Commit Graph

237274 Commits

Author SHA1 Message Date
John Baldwin
3c03efc4ab Add a delay_tsc() static function for when DELAY() uses the TSC.
This uses slightly simpler logic than the existing code by using the
full 64-bit counter and thus not having to worry about counter
overflow.

Reviewed by:	kib
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D17850
2018-11-05 22:51:45 +00:00
Alex Richardson
d3384db33c Keep inheriting $PATH when using system linker/compiler
I missed this case when testing r340157. For now just keep
$PATH when we aren't bootstrapping a compiler so that the build
can find cc/c++/ld without an absolute path.

Reported by:	yuripv
2018-11-05 22:51:44 +00:00
Ed Maste
24ac7c3b27 revert r340156, restoring sys/sys/capability.h
More time is still needed for ports to accommodate the migration to
capsicum.h.

The header was renamed in 2014 due to concerns about conflicts with with
a draft POSIX.1e capability.h header on other systems and there is (now)
no need for complex autoconf tests for both capability.h and capsicum.h.
Any supported Capsicum-capable system has capsicum.h.

Reported by:	antoine
Sponsored by:	The FreeBSD Foundation
2018-11-05 22:36:45 +00:00
John Baldwin
4cbbb74888 Add a KPI for the delay while spinning on a spin lock.
Replace a call to DELAY(1) with a new cpu_lock_delay() KPI.  Currently
cpu_lock_delay() is defined to DELAY(1) on all platforms.  However,
platforms with a DELAY() implementation that uses spin locks should
implement a custom cpu_lock_delay() doesn't use locks.

Reviewed by:	kib
MFC after:	3 days
2018-11-05 21:34:17 +00:00
Alex Richardson
b25c717954 Fix -DNO_CLEAN build after r340157
Approved By:	jhb (mentor)
2018-11-05 21:30:00 +00:00
Mark Johnston
35b4d0f125 Document the fact that cap_limit_set() always frees the input nvlist.
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2018-11-05 21:01:45 +00:00
John Baldwin
ff9738d954 Rework setting PTE_D for kernel mappings.
Rather than unconditionally setting PTE_D for all writeable kernel
mappings, set PTE_D for writable mappings of unmanaged pages (whether
user or kernel).  This matches what amd64 does and also matches what
the RISC-V spec suggests (preset the A and D bits on mappings where
the OS doesn't care about the state).

Suggested by:	alc
Reviewed by:	alc, markj
Sponsored by:	DARPA
2018-11-05 20:00:36 +00:00
Alex Richardson
6806504da4 Build the elftoolchain libraries as part of bootstrap-tools
It is not necessary to build libelf and libdwarf this early. Furthermore,
when building on Linux/MacOS, m4 will only be built during the bootstrap
tools phase and not be available in $PATH before.

Reviewed By:	emaste
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17800
2018-11-05 19:51:16 +00:00
Alex Richardson
8f62bca488 Allow building world without inheriting $PATH
Inheriting $PATH during the build phase can cause the build to fail when
compiling on a different system due to missing build tools or incompatible
versions somewhere in $PATH. This has cause build failures for us before
due to the jenkins slaves still running FreeBSD 10.
Listing the tools we depend on explicitly instead of just using whatever
happens to be in $PATH allows us to check that we don't accidentally add a
new build dependency.

All tools that do no need to be bootstrapped will now be symlinked to
${WORLDTMP}/legacy/bin and during the build phase $PATH will only contain
${WORLDTMP}. There is also a new variable "BOOTSTRAP_ALL_TOOLS" which can
be set to force compiling almost all bootstrap tools instead of symlinking
them. This will not bootstrap tools such as cp,mv, etc. since they may be
used during the build and for those we should really only be using POSIX
compatible options.

Furthermore, this change is required in order to be able to build on
non-FreeBSD hosts. While the same binaries may exist on Linux/MacOS they
often accept different flags or produce incompatible output.

Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D16815
2018-11-05 19:51:10 +00:00
Ed Maste
335a736a20 Remove backwards-compatibility sys/capability.h
In r263232 sys/capability.h was renamed to sys/capsicum.h, to avoid
conflicts with a capability.h header found on other operating systems.

Sufficient time has now passed, so remove the old header at the
beginning of FreeBSD 13.

Discussed with:	oshogbo
Sponsored by:	The FreeBSD Foundation
2018-11-05 19:25:57 +00:00
Warner Losh
74c0112fef Only assert locked for many async events.
Many async events that we see are called for this specific path. When
calling an async callback for a targetted device, XTP will lock that
specific device's path lock (same as what cam_periph_lock does). For
those AC_ events, assert we have the lock rather than trying to
recusrively take it (which causes panics since it's not recursive).

Add annotations about this and about the fact that AC_SCSI_AEN events
are generated now only in the ata stack (which cannot have a scsi_da
attachment). Leave it in place in case I've overlooked something as
the code is harmless.

This is fallout from my attempts to "fix" locking for softc->flags in
r330796 that's not been triggered often enough to get my attention
until now.

Sponsored by: Netflix
MFC After: 3 days
Differential Revision: https://reviews.freebsd.org/D17837
2018-11-05 18:47:29 +00:00
Kyle Evans
bdf12807be lualoader: Add chainload menu entry
MFC after:	4 days
2018-11-05 16:20:07 +00:00
Ed Maste
18655ca290 Regen src.conf.5 after r340150 2018-11-05 15:30:13 +00:00
Ed Maste
7ae5db1f37 Expand WITH_LLD_BOOTSTRAP description
Reported by:	bz
2018-11-05 15:22:41 +00:00
Matt Macy
acf50a7f68 hwpmc: limit wait for user callchain collection to 1 tick
The hwpmc pcpu sample buffer is prone to head of line blocking
when waiting for user process to return to user space and
collect a pending callchain. If more than one tick has elapsed
between the time the sample entry was marked for collection and
the time that the hardclock pmc handler runs to copy the records
to a larger temporary buffer, mark the sample entry as not in
use.

This changes reduces the number of samples marked as not valid
when collecting under load from ~99.5% to 5-20%.

Reported by:	mjg@
MFC after:	3 days
2018-11-05 08:11:16 +00:00
Justin Hibbits
b465e0bb56 powerpc/SMP: Don't spam the console with AP bringup messages
Especially on new POWER9 systems, the console can be filled with

  SMP: AP CPU #XX launched

messages.  This can also slow down the console printing.  Instead, do what
x86 now does, as of r333335, and print it all on one line, unless
bootverbose is set.
2018-11-05 01:53:20 +00:00
Kyle Evans
bc82609ae2 Move pmc* bits behind MK_PMC to fix WITHOUT_PMC build
No objection from:	mmacy
MFC after:	3 days
2018-11-05 00:20:58 +00:00
Yuri Pankov
dd7c41a378 Add hybrid C.UTF-8 locale being identical to default C locale except
that it uses the same ctype maps and functions as other UTF-8 locales.

Reviewed by:	bapt, cem, eadler
Approved by:	kib (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D17833
2018-11-04 22:13:22 +00:00
Mariusz Zaborski
d68e2c047b ping: simplify use of Casper
There is no need to check if capdns is NULL.
If we will build the system without casper all cap_gethostaddr will be
replaced by the standard functions.
2018-11-04 20:26:29 +00:00
Mariusz Zaborski
d9c2248dd5 libcasper: using explicit_bzero in cap_grp service
Please notice that we still don't clean information in nvlist structures.

Submitted by:	David CARLIER <devnexen@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D16777
2018-11-04 19:43:59 +00:00
Mariusz Zaborski
577dff6a8d libcasper: fix limitations in dns service
The getaddrinfo(3) and gethostbyname(3) are used to return the address for a
given hostname. The getnameinfo(3) and gethostbyaddr(3) are used to return
hostname for a given address. Right now in casper, we have two limitations:
- NAME which allows resolving DNS names.
- ADDR which allows to do revert DNS lookups.

Before this change the rights was mixed up:
NAME - getnameinfo(3) and gethostbyname(3)
ADDR - gethostbyaddr(3) and getaddrinfo(3)

Which no matters on limitation allowed us to resolve DNS names and do DNS
lookups basically by using a different set of functions.

Now the NAME type allows getaddrinfo(3) and gethostbyname (3)functions,
and the ADDR names allow to use gethostbyaddr(3) and getnameinfo(3) functions.

Reviewed by:	pjd, bcr
MFC after:	3 weeks
Discussed with:	hrs
Differential Revision:	https://reviews.freebsd.org/D16930
2018-11-04 19:38:54 +00:00
Mariusz Zaborski
db9a6e4178 libcasper: Update example in man page to use cap_getnameinfo function.
Reviewed by:	hrs
Differential Revision:	https://reviews.freebsd.org/D16931
2018-11-04 19:31:44 +00:00
Mariusz Zaborski
fe24949034 libcasper: Document the cap_getaddrinfo and cap_getnameinfo functions
Reviewed by:	hrs
Differential Revision:	https://reviews.freebsd.org/D16929
2018-11-04 19:29:19 +00:00
Mariusz Zaborski
377421df96 capsicum: use a new capsicum helpers in tools
Use caph_{rights,ioctls,fcntls}_limit to simplify the code.
2018-11-04 19:24:49 +00:00
Ed Maste
eda66948fe rtld: move relro enforcement after ifunc processing
Previously the combination of relro (implicit), -z now and ifunc use
resulted in a segfault when applying ifuncs after relro (test binary
here just calls amd64_get_fsbase()):

| % env LD_DEBUG=1 libexec/rtld-elf/obj/ld-elf.so.1 a.out
| ...
| enforcing main obj relro
| ...
| resolving ifuncs
| reloc_jmpslot: *0x203198 = 0x189368ea4570
| zsh: bus error (core dumped)  LD_DEBUG=1 obj/ld-elf.so.1 ~/a.out

Reported by:	Shawn Webb
Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
2018-11-04 19:21:12 +00:00
Konstantin Belousov
f6bb885ff6 Move the fixed base for PIE loading on arm.
Existing base causes conflicts for direct execution of ld-elf.so.1
because default linking base for non-PIE binaries is 0x10000.

Reported and tested by:	Mark Millard <marklmi26-fbsd@yahoo.com>
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2018-11-04 19:11:32 +00:00
Eugene Grosbein
a594f9453b Make ng_pptpgre(8) netgraph node be able to restore order for packets
reordered in transit instead of dropping them altogether.
It uses sequence numbers of PPtPGRE packets.

A set of new sysctl(8) added to control this ability or disable it:

net.graph.pptpgre.reorder_max (1) defines maximum length of node's
private reorder queue used to keep data waiting for late packets.
Zero value disables reordering. Default value 1 allows the node to restore
the order for two packets swapped in transit. Greater values allow the node
to deliver packets being late after more packets in sequence
at cost of increased kernel memory usage.

net.graph.pptpgre.reorder_timeout (1) defines time value in miliseconds
used to wait for late packets. It may be useful to increase this
if reordering spot is distant.

MFC after:	1 month
2018-11-04 19:10:44 +00:00
Mariusz Zaborski
9e5493752a Fix a recusive call introduce in the r340130. 2018-11-04 18:52:59 +00:00
Mariusz Zaborski
9b5dd8ff8b Un-break build libexpact.
The writeRandomBytes_arc4random is not used if the arc4random_buf
is available. This caused compiler to throw warnings which are treated as
an error in libexpact.

Approved by:	vangyzen
2018-11-04 18:24:11 +00:00
Conrad Meyer
d83db3fb6a Drop ed(1) "crypto"
You should not be using DES.  You should not have been using DES for the
past 30 years.

The ed DES-CBC scheme lacked several desirable properties of a sealed
document system, even ignoring DES itself.  In particular, it did not
provide the "integrity" cryptographic property (detection of tampering), and
it treated ASCII passwords as 64-bit keys (instead of using a KDF like
scrypt or PBKDF2).

Some general approaches ed(1) users might consider to replace the removed
DES mode:

1. Full disk encryption with something like AES-XTS.  This is easy to
conceptualize, design, and implement, and it provides confidentiality for
data at rest.  Like CBC, it lacks tampering protection.  Examples include
GELI, LUKS, FileVault2.

2. Encrypted overlay ("stackable") filesystems (EncFS, PEFS?, CryptoFS,
others).

3. Native encryption at the filesystem layer.  Ext4/F2FS, ZFS, APFS, and
NTFS all have some flavor of this.

4. Storing your files unencrypted.  It's not like DES was doing you much
good.

If you have DES-CBC scrambled files produced by ed(1) prior to this change,
you may decrypt them with:

  openssl des-cbc -d -iv 0 -K <key in hex> -in <inputfile> -out <plaintext>

Reviewed by:	allanjude, bapt, emaste
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D17829
2018-11-04 17:56:16 +00:00
Mariusz Zaborski
5a453d5f5b libcapsicum: Introduce caph_{rights,ioctls,fcntls}_limit
The idea behind those functions is not to force consumers to remember that there
is a need to check errno on failure. We already have a caph_enter(3) function
which does the same for cap_enter(2).

MFC after:	2 weeks
2018-11-04 17:22:58 +00:00
Mariusz Zaborski
82560231d3 capsicum: allow ppoll(2) in capability mode
We already allow to use poll(2). There is no reason to disallow ppoll(2).

PR:		232495
Submitted by:	Stefan Grundmann <sg2342@googlemail.com>
Reviewed by:	cem, oshogbo
MFC after:	2 weeks
2018-11-04 17:12:53 +00:00
Yuri Pankov
9508f8c05c Teach man(1) about C.UTF-8.
While here, use LANG as the proper source to select man pages language/encoding,
falling back to LC_CTYPE.

Reviewed by:	bapt
Approved by:	kib (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D17835
2018-11-04 16:58:55 +00:00
Eric van Gyzen
0a48773f8c Update expat to 2.2.6
Update contrib/expat by merging from the vendor branch.

Update expat_config.h manually, using
    make -C /usr/ports/textproc/expat2 configure
as a baseline.

MFC after:	1 month
Relnotes:	yes
Security:	yes; see contrib/expat/Changes since 2.2.0
Sponsored by:	Dell EMC Isilon
2018-11-04 16:08:59 +00:00
Mateusz Piotrowski
6d080f8660 csqrt(3): Fix some typos in the manual page
Submitted by:	Steve Kargl <sgk@troutmask.apl.washington.edu>
Reviewed by:	eadler
Approved by:    krion (mentor, implicit), mat (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D17831
2018-11-04 14:11:38 +00:00
Baptiste Daroussin
874e7db1f7 Simplify NLS alias handling by using native make(1) multi variable for loops 2018-11-04 10:14:08 +00:00
Baptiste Daroussin
4dd729a55b Fix bad copy/paste 2018-11-04 06:59:13 +00:00
Baptiste Daroussin
97dc79f29a Simplify a bit distrib-dirs target
Reviewed by:	bdrewery
Differential Revision:	https://reviews.freebsd.org/D3915
2018-11-04 06:47:21 +00:00
Baptiste Daroussin
56b187fca8 nfsd: Factorize code
Factorize code by using struct sockaddr_storage to handle both ipv6 and ipv4

Discussed with:	rmacklem
Reviewed by:	manu
MFC after:	1 month
Sponsored by:	Gandi.net
Differential Revision:	https://reviews.freebsd.org/D13223
2018-11-04 06:39:01 +00:00
Eugene Grosbein
5a2b0b0daa ipfw(8): clarify layer2 processing abilities
Make it clear that ipfw action set for layer2 frames it a bit limited.

PR:			59835
Reviewed by:		yuripv
MFC after:		1 month
Differential Revision:	https://reviews.freebsd.org/D17719
2018-11-04 06:35:48 +00:00
Matt Macy
dacc43df34 Add aditional counter descriptions to AMD 0x17
Submitted by:	Somalapuram Amaranath
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D17401
2018-11-04 06:24:27 +00:00
Konstantin Belousov
561991144e Remove Obj_Entry textsize member.
It is unused after r340102, and more important, I do not see how to
define textsize in both practically useful and correct way, for binaries
with more that one executable segments.

Sponsored by:	The FreeBSD Foundation
2018-11-04 00:32:28 +00:00
Yuri Pankov
32a8ec8bdd strptime: make %k and %l specifiers match their description in
strftime(3), and allow them to process space-padded input.

PR:		230720
Submitted by:	rlittle@inetco.com (original version)
Approved by:	kib (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D17761
2018-11-03 23:37:13 +00:00
Yuri Pankov
1ade1c4113 Update to CLDR 34 and UNICODE 11.
Discussed with:	bapt
Approved by:	kib (mentor)
MFC after:	1 month
2018-11-03 22:02:10 +00:00
Konstantin Belousov
f846c80a9c Flush data cache for executable loadable segments explicitly.
Do not use textsize and do not flush everything between map base and
base + textsize, because unmapped areas cannot be flushed.

This makes Obj_Entry textsize only use go away, and I will remove it
later.

Reported by:	tuexen
Tested by:	Mark Millard <marklmi26-fbsd@yahoo.com>
Sponsored by:	The FreeBSD Foundation
2018-11-03 20:39:16 +00:00
Andrey V. Elsukov
880d3c76b5 Do not use bzero() for the O_ICMP6TYPE opcode.
The buffer is already zeroed in compile_rule() function, and also it
may contain configured F_NOT flag in o.len field. This fixes the filling
for "not icmp6types" opcode.

PR:		232939
MFC after:	3 days
2018-11-03 20:05:50 +00:00
Ed Maste
01b7ad0400 libcompat: disable retpoline when building build tools
These are built with the host toolchain which may not support retpoline.
While here, move the MK_ overrides to a separate line and sort them
alphabetically to support future changes.

MFC with:	r339511
Sponsored by:	The FreeBSD Foundation
2018-11-03 19:31:11 +00:00
Bjoern A. Zeeb
a613be5677 Update the "flag" for draft-ietf-6man-ipv6only-flag.
Having the flag named "6" can possibly be a problem for configurations
where parsing strings and numbers can produce ambivalent results.
Rename the "6" flag to the "S"ix (or Silence-IPv4) flag.
2018-11-03 18:03:24 +00:00
Matt Macy
10f42d244b Convert epoch to read / write records per cpu
In discussing D17503 "Run epoch calls sooner and more reliably" with
sbahra@ we came to the conclusion that epoch is currently misusing the
ck_epoch API. It isn't safe to do a "write side" operation (ck_epoch_call
or ck_epoch_poll) in the middle of a "read side" section. Since, by definition,
it's possible to be preempted during the middle of an EPOCH_PREEMPT
epoch the GC task might call ck_epoch_poll or another thread might call
ck_epoch_call on the same section. The right solution is ultimately to change
the way that ck_epoch works for this use case. However, as a stopgap for
12 we agreed to simply have separate records for each use case.

Tested by: pho@

MFC after:	3 days
2018-11-03 03:43:32 +00:00
Alexander Motin
b4d66a1739 9952 Block size change during zfs receive drops spill block
Replication code in receive_object() falsely assumes that if received
object block size is different from local, then it must be a new object
and calls dmu_object_reclaim() to wipe it out. In most cases it is not a
problem, since all dnode, bonus buffer and data block(s) are immediately
rewritten any way, but the problem is that spill block (if used) is not.
This means loss of ACLs, extended attributes, etc.

This issue can be triggered in very simple way:
1. create 4KB file with 10+ ACL entries;
2. take snapshot and send it to different dataset;
3. append another 4KB to the file;
4. take another snapshot and send incrementally;
5. witness ACL loss on receive side.

PR:		198457
Discussed with:	mahrens
MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
2018-11-03 03:10:06 +00:00