Commit Graph

193350 Commits

Author SHA1 Message Date
glebius
7ebbaecc5c Make a bump for r255426.
Approved by:	re (gjb)
2013-09-10 10:38:15 +00:00
des
21e6fd796b Fix the length calculation for the final block of a sendfile(2)
transmission which could be tricked into rounding up to the nearest
page size, leaking up to a page of kernel memory.  [13:11]

In IPv6 and NetATM, stop SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR
and SIOCSIFNETMASK at the socket layer rather than pass them on to the
link layer without validation or credential checks.  [SA-13:12]

Prevent cross-mount hardlinks between different nullfs mounts of the
same underlying filesystem.  [SA-13:13]

Security:	CVE-2013-5666
Security:	FreeBSD-SA-13:11.sendfile
Security:	CVE-2013-5691
Security:	FreeBSD-SA-13:12.ifioctl
Security:	CVE-2013-5710
Security:	FreeBSD-SA-13:13.nullfs
Approved by:	re
2013-09-10 10:05:59 +00:00
obrien
96543c86c6 Only use a clang'ism if ${CC} is clang.
Reviewed by:	sjg
Approved by:	re (kib)
2013-09-10 05:49:31 +00:00
kib
d2c56781f0 Call free() on the pointer returned from malloc().
Reported and tested by:	Oliver Pinter <oliver.pntr@gmail.com>
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Approved by:	re (delphij)
2013-09-10 05:17:53 +00:00
grehan
3d2b366a36 Go way past 11 and bump bhyve's max vCPUs to 16.
This should be sufficient for 10.0 and will do
until forthcoming work to avoid limitations
in this area is complete.

Thanks to Bela Lubkin at tidalscale for the
headsup on the apic/cpu id/io apic ASL parameters
that are actually hex values and broke when
written as decimal when 11 vCPUs were configured.

Approved by:	re@
2013-09-10 03:48:18 +00:00
delphij
a23043347c MFV r247844 (illumos-gate 13975:ef6409bc370f)
Illumos ZFS issues:
  3582 zfs_delay() should support a variable resolution
  3584 DTrace sdt probes for ZFS txg states

Provide a compatibility shim for Solaris's cv_timedwait_hires
to help aid future porting.

Approved by:	re (ZFS blanket)
2013-09-10 01:46:47 +00:00
tuexen
545d815a3b Fix the aborting of association with the iterator using an empty
user initiated error cause (using SCTP_ABORT|SCTP_SENDALL).

Approved by: re (delphij)
MFC after: 1 week
2013-09-09 21:40:07 +00:00
des
980d9d1fc0 Emit the correct standard library dependency line for C++ programs. In
the CLANG_IS_CC case, the default is now libc++.  Only use libstdc++ if
!CLANG_IS_CC or it was explicitly requested in CXXFLAGS.

Submitted by:	theraven
Approved by:	re (gjb)
2013-09-09 21:18:16 +00:00
delphij
504259487c Pass -n (do not emit comments) when saving mtree information for future
mergemaster(8) runs.

MFC after:	3 days
Approved by:	re (kib)
2013-09-09 20:36:28 +00:00
jhb
04bb6e10cd Add a mmap flag (MAP_32BIT) on 64-bit platforms to request that a mapping use
an address in the first 2GB of the process's address space.  This flag should
have the same semantics as the same flag on Linux.

To facilitate this, add a new parameter to vm_map_find() that specifies an
optional maximum virtual address.  While here, fix several callers of
vm_map_find() to use a VMFS_* constant for the findspace argument instead of
TRUE and FALSE.

Reviewed by:	alc
Approved by:	re (kib)
2013-09-09 18:11:59 +00:00
des
2a48fed0b3 The correct variable is apparently MACHINE_ARCH, not TARGET_ARCH.
Approved by:	re (blanket)
2013-09-09 17:38:02 +00:00
nwhitehorn
46d2ccf617 Make the primary name of the OF console device /dev/ofwcons, and only
alias it to the contents of the output property if it is defined. This
avoids a panic when booting machines (QEMU) where the output-device
property is not defined.

Since output-device is free-form and potentially conflicts with other
entries in /dev, I also am not sure we should be doing the aliasing at
all, but this at least makes things work again.

Approved by:	re (kib)
2013-09-09 16:51:35 +00:00
des
ad118345b8 These three files appeared in 6.0p1, which was imported into the vendor
branch but never merged to head.  They were inadvertantly left out when
6.1p1 was merged to head.  It didn't make any difference at the time,
because they were unused, but one of them is required for DNS-based host
key verification.

Approved by:	re (blanket)
2013-09-09 13:56:58 +00:00
nwhitehorn
6fa69bbb0b Revert r255420. This seems to break some Powermac systems and will be
revisited much later.

Pointy hat to:		me
Approved by:		re (kib, implicit due to breakage 10 minutes ago)
2013-09-09 13:40:53 +00:00
nwhitehorn
62b453e543 Attach only on hardware that is actually supported as opposed to hardware
that seems like it has some of the problems we might want.

Approved by:	re (kib)
2013-09-09 12:54:08 +00:00
nwhitehorn
b2fa807b0e Raise artificial limits on number of CPUs and number of interrupts.
Approved by:	re (kib)
2013-09-09 12:52:34 +00:00
nwhitehorn
d54687609c Add POWER CPUs to the kernel's knowledge. This does not imply we currently
actually run on any machines with POWER CPUs but avoids closing that door
unnecessarily.

Approved by:	re (kib)
2013-09-09 12:51:24 +00:00
nwhitehorn
40b0e2de83 Add hook called when every new processor is brought online -- including the
BSP -- so that platform modules have a chance to add the new CPU to any
internal bookkeeping.

Approved by:	re (kib)
2013-09-09 12:49:19 +00:00
nwhitehorn
9c7a32d399 Use a spin lock instead of a mutex to gate RTAS. This is required if RTAS
calls are involved in interrupt handling.

Approved by:	re (kib)
2013-09-09 12:45:41 +00:00
nwhitehorn
edb58d082b Use the canonical bits for wired, etc. in the PTE. This is important for
interactions with certain kinds of hypervisors that look into the PTEs
more closely than they should.

Approved by:	re (kib)
2013-09-09 12:44:48 +00:00
des
ea72ce4e68 Remove unneeded mappings from libmap32.conf. Move it up one level and
install it on powerpc64 in addition to amd64.

Reviewed by:	kib
Approved by:	re (blanket)
2013-09-09 06:02:30 +00:00
delphij
7917506a10 In r243868, the error message buffer errmsg have been changed from
an on-stack array to a pointer and therefore sizeof(errmsg) would
become 4 or 8 bytes depending on the architecture.

Fix this by using ERRMSGL in place of sizeof().

Submitted by:	J David <j.david.lists@gmail.com>
MFC after:	3 days
Approved by:	re (kib)
2013-09-09 05:01:18 +00:00
np
a9b6160aa1 Rework the tx credit mechanism between the cxgbe/tom driver
and the card.  This helps smooth out some burstiness in the
exchange.

Approved by:	re (glebius)
2013-09-09 04:38:57 +00:00
np
279a0ac6ad Fix a miscalculation that caused cxgbe/tom to auto-increment
a TOE socket's tx buffer size too aggressively.

Approved by:	re (delphij)
2013-09-09 00:16:59 +00:00
alc
4aecbb077c Prior to r254304, we only began scanning the active page queue when the
amount of free memory was close to the point at which we would begin
reclaiming pages.  Now, we continuously scan the active page queue,
regardless of the amount of free memory.  Consequently, we are continuously
calling pmap_ts_referenced() on active pages.

Prior to this change, pmap_ts_referenced() would always demote superpage
mappings in order to obtain finer-grained reference information.  This made
sense because we were coming under memory pressure and would soon have to
begin reclaiming pages.  Now, however, with continuous scanning of the
active page queue, these demotions are taking a toll on performance.  For
example, on one of my test machines, the running time for the HPCC Random
Access benchmark (also known as GUPS) has increased by 54%.  To address this
problem, I have replaced the demotion with a heuristic for periodically
clearing the reference flag on superpage mappings.

Reviewed by:	kib
Approved by:	re (glebius)
Sponsored by:	EMC / Isilon Storage Division
2013-09-08 21:30:53 +00:00
des
1120f28cb0 Hook host(1) up to the build in the LDNS case.
Approved by:	re (blanket)
2013-09-08 20:48:23 +00:00
des
ff13bc56dc Import Magerya Vitaly's ldns-host, and build it instead of the BIND version
in the WITH_LDNS_UTILS case.

Approved by:	re (blanket)
2013-09-08 19:40:32 +00:00
des
2b94dc11fa LDNS needs OpenSSL. This wasn't a problem as long as it was only build
statically, since any program using it would have to link with it anyway.

Approved by:	re (blanket)
2013-09-08 19:39:18 +00:00
bryanv
0e83a1de93 Use correct type for the vmx vlan filter table
Approved by:	re (glebius, gjb)
2013-09-08 19:13:06 +00:00
trociny
4233132eb4 Relese the interface in the last.
Reviewed by:	glebius
Approved by:	re (kib)
2013-09-08 18:19:40 +00:00
kib
56cc686058 Drain for the xbusy state for two places which potentially do
pmap_remove_all(). Not doing the drain allows the pmap_enter() to
proceed in parallel, making the pmap_remove_all() effects void.

The race results in an invalidated page mapped wired by usermode.

Reported and tested by:	pho
Reviewed by:	alc
Sponsored by:	The FreeBSD Foundation
Approved by:	re (glebius)
2013-09-08 17:51:22 +00:00
des
a496157a2f MFV (r255387): undo autoprop damage
Approved by:	re (glebius)
2013-09-08 16:56:17 +00:00
markm
bddee8bde8 Fix verbose output line; needs <NL>
Submitted by:	Sean Bruno <sean_bruno@yahoo.com>
Approved by:	re (glebius)
2013-09-08 16:48:03 +00:00
des
aba57138f9 Make libldns and libssh private.
Approved by:	re (blanket)
2013-09-08 10:04:26 +00:00
des
89699e113f Add a stock libmap32.conf for amd64. The first two lines have no effect
except to document the hardcoded standard library search path for 32-bit
binaries.  The third line performs the equivalent substitution for the
private library directory.

Ironically, these entries rely on functionality which is only available
in the COMPAT_32BIT version of rtld-elf.

Approved by:	re (blanket)
2013-09-08 09:46:22 +00:00
des
fcb1c0aa6d Create a private library directory (LIBPRIVATEDIR) for libraries which
we don't want to expose but which can't or shouldn't be static.

To mark a library as private, define PRIVATELIB in its Makefile.  It
will be installed in LIBPRIVATEDIR, which is normally /usr/lib/private
(or /usr/lib32/private for 32-bit libraries on 64-bit platforms).

To indicate that a program or library depends on a private library,
define USEPRIVATELIB in its Makefile.  The correct version of
LIBPRIVATEDIR will be added to its run-time library search path.

Approved by:	re (blanket)
2013-09-08 09:40:23 +00:00
markm
b136eed630 Fix the build; Certain linkable symbols need to always be present.
Pass the pointy hat please.

Also unblock the software (Yarrow) generator for now. This will be
reverted; Yarrow needs to block until secure, not this behaviour
of serving as soon as asked.

Folks with specific requiremnts will be able to (can!) unblock this
device with any write, and are encouraged to do so in /etc/rc.d/*
scripting. ("Any" in this case could be "echo '' > /dev/random" as
root).
2013-09-07 22:07:36 +00:00
nwhitehorn
27e62f99b3 Fix error in r252115: space for the softc needs to be allocated. This
seemed to be working by chance on most systems.
2013-09-07 20:52:31 +00:00
des
7fcc90cb2e Tweak wording. 2013-09-07 20:25:22 +00:00
des
6a7561b73b Update to OpenPAM Nummularia. 2013-09-07 19:43:39 +00:00
pjd
f16777c9dc Sort properly. 2013-09-07 19:16:02 +00:00
antoine
3468524333 Adjust optional obsolete files with new MK_GNUCXX 2013-09-07 19:04:28 +00:00
pjd
e781fc782f Fix panic in cap_rights_is_valid() when invalid rights are provided -
the right_to_index() function should assert correctness in this case.

Improve other assertions.

Reported by:	pho
Tested by:	pho
2013-09-07 19:03:16 +00:00
des
628e6f8bef This was a good idea that never went anywhere. 2013-09-07 18:55:52 +00:00
loos
b8f3cdb508 Export a function to allow BCM2835's peripheral devices to enable their
altenate pin function (from GPIO pins) as needed.

Approved by:	adrian (mentor)
2013-09-07 18:48:15 +00:00
des
e50a38ba7d MFV (r255364): move the code around in preparation for Nummularia. 2013-09-07 18:46:35 +00:00
jchandra
0c58b324e7 Netlogic XLP network driver update
Changes are to
- update board and network interface detection logic
- fix reading onboard CPLD in little-endian config
- print NAE frequency conrrectly for Bx chips
- update XAUI config to disable Rx/Tx until interface is up

Submitted by:	Venkatesh J V <venkatesh.vivekanandan@broadcom.com>
2013-09-07 18:26:16 +00:00
jchandra
7618cc8395 Use a better version of memcpy/bcopy for mips kernel.
Use a variant of mips libc memcpy for kernel. This implementation uses
64-bit operations when compiled for 64-bit, and is significantly faster
in that case.

Submitted by:	Tanmay Jagdale <tanmayj@broadcom.com>
2013-09-07 16:31:30 +00:00
des
338d7c2adb Vendor import of OpenPAM Nummularia.. 2013-09-07 16:15:30 +00:00
des
e86dd36ab2 Prepare for OpenPAM Nummularia by reorganizing to match its new directory
structure.
2013-09-07 16:10:15 +00:00