb
00a02e74da Trim a couple of panic messages. 2013-09-04 11:52:28 +00:00
br
150dbecd5f - Add myself as a src committer
- Note cognet is my mentor

Approved by:	cognet (mentor)
2013-09-04 11:28:47 +00:00
glebius
6246a08599 Make default cache size more modern.
Requested by:	Slawa Olhovchenkov <slw zxy.spb.ru>
2013-09-04 10:17:50 +00:00
jhibbits
6fc9e86bed Fix hwpmc(4) for 32-bit PowerPC. 2013-09-04 04:11:38 +00:00
np
297fdff2ee For TOE connections, the window scale factor in CPL_PASS_ACCEPT_REQ is
set to 15 to indicate that the peer did not send a window scale option
with its SYN.  Do not send a window scale option in the SYN|ACK reply
in that case.
2013-09-03 23:34:04 +00:00
sbruno
3e7c5db622 Add options GEOM_PART_GPT and options MSDOSFS to the DIR-825
Reviewed by:	adrian@
2013-09-03 22:33:06 +00:00
imp
09ea56b1ca Newer versions of gcc define __INT64_C and __UINT64_C, so avoid
redefining them if gcc provides them.
2013-09-03 22:04:55 +00:00
jhb
8f38cafe69 Add support for the 'invpcid' instruction to binutils and DDB's
disassembler on amd64.

MFC after:	1 month
2013-09-03 21:21:47 +00:00
pfg
a4c67efd5f Remove our hacked GNU patch.
The old (2.1) GNU patch has outlived its days.  The major
local changes have been moved into the less restrictedly
licensed patch(1) we adopted in usr.bin/ .

A much newer version of GNU patch is available in the
ports tree (devel/patch).

Disconnect from the build and remove.
2013-09-03 20:03:10 +00:00
tuexen
0ad83fb985 Remove redundant field pr_sctp_on.
MFC after: 1 week
2013-09-03 19:31:59 +00:00
jmg
8ec798134a Use the fact that the AES-NI instructions can be pipelined to improve
performance... Use SSE2 instructions for calculating the XTS tweek
factor...  Let the compiler do more work and handle register allocation
by using intrinsics, now only the key schedule is in assembly...

Replace .byte hard coded instructions w/ the proper instructions now
that both clang and gcc support them...

On my machine, pulling the code to userland I saw performance go from
~150MB/sec to 2GB/sec in XTS mode.  GELI on GNOP saw a more modest
increase of about 3x due to other system overhead (geom and
opencrypto)...

These changes allow almost full disk io rate w/ geli...

Reviewed by:	-current, -security
Thanks to:	Mike Hamburg for the XTS tweek algorithm
2013-09-03 18:31:23 +00:00
jmg
e10c4e2adb add support to gcc for AES and PCLMUL intrinsics... This addes the
-maes option, but not the -mpclmul option as I ran out of bits in
the 32 bit flags field...  You can -D__PCLMUL__ to get this, but it
won't be compatible w/ clang and modern gcc...

Reviewed by:	-current, -toolchain
2013-09-03 17:33:29 +00:00
emaste
4f53813f88 Connect libexecinfo to the build
Sponsored by:	DARPA, AFRL
2013-09-03 15:22:04 +00:00
gibbs
e3bbc9eb39 sys/dev/xen/blkback/blkback.c:
Initialize the request id for requests in xbb_get_resources()
	instead of its previous location in xbb_dispatch_io().  This
	guarantees that all request types (e.g. BLKIF_OP_FLUSH_DISKCACHE)
	have the front-end specified id recorded.

Submitted by:	Roger Pau Monné
Sponsored by:	Citrix Systems R&D
2013-09-03 13:49:00 +00:00
jlh
97f176654a Include the calling context in the mail subject, if any.
More concretely, periodic security scripts defaults to being
called from daily ones -- daily context -- so the mail subject
will now be "${HOST} daily security run output" instead of
"{HOST} security run output".

If you switch the period of some security checks to weekly, you
will receive another email "${HOST} weekly security run output".
2013-09-03 13:40:24 +00:00
emaste
af53c35776 Add svn:keywords property 2013-09-03 13:38:41 +00:00
emaste
fcc965e86a Add $FreeBSD$ tag for user-facing header 2013-09-03 13:36:23 +00:00
emaste
4bfbadb2b3 Don't install private libexecinfo headers 2013-09-03 13:31:43 +00:00
uqs
bb22f91e17 Fix 'make depend' 2013-09-03 12:08:08 +00:00
rwatson
e6c5cc6ac3 Document SIGLIBRT in signal(3); take a stab at the signal description as
the original committer didn't provide one.

MFC after:	3 days
2013-09-03 08:19:06 +00:00
jlh
c42336ed7f Since r254974, periodic scripts' period can be configured
independently.  There is no reason to leave their options
with the daily ones, so move them to their own section.
2013-09-03 07:51:06 +00:00
jlh
652fad2cc8 Since r254974, periodic scripts' period can be configured
independently.  There is no reason to leave their options
with the daily ones, so move them to their own section.
Move periodic scripts' options into their own section.  Since r254974,
2013-09-03 07:47:53 +00:00
bryanv
2be33f6260 Complete any pending Tx frames before attempting the next transmit
Also complete pending frames in the watchdog function when the
EVENT_IDX feature was negotiated just in case the completion
interrupt was postponed.
2013-09-03 02:28:31 +00:00
bryanv
b59e843b9f Fix unintended compiler constant folding
Pointed out by:	dim@
2013-09-03 02:26:57 +00:00
jhibbits
67d6bf7992 Enable PMC interrupt handling, and fix a DTrace trap handling bug. 2013-09-03 00:42:15 +00:00
jhibbits
241d6ad5a0 Refactor PowerPC hwpmc(4) driver into generic and specific. More refactoring
will likely be done as more drivers are added, since AIM-compatible processors
have similar PMC configuration logic.
2013-09-03 00:34:18 +00:00
delphij
a866db8b14 Create the default router last. This allows using an static
interface route for default routes, which seems to be common
among many dedicated hosting providers.

Reviewed by:	hrs
MFC after:	2 weeks
2013-09-02 23:52:25 +00:00
tuexen
d6366593f2 Use uint16_t instead of in_port_t for consistency with the SCTP code.
MFC after: 1 week
2013-09-02 23:27:53 +00:00
jhibbits
5a8454fde7 Whitespace cleanup. 2013-09-02 23:22:05 +00:00
tuexen
7d2fcf1932 All changes affect only SCTP-AUTH:
* Remove non working code related to SHA224.
* Remove support for non-standardised HMAC-IDs using SHA384 and SHA512.
* Prefer SHA256 over SHA1.
* Minor cleanup.

MFC after: 2 weeks
2013-09-02 22:48:41 +00:00
gibbs
770a4ce79b Better conformance to style(9) and organizational cleanup.
No functional changes.

sys/i386/xen/mp_machdep.c:
	Remove extra newlines.

	Group externs, forward delarations, local types, and pcpu data.

	Wrap at 80 columns.

	Use parens in return statements.

	Tab indent members of array initializers.

MFC after:	2 weeks
2013-09-02 22:22:56 +00:00