Commit Graph

192822 Commits

Author SHA1 Message Date
Xin LI
76cd7220b5 Use a devd event to start hv_kvpd instead of doing so in rc.d script.
This is cleaner and eliminates the unneeded startup of KVP daemon on
systems that do not run as a Hyper-V guest.

Submitted by:	hrs
X-MFC-with:	271493, 271688, 271699
2014-09-17 02:32:22 +00:00
Mark Johnston
6574b8ed19 Fix some incorrect endianness checks.
MFC after:	1 week
Sponsored by:	EMC / Isilon Storage Division
2014-09-17 00:54:00 +00:00
Mark Johnston
a5ddd965e0 Fix elfdump(1) usage in the userland CTF tests.
PR:		193110
MFC after:	1 week
Sponsored by:	EMC / Isilon Storage Division
2014-09-16 22:54:15 +00:00
Mark Johnston
f4f080c659 Fix a typo.
MFC after:	3 days
2014-09-16 22:26:01 +00:00
Alexander V. Chernikov
6667db3130 * Fix if_omcast handling
* Convert if_oerrors to pcpu.

Suggested by:	glebius
MFC after:	2 weeks
2014-09-16 21:48:48 +00:00
Sean Bruno
cb8799d06f Such typo, many email, very spelling. wow.
MFC with 271688 271493
Submitted by:	ngie ian
MFC after:	2 weeks
Relnotes:	yes
2014-09-16 20:48:13 +00:00
Sean Bruno
c13a313284 Add proper disable/enable hooks to the default scripts so that this is only
run when asked for by the user.  Right now, hv_kvpd is run on every boot.

Don't do that.

Add hv_kvpd_enable= for this script to be run.

MFC with 271493

MFC after:	2 weeks
Relnotes:	yes
2014-09-16 20:02:16 +00:00
Glen Barber
a06acfb7ab Bump __FreeBSD_version after SA-14:19.tcp
Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2014-09-16 19:20:06 +00:00
Jean-Sébastien Pédron
1365d0770d vt(4): Use vt_fb_drawrect() and vt_fb_setpixel() in all vt_fb-derivative
Review:		https://reviews.freebsd.org/D789
Reviewed by:	nwhitehorn
Approved by:	nwhitehorn
MFC after:	2 days
2014-09-16 18:02:24 +00:00
Jean-Sébastien Pédron
1952f0b519 vt(4): Fix a LOR which occurs during a call to vt_upgrade()
Reported by:	kib@
Review:		https://reviews.freebsd.org/D785
Reviewed by:	ray@
Approved by:	ray@
MFC after:	2 days
2014-09-16 17:42:37 +00:00
John Baldwin
8bafac5444 Permit MAP_RENAME and MAP_NORESERVE for now. These flags should be removed, but at least
Chromium and OpenJDK use MAP_NORESERVE.
2014-09-16 17:21:06 +00:00
Brooks Davis
58ab5b0a13 Fix some extra whitespace noticed when reviewing git diffs. 2014-09-16 17:07:32 +00:00
Bjoern A. Zeeb
dcceaf9f3c Merge atse(4) interrupt handling and race condition fixes from cheribsd:
commit 8bd88585ed8e3f7def0d780a1bc30d96fe642b9c

    Rework atse_rx_cycles handling: count packets instead of fills, and use the
    limit only when polling, not when in interrupt mode.  Otherwise, we may
    stop reading the FIFO midpacket and clear the event mask even though the
    FIFO still has data to read, which could stall receive when a large packet
    arrives.  Add a comment about races in the Altera FIFO interface: we may
    need to do a little more work to handle races than we are.

commit 20b39086cc612f8874dc9e6ef4c0c2eb777ba92a

    Use 'sizeof(data)' rather than '4' when checking an mbuf bound, as is the
    case for adjusting length/etc.

commit e18953174a265f40e9ba60d76af7d288927f5382

    Break out atse_intr() into two separate routines, one for each of the two
    interrupt sources: receive and transmit.

commit 6deedb43246ab3f9f597918361831fbab7fac4ce

    For the RX interrupt, take interest only in ALMOSTEMPTY and OVERFLOW.
    For the TX interrupt, take interest only in ALMOSTFULL and UNDERFLOW.

    Perform TX atse_start_locked() once rather than twice in TX interrupt
    handling -- and only if !FULL, rather than unconditionally.

commit 12601972ba08d4380201a74f5b967bdaeb23092c

    Experimentation suggests that the Altera Triple-Speed Ethernet documentation
    is incorrect and bits in the event and interrupt-enable registers are not
    irrationally rearranged relative to the status register.

commit 3cff2ffad769289fce3a728152e7be09405385d8

    Substantially rework interrupt handling in the atse(4) driver:

    - Introduce a new macro ATSE_TX_PENDING() which checks whether there is
      any pending data to transmit, either in an in-progress packet or in
      the TX queue.
    - Introduce new ATSE_RX_STATUS_READ() and ATSE_TX_STAUTS_WRITE() macros
      that query the FIFO status registers rather than event registers,
      offering level- rather than edge-triggered FIFO conditions.
    - For RX, interrupt only on full/overflow/underflow; for TX, interrupt
      only on empty/overflow/underflow.
    - Add new ATSE_RX_INTR_READ() and ATSE_RX_INTR_WRITE() macros useful for
      debugging interrupt behaviour.
    - Add a debug.atse_intr_debug_enable sysctl that causes various pieces
      of FIFO state to be printed out on each RX or TX interrupt.  This is
      disabled by default but good to turn on if the interface appears to
      wedge.  Also print debugging information when polling.
    - In the watchdog handler, do receive, not just transmit, processing, to
      ensure that the rx, not just tx, queue is being handled -- and, in
      particular, will be drained such that interrupts can resume.
    - Rework both atse_rx_intr() and atse_tx_intr() to eliminate many race
      conditions, and add comments on why various things are in various
      orders.  Interactions between modifications to the event and interrupt
      masks are quite subtle indeed, and we must actively check for a number
      of races (e.g., event mask cleared; packet arrives; interrupts enabled).
      We also now use the status registers rather than event registers for
      FIFO status checks to avoid other races; we continue to use event
      registers for underflow/overflow.

    With this change, interrupt-driven operation of atse appears (for the
    time being) robust.

commit 3393bbff5c68a4e61699f9b4a62af5d2a5f918f8

    atse: Fix build after 3cff2ffa

Obtained from:	cheribsd
Submitted by:	rwatson, emaste
Sponsored by:	DARPA/AFRL
MFC after:	3 days
2014-09-16 15:45:53 +00:00
Glen Barber
41ab81a556 Set a static revision of the Crochet checkout to avoid
surprise build failures.

MFC after:	3 days
X-10.1-MFC:	yes
X-MFC-With:	r271676, r271677
Sponsored by:	The FreeBSD Foundation
2014-09-16 15:35:13 +00:00
Glen Barber
094be940b6 Catch up with Crochet changes to fix the WANDBOARD-QUAD
build.

Tested on:	stable/10@r271618
MFC after:	3 days
X-10.1-MFC:	yes
X-MFC-With:	r271676
Sponsored by:	The FreeBSD Foundation
2014-09-16 15:31:50 +00:00
Glen Barber
98e600cc4a Catch up with Crochet changes to fix the BEAGLEBONE
build.

Tested on:	stable/10@r271618
MFC after:	3 days
X-10.1-MFC:	yes
Sponsored by:	The FreeBSD Foundation
2014-09-16 15:31:12 +00:00
Alan Somers
58a39d8c5b Fix source address selection on unbound sockets in the presence of multiple
fibs. Use the mbuf's or the socket's fib instead of RT_ALL_FIBS. Fixes PR
187553. Also fixes netperf's UDP_STREAM test on a nondefault fib.

sys/netinet/ip_output.c
	In ip_output, lookup the source address using the mbuf's fib instead
	of RT_ALL_FIBS.

sys/netinet/in_pcb.c
	in in_pcbladdr, lookup the source address using the socket's fib,
	because we don't seem to have the mbuf fib. They should be the same,
	though.

tests/sys/net/fibs_test.sh
	Clear the expected failure on udp_dontroute.

PR:		187553
CR:		https://reviews.freebsd.org/D772
MFC after:	3 weeks
Sponsored by:	Spectra Logic
2014-09-16 15:28:19 +00:00
Michael Tuexen
b60b0fe6fd Add a explict cast to silence a warning when building
the userland stack on Windows.
This issue was reported by Peter Kasting from Google.

MFC after: 3 days
2014-09-16 14:39:24 +00:00
Michael Tuexen
47b80412cd Use a consistent type for the number of HMAC algorithms.
This fixes a bug which resulted in a warning on the userland
stack, when compiled on Windows.
Thanks to Peter Kasting from Google for reporting the issue and
provinding a potential fix.

MFC after: 3 days
2014-09-16 14:20:33 +00:00
Michael Tuexen
667eb48763 Small cleanup which addresses a warning regaring the truncation
of a 64-bit entity to a 32-bit entity. This issue was reported by
Peter Kasting from Google.

MFC after: 3 days
2014-09-16 13:48:46 +00:00
Gleb Smirnoff
3220a2121c FreeBSD-SA-14:19.tcp raised attention to the state of our stack
towards blind SYN/RST spoofed attack.

Originally our stack used in-window checks for incoming SYN/RST
as proposed by RFC793. Later, circa 2003 the RST attack was
mitigated using the technique described in P. Watson
"Slipping in the window" paper [1].

After that, the checks were only relaxed for the sake of
compatibility with some buggy TCP stacks. First, r192912
introduced the vulnerability, just fixed by aforementioned SA.
Second, r167310 had slightly relaxed the default RST checks,
instead of utilizing net.inet.tcp.insecure_rst sysctl.

In 2010 a new technique for mitigation of these attacks was
proposed in RFC5961 [2]. The idea is to send a "challenge ACK"
packet to the peer, to verify that packet arrived isn't spoofed.
If peer receives challenge ACK it should regenerate its RST or
SYN with correct sequence number. This should not only protect
against attacks, but also improve communication with broken
stacks, so authors of reverted r167310 and r192912 won't be
disappointed.

[1] http://bandwidthco.com/whitepapers/netforensics/tcpip/TCP Reset Attacks.pdf
[2] http://www.rfc-editor.org/rfc/rfc5961.txt

Changes made:

o Revert r167310.
o Implement "challenge ACK" protection as specificed in RFC5961
  against RST attack. On by default.
  - Carefully preserve r138098, which handles empty window edge
    case, not described by the RFC.
  - Update net.inet.tcp.insecure_rst description.
o Implement "challenge ACK" protection as specificed in RFC5961
  against SYN attack. On by default.
  - Provide net.inet.tcp.insecure_syn sysctl, to turn off
    RFC5961 protection.

The changes were tested at Netflix. The tested box didn't show
any anomalies compared to control box, except slightly increased
number of TCP connection in LAST_ACK state.

Reviewed by:	rrs
Sponsored by:	Netflix
Sponsored by:	Nginx, Inc.
2014-09-16 11:07:25 +00:00
Michael Tuexen
8a0834ec28 Make a type conversion explicit. When compiling this code on
Windows as part of the SCTP userland stack, this fixes a
warning reported by Peter Kasting from Google.

MFC after: 3 days
2014-09-16 10:57:55 +00:00
Xin LI
831ad37ef2 Fix Denial of Service in TCP packet processing.
Submitted by:	glebius
Security:	FreeBSD-SA-14:19.tcp
2014-09-16 09:48:24 +00:00
Michael Tuexen
43f9f175c5 The MTU is handled as a 32-bit entity within the SCTP stack.
This was reported by Peter Kasting from Google.

MFC after: 3 days
2014-09-16 09:22:43 +00:00
Colin Percival
835c4dd436 Cache GELI passphrases entered at the console during the boot process,
in order to improve user-friendliness when a system has multiple disks
encrypted using the same passphrase.

When examining a new GELI provider, the most recently used passphrase
will be attempted before prompting for a passphrase; and whenever a
passphrase is entered, it is cached for later reference.  When the root
disk is mounted, the cached passphrase is zeroed (triggered by the
"mountroot" event), in order to minimize the possibility of leakage
of passphrases.  (After root is mounted, the "taste and prompt for
passphrases on the console" code path is disabled, so there is no
potential for a passphrase to be stored after the zeroing takes place.)

This behaviour can be disabled by setting kern.geom.eli.boot_passcache=0.

Reviewed by:	pjd, dteske, allanjude
MFC after:	7 days
2014-09-16 08:40:52 +00:00
Hiroki Sato
c2b6b3bea9 Fix a typo; master server for iprop service should be singular. 2014-09-16 05:45:38 +00:00
Adrian Chadd
f4659f4c27 Ensure the correct software IPv4 hash is done based on the configured
RSS parameters, rather than assuming we're hashing IPv4+UDP and IPv4+TCP.
2014-09-16 03:26:42 +00:00
Adrian Chadd
7f7528fc79 Modify cpuset_setithread() to take a CPU ID as an integer, not a char.
We're going to end up having > 254 CPUs at some point.
2014-09-16 01:21:47 +00:00
Enji Cooper
1481be66b5 Bump __FreeBSD_version for the change made in r271655
PR: 181155
Sponsored by: EMC / Isilon Storage Division
2014-09-16 00:59:56 +00:00
Enji Cooper
2bcdab32c3 Bump .Dd for the content change done to access(2) in r271655
PR: 181155
Sponsored by: EMC / Isilon Storage Division
2014-09-16 00:59:08 +00:00
Enji Cooper
257597a434 Validate the mode argument in access, eaccess, and faccessat for optional
POSIX compliance and to improve compatibility with Linux and NetBSD

The issue was identified with lib/libc/sys/t_access:access_inval from
NetBSD

Update the manpage accordingly

PR: 181155
Reviewed by: jilles (code), jmmv (code), wblock (manpage), wollman (code)
MFC after: 4 weeks
Phabric: D678 (code), D786 (manpage)
Sponsored by: EMC / Isilon Storage Division
2014-09-16 00:56:47 +00:00
Steve Kargl
f7efd14df1 * Makefile:
. Hook e_lgammal[_r].c to the build.
  . Create man page links for lgammal[-r].3.

* Symbol.map:
  . Sort lgammal to its rightful place.
  . Add FBSD_1.4 section for the new lgamal_r symbol.

* ld128/e_lgammal_r.c:
  . 128-bit implementataion of lgammal_r().

* ld80/e_lgammal_r.c:
  . Intel 80-bit format implementation of lgammal_r().

* src/e_lgamma.c:
  . Expose lgammal as a weak reference to lgamma for platforms
    where long double is mapped to double.

* src/e_lgamma_r.c:
  . Use integer literal constants instead of real literal constants.
    Let compiler(s) do the job of conversion to the appropriate type.
  . Expose lgammal_r as a weak reference to lgamma_r for platforms
    where long double is mapped to double.

* src/e_lgammaf_r.c:
  . Fixed the Cygnus Support conversion of e_lgamma_r.c to float.
    This includes the generation of new polynomial and rational
    approximations with fewer terms.  For each approximation, include
    a comment on an estimate of the accuracy over the relevant domain.
  . Use integer literal constants instead of real literal constants.
    Let compiler(s) do the job of conversion to the appropriate type.
    This allows the removal of several explicit casts of double values
    to float.

* src/e_lgammal.c:
  . Wrapper for lgammal() about lgammal_r().

* src/imprecise.c:
  . Remove the lgamma.

* src/math.h:
  . Add a prototype for lgammal_r().

* man/lgamma.3:
  . Document the new functions.

Reviewed by:	bde
2014-09-15 23:21:57 +00:00
John-Mark Gurney
e2cc4003e2 document mqueuefs is required for mq_open... 2014-09-15 22:32:35 +00:00
Adrian Chadd
9e2eaa64d7 Disable flow-director support until it's been debugged and verified.
The flowdirector feature shares on-chip memory with other things
such as the RX buffers.  In theory it should be configured in a way
that doesn't interfere with the rest of operation.  In practice,
the RX buffer calculation didn't take the flow-director allocation
into account and there'd be overlap.  This lead to various garbage
frames being received containing what looks like internal NIC state.

What _I_ saw was traffic ending up in the wrong RX queues.
If I was doing a UDP traffic test with only one NIC ring receiving
traffic, everything is fine.  If I fired up a second UDP stream
which came in on another ring, there'd be a few percent of traffic
from both rings ending up in the wrong ring.  Ie, the RSS hash would
indicate it was supposed to come in ring X, but it'd come in ring Y.

However, when the allocation was fixed up, the developers at Verisign
still saw traffic stalls.

The flowdirector feature ends up fiddling with the NIC to do various
attempts at load balancing connections by populating flow table rules
based on sampled traffic.  It's likely that all of that has to be
carefully reviewed and made less "magic".

So for now the flow director feature is disabled (which fixes both
what I was seeing and what they were seeing) until it's all much
more debugged and verified.

Tested:

* (me) 82599EB 2x10G NIC, RSS UDP testing.
* (verisign) not sure on the NIC (but likely 82599), 100k-200k/sec TCP
  transaction tests.

Submitted by:	Marc De La Gueronniere <mdelagueronniere@verisign.com>
MFC after:	1 week
Sponsored by:	Verisign, Inc.
2014-09-15 21:09:19 +00:00
Adrian Chadd
e45d876dd7 The error bits are not valid with EOP=0; so intermediary fragments should
not be discarded.

Submitted by:	Marc De La Gueronniere <mdelagueronniere@verisign.com>
MFC after:	1 week
Sponsored by:	Verisign, Inc.
2014-09-15 20:54:12 +00:00
Adrian Chadd
5894690d0d Fix a double-free of mbufs in rx_ixgbe_discard().
fmp->buf at the free point is already part of the chain being freed,
so double-freeing is counter-productive.

Submitted by:	Marc De La Gueronniere <mdelagueronniere@verisign.com>
MFC after:	1 week
Sponsored by:	Verisign, Inc.
2014-09-15 20:50:26 +00:00
Adrian Chadd
1c2427605c Set DROP_EN on each RX queue if transmit flow-control is disabled.
This allows the NIC to drop frames on the receive queue and not
cause the MAC to block on receiving to _any_ queue.

Tested:

igb0@pci0:5:0:0:        class=0x020000 card=0x152115d9 chip=0x15218086 rev=0x01 hdr=0x00
    vendor     = 'Intel Corporation'
    device     = 'I350 Gigabit Network Connection'
    class      = network
    subclass   = ethernet

Discussed with: Eric Joyner <eric.joyner@intel.com>

MFC after:	1 week
Sponsored by:	Norse Corp, Inc.
2014-09-15 19:53:49 +00:00
Alexander Motin
cc47e5ee4f Add quirks to disable READ CAPACITY (16) for PNY USB 3.0 Flash Drives.
Submitted by:	Sean Fagan <sef@ixsystems.com>
MFC after:	3 days
2014-09-15 19:48:27 +00:00
Michael Tuexen
aa7e5af86f Chunk IDs are 8 bit entities, not 16 bit.
Thanks to Peter Kasting from Google for drawing
my attention to it.

MFC after: 3 days
2014-09-15 19:38:34 +00:00
John Baldwin
5fd3f8b3b6 Add stricter checking of some mmap() arguments:
- Fail with EINVAL if an invalid protection mask is passed to mmap().
- Fail with EINVAL if an unknown flag is passed to mmap().
- Fail with EINVAL if both MAP_PRIVATE and MAP_SHARED are passed to mmap().
- Require one of either MAP_PRIVATE or MAP_SHARED for non-anonymous
  mappings.

Reviewed by:	alc, kib
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D698
2014-09-15 17:20:13 +00:00
Alan Cox
a7fecb4d3a Three improvements to vnode_pager_generic_getpages():
Eliminate an exclusive object lock acquisition and release on the expected
execution path.

Do page zeroing before the object lock is acquired rather than during the
time that the object lock is held.

Use vm_pager_free_nonreq() to eliminate duplicated code.

Reviewed by:	kib
MFC after:	6 weeks
Sponsored by:	EMC / Isilon Storage Division
2014-09-15 17:14:09 +00:00
Gleb Smirnoff
be58a555d2 Remove redundant declaration. vnode.h should be included before vnode_pager.h. 2014-09-15 15:49:29 +00:00
Ian Lepore
7cb146ae26 The private peripheral interrupts start at offset 16, not 0. Also, use
names rather than inline mystery constants for these offsets.

Pointed out by:	andrew
2014-09-15 15:36:00 +00:00
Roger Pau Monné
9c7116e195 xen: don't set suspend/resume methods for the PIRQ PIC
The suspend/resume of event channels is already handled by the xen_intr_pic.
If those methods are set on the PIRQ PIC they are just called twice, which
breaks proper resume. This fix restores migration of FreeBSD guests to a
working state.

Sponsored by: Citrix Systems R&D
2014-09-15 15:15:52 +00:00
Hiroki Sato
9bc11d7bd7 Use generic SYSCTL_* macro instead of deprecated SYSCTL_VNET_*.
Suggested by:	glebius
2014-09-15 14:43:58 +00:00
Dag-Erling Smørgrav
d64f404488 Upgrade to OpenPAM Ourouparia. 2014-09-15 13:40:09 +00:00
Konstantin Belousov
d15b55c554 Provide the unique implementation for the VOP_GETPAGES() method used
by ffs and ext2fs.  Remove duplicated call to vm_page_zero_invalid(),
done by VOP and by vm_pager_getpages().  Use vm_pager_free_nonreq().

Reviewed by:	alc (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	6 weeks (after r271596)
2014-09-15 12:28:29 +00:00
Dag-Erling Smørgrav
4c1d902bb2 r271256 fixed one segfault condition but introduced another due to the
wrong operator being used in the tty check.

Reported by:	avg@
MFH:		3 days
2014-09-15 11:32:08 +00:00
Alexander Motin
7965496958 Add comments describing r271604 change.
MFC after:	3 days
2014-09-15 11:17:36 +00:00
Gleb Smirnoff
56538e4af9 Add a brief description of CTLFLAG_VNET flag. Since the VIMAGE is
absolutely not documented, I see no reason in long descriptions
here.
2014-09-15 11:14:23 +00:00