167466 Commits

Author SHA1 Message Date
pjd
891c7fcf8c - Split code shared by almost any boot loader into separate files and
clean up most layering violations:

	sys/boot/i386/common/rbx.h:

		RBX_* defines
		OPT_SET()
		OPT_CHECK()

	sys/boot/common/util.[ch]:

		memcpy()
		memset()
		memcmp()
		bcpy()
		bzero()
		bcmp()
		strcmp()
		strncmp() [new]
		strcpy()
		strcat()
		strchr()
		strlen()
		printf()

	sys/boot/i386/common/cons.[ch]:

		ioctrl
		putc()
		xputc()
		putchar()
		getc()
		xgetc()
		keyhit() [now takes number of seconds as an argument]
		getstr()

	sys/boot/i386/common/drv.[ch]:

		struct dsk
		drvread()
		drvwrite() [new]
		drvsize() [new]

	sys/boot/common/crc32.[ch] [new]

	sys/boot/common/gpt.[ch] [new]

- Teach gptboot and gptzfsboot about new files. I haven't touched the
  rest, but there is still a lot of code duplication to be removed.

- Implement full GPT support. Currently we just read primary header and
  partition table and don't care about checksums, etc. After this change we
  verify checksums of primary header and primary partition table and if
  there is a problem we fall back to backup header and backup partition
  table.

- Clean up most messages to use prefix of boot program, so in case of an
  error we know where the error comes from, eg.:

	gptboot: unable to read primary GPT header

- If we can't boot, print boot prompt only once and not every five
  seconds.

- Honour newly added GPT attributes:

	bootme - this is bootable partition
	bootonce - try to boot from this partition only once
	bootfailed - we failed to boot from this partition

- Change boot order of gptboot to the following:

	1. Try to boot from all the partitions that have both 'bootme'
	   and 'bootonce' attributes one by one.
	2. Try to boot from all the partitions that have only 'bootme'
	   attribute one by one.
	3. If there are no partitions with 'bootme' attribute, boot from
	   the first UFS partition.

- The 'bootonce' functionality is implemented in the following way:

	1. Walk through all the partitions and when 'bootonce'
	   attribute is found without 'bootme' attribute, remove
	   'bootonce' attribute and set 'bootfailed' attribute.
	   'bootonce' attribute alone means that we tried to boot from
	   this partition, but boot failed after leaving gptboot and
	   machine was restarted.
	2. Find partition with both 'bootme' and 'bootonce' attributes.
	3. Remove 'bootme' attribute.
	4. Try to execute /boot/loader or /boot/kernel/kernel from that
	   partition. If succeeded we stop here.
	5. If execution failed, remove 'bootonce' and set 'bootfailed'.
	6. Go to 2.

   If whole boot succeeded there is new /etc/rc.d/gptboot script coming
   that will log all partitions that we failed to boot from (the ones with
   'bootfailed' attribute) and will remove this attribute. It will also
   find partition with 'bootonce' attribute - this is the partition we
   booted from successfully. The script will log success and remove the
   attribute.

   All the GPT updates we do here goes to both primary and backup GPT if
   they are valid. We don't touch headers or partition tables when
   checksum doesn't match.

Reviewed by:	arch (Message-ID: <20100917234542.GE1902@garage.freebsd.pl>)
Obtained from:	Wheel Systems Sp. z o.o. http://www.wheelsystems.com
MFC after:	2 weeks
2010-09-24 19:49:12 +00:00
pjd
39f36627d9 Allow to configure GPT attributes. It shouldn't be allowed to set bootfailed
attribute (it should be allowed only to unset it), but for test purposes it
might be useful, so the current code allows it.

Reviewed by:	arch@ (Message-ID: <20100917234542.GE1902@garage.freebsd.pl>)
MFC after:	2 weeks
2010-09-24 19:33:47 +00:00
pjd
4f5572a9be Add three GPT attributes:
GPT_ENT_ATTR_BOOTME - this is bootable partition

GPT_ENT_ATTR_BOOTONCE - try to boot only once from this partition

GPT_ENT_ATTR_BOOTFAILED - set this flag if we cannot boot from partition
	containing GPT_ENT_ATTR_BOOTONCE flag; note that if we cannot
	boot from partition that contains only GPT_ENT_ATTR_BOOTME flag,
	the GPT_ENT_ATTR_BOOTFAILED flag won't be set

According to wikipedia Microsoft TechNet says that attributes are divided into
two halves: the lower 4 bytes representing partition independent attributes,
and the upper 4 bytes are partition type dependent. Microsoft is already using
bits 60 (read-only), 62 (hidden) and 63 (do not automount) and I'd like to not
collide with those, so we are using bit 59 (bootme), 58 (bootonce) and 57
(bootfailed).

Reviewed by:	arch (Message-ID: <20100917234542.GE1902@garage.freebsd.pl>)
MFC after:	2 weeks
2010-09-24 19:31:08 +00:00
mckusick
95c69781b5 Reported problem:
Large (60GB) filesystems created using "newfs -U -O 1 -b 65536 -f 8192"
show incorrect results from "df" for free and used space when mounted
immediately after creation. fsck on the new filesystem (before ever
mounting it once) gives a "SUMMARY INFORMATION BAD" error in phase 5.

This error hasn't occurred in any runs of fsck immediately after
"newfs -U -b 65536 -f 8192" (leaving out the "-O 1" option).

Solution:
The default UFS1 superblock is located at offset 8K in the filesystem
partition; the default UFS2 superblock is located at offset 64K in
the filesystem partition. For UFS1 filesystems with a blocksize of
64K, the first alternate superblock resides at 64K which is the the
location used for the default UFS2 superblock. By default, the
system first checks for a valid superblock at the default location
for a UFS2 filoesystem. For a UFS1 filesystem with a blocksize of
64K, there is a valid UFS1 superblock at this location.  Thus, even
though it is expected to be a backup superblock, the system will
use it as its default superblock. So, we have to ensure that all the
statistcs on usage are correct in this first alternate superblock
as it is the superblock that will actually be used.

While tracking down this problem, another limitation of UFS1 became
evident. For UFS1, the number of inodes per cylinder group is stored
in an int16_t. Thus the maximum number of inodes per cylinder group
is limited to 2^15 - 1. This limit can easily be exceeded for block
sizes of 32K and above. Thus when building UFS1 filesystems, newfs
must limit the number of inodes per cylinder group to 2^15 - 1.

Reported by: Guy Helmer<ghelmer@palisadesys.com>
Followup by: Bruce Cran <brucec@freebsd.org>
PR:          107692
MFC after:   4 weeks
2010-09-24 19:08:56 +00:00
marius
76367218c7 Improve r56796; the reply handler actually may remove the request from
the chain in which case it shouldn't be removed twice.
Reported by:	Staale Kristoffersen

MFC after:	1 week
2010-09-24 16:40:46 +00:00
marius
aed96e11cd minor simplifications and cosmetics 2010-09-24 15:12:18 +00:00
attilio
278493a1a5 Make the RPC specific __rpc_inet_ntop() and __rpc_inet_pton() general
in the kernel (just as inet_ntoa() and inet_aton()) are and sync their
prototype accordingly with already mentioned functions.

Sponsored by:	Sandvine Incorporated
Reviewed by:	emaste, rstone
Approved by:	dfr
MFC after:	2 weeks
2010-09-24 15:01:45 +00:00
marius
59060ff14e Remove the duplicate logging of failed read requests, whose error message
also was inappropriate as it triggered for every EACCESS and ENOTFOUND, not
just the case the -n option is intended to deal with and thus really spammed
us with ~20 messages in the default configuration when booting a diskless
FreeBSD client, introduced with r207608 again.

MFC after:	1 week
2010-09-24 14:44:04 +00:00
attilio
d658ddc7c7 IP_BINDANY is not correctly handled in getsockopt() case.
Fix it by specifying the correct bits.

Sponsored by:	Sandvine Incorporated
Reviewed by:	bz, emaste, rstone
Obtained from:	Sandvine Incorporated
MFC after:	10 days
2010-09-24 14:38:54 +00:00
davidxu
b0052272aa inline testcancel() into thr_cancel_leave(), because cancel_pending is
almost false, this makes a slight better branch predicting.
2010-09-24 13:01:01 +00:00
marius
b33b39bf8f Make WARNS=6 clean.
MFC after:	1 week
2010-09-24 10:40:17 +00:00
davidxu
b9eeaa21c2 Now userland POSIX semaphore is based on umtx. The kernel module
is only used to support binary compatible, if want to run old
binary, you need to kldload the module.
2010-09-24 09:04:16 +00:00
ae
0bc1967ac3 Implement "force" (-F) option for gpart destroy verb.
This option doesn't passed to kernel and handled in user-space.
With -F option gpart creates new "delete" request for each
partition in table. Each request has flags="X" that disables
auto-commit feature. Last request is the original "destroy" request.
It has own flags and can have disabled or enabled auto-commit feature.
If error is occurred when deleting partitions, then new "undo" request
is created and all changes will be rolled back.

Approved by:	kib (mentor)
2010-09-24 08:40:43 +00:00
davidxu
722a516400 In most cases, cancel_point and cancel_async needn't be checked again,
because cancellation is almostly checked at cancellation points.
2010-09-24 07:52:07 +00:00
mav
cc9d3a376d Add missing le32toh(), same as recently done in ata-siliconimage.c. 2010-09-24 07:14:14 +00:00
gonzo
dfad414711 - Do not place variables to memory allocated by busdma. pre/post ops
might invalidate cache and hence effectively void validity of values
2010-09-24 04:46:46 +00:00
jmallett
f02504db48 o) Add bus_teardown_intr for pci and ciu. This allows the Promise SATA
driver to try to switch interrupt handlers at setup.  It's not a very
   good implementation of bus_teardown_intr, though.
o) Set cache line size and latency timers for PCI devices per Linux.
2010-09-24 02:41:52 +00:00
jmallett
70ec356a97 Flesh out PCI bus support some:
o) Reset and configure the bus from scratch rather than expecting U-Boot to
   do it for us.  Values and configuration from Linux, U-Boot and comments
   in the Cavium Simple Executive sources.
o) Do a resource assignment and bus numbering pass in the absence of a PCI
   BIOS or firmware that will do it for us.
   XXX This has to be the third or fourth instance of this in FreeBSD and
       it would be nice to have it become part of the PCI bus driver itself,
       like it is on Linux.
o) Fix interrupt mapping for and adjust bus configuration for the Lanner
   MR-955, based on information provided by Lanner.
2010-09-24 00:14:24 +00:00
yongari
027f54c8d5 Always show asic/chip revision in device attach phase. There are
too many bge(4) controllers there and model name does not
necessarily match asic/chip revision. Relying on VPD string made
it hard to identify exact asic/chip revision so the first step to
debug bge(4) was getting exact asic/chip information with verbose
boot which may not be available on production server.
2010-09-23 18:55:54 +00:00
emaste
55227154b6 Remove unnecessary weak reference that was apparently copied from the
version of this function in lib/libc/inet/inet_pton.c

MFC after:     1 week
2010-09-23 17:47:46 +00:00
imp
546a45b306 Clean up stray line in 213077 2010-09-23 17:29:59 +00:00
imp
059b35ce72 Simplify how we find the kernel source. Rather than depending on sys,
or some variation in the path, the new version assumes that $0 is
newvers.sh path, and that dirname $0/.. is the same as $S aka $SYSDIR.
It also removes knowledge of ${MACHINE} and ${MACHINE_ARCH}, which is
also good.

# I've had this in my tree for about 6 months now, which is why I
# didn't notice that I broke it in r209510 and that was fixed in
# r212954.  This should finally resolve the issues people had with
# r204824 as well as address the issues that motivated r204824.
2010-09-23 17:12:47 +00:00
marius
938d137047 Try to adhere to style.Makefile(5).
MFC after:	3 days
2010-09-23 14:06:15 +00:00
pjd
e2ef5877c7 - Simplify code by using g_*() API.
- Don't use u_char and u_int in userland.
- Change 'unsigned' to 'unsigned int'.
- Update copyright years.

MFC after:	1 week
2010-09-23 12:04:12 +00:00
pjd
fd5757cec0 Update copyright years.
MFC after:	1 week
2010-09-23 12:02:42 +00:00
pjd
3ff79b30f5 Update copyright years.
MFC after:	1 week
2010-09-23 12:02:08 +00:00
pjd
ebb6f1249d Document AES-XTS.
MFC after:	1 week
2010-09-23 12:00:40 +00:00
pjd
32404b1197 Add support for AES-XTS. This will be the default now.
MFC after:	1 week
2010-09-23 11:58:36 +00:00
pjd
419759c089 Add support for CRYPTO_AES_XTS.
MFC after:	1 week
2010-09-23 11:57:25 +00:00
pjd
aebc765efa Add support for AES-XTS.
Obtained from:	OpenBSD
MFC after:	1 week
2010-09-23 11:52:32 +00:00
pjd
ed0ad07f3d Implement switching of data encryption key every 2^20 blocks.
This ensures the same encryption key won't be used for more than
2^20 blocks (sectors). This will be the default now.

MFC after:	1 week
2010-09-23 11:49:47 +00:00
pjd
7c5b734f64 Add support for CRD_F_KEY_EXPLICIT flag.
MFC after:	1 week
2010-09-23 11:46:53 +00:00
pjd
65e42dc379 Remove redundant space.
MFC after:	1 week
2010-09-23 11:33:29 +00:00
pjd
4c64468739 Simplify code a bit.
MFC after:	1 week
2010-09-23 11:26:38 +00:00
pjd
8c781f88d0 Make the code similar to the code in g_eli_integrity.c.
MFC after:	1 week
2010-09-23 11:23:10 +00:00
pjd
72f4299778 Define default overwrite count, so that userland can use it.
MFC after:	1 week
2010-09-23 11:19:48 +00:00
gavin
35e304566d Various changes from various sources:
- Add "children" [1]
- Add "acknowledgement", "acknowledgment", "Austria" and "haunted" [2]
- Add "near", "antidisestablishmentarianism" and "Persephone" [2]
- "Transvaal" should be capitalized [2]
- Correct spelling of "structurelessness" and "Athena" [2]
- Add missing atomic elements [3]
- Add various words from "word of the day" lists [3]

PR:		conf/149756 [1]
Submitted by:	Nick Johnson <freebsd spatula.net> [1]
Obtained from:	NetBSD [2], OpenBSD [3]
MFC after:	1 week
2010-09-23 11:19:03 +00:00
pjd
248dc70769 - When trashing metadata, repeat overwrite kern.geom.eli.overwrites times.
- Flush write cache after each write.

MFC after:	1 week
2010-09-23 11:18:02 +00:00
pjd
263a3faf1d - Use g_*() API when doing backups.
- fsync() created filed.

MFC after:	1 week
2010-09-23 11:04:50 +00:00
pjd
c7c339d606 Because we first write metadata into new place and then trash old place we
don't want situation where old size is equal to new size, as we will trash
newly written metadata.

MFC after:	1 week
2010-09-23 10:58:13 +00:00
pjd
08e51b6267 - Make use of g_*() API.
- Flush cache after writing metadata.

MFC after:	1 week
2010-09-23 10:55:45 +00:00
pjd
1b2b33546a Simplify code a bit by using g_*() API from libgeom.
MFC after:	1 week
2010-09-23 10:50:17 +00:00
pjd
9a528e9595 When trashing metadata, flush after each write.
MFC after:	1 week
2010-09-23 10:43:37 +00:00
marius
f75a3878d8 Remove an explicit assignment of the CFLAGS variable intended for
debugging purposes only.

MFC after:	3 days
2010-09-23 10:03:03 +00:00
jchandra
119aa425ee Add MIPS platform, this will make bsdlabel(8) work on MIPS (when invoked
without a -m option. -m mips is still not supported)
2010-09-23 05:24:50 +00:00
jchandra
6845185dad Add missing byteswap, works on big endian systems now (tested on Netlogic
XLS MIPS processor).

Submitted by:	Sreekanth M. S. <kanthms at netlogicmicro dot com>
Reviewed by:	mav
2010-09-23 05:17:36 +00:00
delphij
2dd5415ff3 In the past gunzip(1) write()'s after each inflate return. This is
not optimal from a performance standpoint since the write buffer is
not necessarily be filled up when the inflate rountine reached the
end of input buffer and it's not the end of file.

This problem gets uncovered by trying to pipe gunzip -c output to
a GEOM device directly, which enforces the writes be multiple of
sector size.

Sponsored by:	iXsystems, Inc.
Reported by:	jpaetzel
MFC after:	2 weeks
2010-09-23 01:24:33 +00:00
emax
f029ecd9aa Add the following Linux BlueZ compatibility macros: htobs(), htobl(),
btohs() and btohl()

PR:		kern/136386
Submitted by:	Monty Hall < kungfu_disciple at sbcglobal dot net >
MFC after:	1 week
2010-09-22 23:41:02 +00:00
edwin
6c8e5704a5 And now the 2nd part of the patch: Also fix the year.
PR:		150504
Submitted by:	Douglas Berry <bitnix@bitnix.ca>
2010-09-22 21:14:18 +00:00
edwin
08a16b30f6 Fix location of the Battle of the Plains of Abraham
PR:		150504
Submitted by:	Douglas Berry <bitnix@bitnix.ca>
MFC after:	1 week
2010-09-22 21:10:45 +00:00