244275 Commits

Author SHA1 Message Date
kib
062875847d Optimize libc to get and set TLS using the RDFSBASE and RDGSBASE
instructions, if supported both by CPU and kernel.

Reviewed by:	jhb (previous version)
Tested by:	pho (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	3 weeks
Differential revision:	https://reviews.freebsd.org/D12023
2017-08-21 17:39:12 +00:00
kib
f495f3ebd8 Make WRFSBASE and WRGSBASE instructions functional.
Right now, we enable the CR4.FSGSBASE bit on CPUs which support the
facility (Ivy and later), to allow usermode to read fs and gs bases
without syscalls. This bit also controls the write access to bases
from userspace, but WRFSBASE and WRGSBASE instructions currently
cannot be used, because return path from both exceptions or interrupts
overrides bases with the values from pcb.

Supporting the instructions is useful because this means that usermode
can implement green-threads completely in userspace without issuing
syscalls to change all of the machine context.

Support is implemented by saving the fs base and user gs base when
PCB_FULL_IRET flag is set. The flag is set on the context switch,
which potentially causes clobber of the bases due to activation of
another context, and when explicit modification of the user context by
a syscall or exception handler is performed. In particular, the patch
moves setting of the flag before syscalls change context.

The changes to doreti_exit and PUSH_FRAME to clear PCB_FULL_IRET on
entry from userspace can be considered a bug fixes on its own.

Reviewed by:	jhb (previous version)
Tested by:	pho (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	3 weeks
Differential revision:	https://reviews.freebsd.org/D12023
2017-08-21 17:38:02 +00:00
kib
3149ed68c4 Avoid dereferencing potentially freed workitem in
softdep_count_dependencies().

Buffer's b_dep list is protected by the SU mount lock.  Owning the
buffer lock is not enough to guarantee the stability of the list.

Calculation of the UFS mount owning the workitems from the buffer must
be much more careful to not dereference the work item which might be
freed meantime.  To get to ump, use the pointers chain which does not
involve workitems at all.

Reported and tested by:	pho
Reviewed by:	mckusick
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2017-08-21 16:23:44 +00:00
kib
77de7ac78a Style.
Reviewed by:	mckusick
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2017-08-21 16:16:02 +00:00
gjb
df3c3797c8 Update the tests(7) manual page to note the test suite is installed
by default as of 11.0-RELEASE.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2017-08-21 14:14:13 +00:00
ae
77123cb065 Remove stale comments.
MFC after:	1 week
2017-08-21 13:54:29 +00:00
ae
232d4567b3 Fix the regression introduced in r275710.
When a security policy should match TCP connection with specific ports,
the SYN+ACK segment send by syncache_respond() is considered as forwarded
packet, because at this moment TCP connection does not have PCB structure,
and ip_output() is called without inpcb pointer. In this case SPIDX filled
for SP lookup will not contain TCP ports and security policy will not
be found. This can lead to unencrypted SYN+ACK on the wire.

This patch restores the old behavior, when ports will not be filled only
for forwarded packets.

Reported by:	Dewayne Geraghty <dewayne.geraghty at heuristicsystems.com.au>
MFC after:	1 week
2017-08-21 13:52:21 +00:00
cy
f896d4a323 Replace the include path using CURDIR with KRB5DIR. This is consistent
with the rest of the Makefiles in kerberos5/.

MFC after:	1 week
2017-08-21 12:42:05 +00:00
hselasky
925995d635 Fix for deadlock situation in the LinuxKPI's RCU synchronize API.
Deadlock condition:
The return value of TDQ_LOCKPTR(td) is the same for two threads.

1) The first thread signals a wakeup while keeping the rcu_read_lock().
This invokes sched_add() which in turn will try to lock TDQ_LOCK().

2) The second thread is calling synchronize_rcu() calling mi_switch() over
and over again trying to yield(). This prevents the first thread from running
and releasing the RCU reader lock.

Solution:
Release the thread lock while yielding to allow other threads to acquire the
lock pointed to by TDQ_LOCKPTR(td).

Found by:	KrishnamRaju ErapaRaju <Krishna2@chelsio.com>
MFC after:	1 week
Sponsored by:	Mellanox Technologies
2017-08-21 11:51:40 +00:00
dim
09ad5627dc Upgrade our copies of clang, llvm, lld and libc++ to r311219 from the
upstream release_50 branch.

MFC after:	2 months
X-MFC-with:	r321369
2017-08-21 07:03:02 +00:00
marius
c09174d995 Bring back the much more readable unified format for differences in
/etc/{group,master.passwd}. This was originally turned on for all of
/etc/{aliases,group,master.passwd} in r55196, but then backed out
only for the latter two in r56697, as the adaption of the sed(1)ing
done in r56308 was incorrect. This left us with inconsistent diff(1)
formats in the daily output of periodic(8) ever since, despite in
r56697 having been promised to be revisited. So properly adapt the
password hash filtering to the unified format and turn the later on
again for /etc/{group,master.passwd}, too.
2017-08-20 20:38:15 +00:00
kib
ebad4d0743 Simplify the code.
Noted by:	Oliver Pinter
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-08-20 11:18:16 +00:00
kib
8b66e16967 Do not drop NFS vnode lock when performing consistency checks.
Currently several paths in the NFS client upgrade the shared vnode
lock to exclusive, which might cause temporal dropping of the lock.
This action appears to be fatal for nullfs mounts over NFS. If the
operation is performed over nullfs vnode, then bypassed down to NFS
VOP, and the lock is dropped, other thread might reclaim the upper
nullfs vnode.  Since on reclaim the nullfs vnode lock and NFS vnode
lock are split, the original lock state of the nullfs vnode is not
restored.  As result, VFS operations receive not locked vnode after a
VOP call.

Stop upgrading the vnode lock when we check the consistency or flush
buffers as result of detected inconsistency.  Instead, allocate a new
lockmgr lock for each NFS node, which is locked exclusive instead of
the vnode lock upgrade.  In other words, the other parallel
modification of the vnode are excluded by either vnode lock conflict
or exclusivity of the new lock when the vnode lock is shared.

Also revert r316529 because now the vnode cannot be reclaimed during
ncl_vinvalbuf().

In collaboration with:	pho
Reviewed by:	rmacklem
Reported and tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D12083
2017-08-20 10:08:45 +00:00
kib
b8035d686e Allow vinvalbuf() to operate with the shared vnode lock.
This mode allows other clean buffers to arrive while we flush the buf
lists for the vnode, which is fine for the targeted use.  We only need
that all buffers existed at the time of the function start were
flushed.  In fact, only one assert has to be relaxed.

In collaboration with:	pho
Reviewed by:	rmacklem
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
X-Differential revision:	https://reviews.freebsd.org/D12083
2017-08-20 10:07:45 +00:00
kib
2dd98dac16 Simplify amd64 trap().
- Use more relevant name 'signo' instead of 'i' for the local variable
  which contains a signal number to send for the current exception.
- Eliminate two labels 'userout' and 'out' which point to the very end
  of the trap() function.  Instead use return directly.
- Re-indent the prot_fault_translation block by reducing if() nesting.
- Some more monor style changes.

Requested and reviewed by:	bde
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-08-20 09:52:25 +00:00
kib
42ae7ee929 Trim excessive 'extern' and remove unused declaration.
Reviewed by:	bde
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-08-20 09:42:09 +00:00
kib
9c588ebbf6 Use ANSI C declaration for trap_pfault(). Style.
Reviewed by:	bde
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-08-20 09:39:10 +00:00
markj
10d10d0edf Define prefetch() only if it hasn't already been defined.
MFC after:	1 week
2017-08-20 01:42:01 +00:00
markj
51503f03b1 Add a couple of trivial headers to the LinuxKPI.
MFC after:	1 week
2017-08-20 01:40:24 +00:00
cem
379d4cc48c hwpstate: Add support for family 17h pstate info from MSRs
This information is normally available via acpi_perf, but in case it is not,
add support for fetching the information via MSRs on AMD family 17h (Zen)
processors.  Zen uses a slightly different formula than previous generation
AMD CPUs.

This was inspired by, but does not fix, PR 221621.

Reported by:	Sean P. R. <seanpr AT swbell.net>
Reviewed by:	mjoras@
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D12082
2017-08-20 00:41:49 +00:00
bde
d61f277f2c Fix setting of defaults for the text cursor.
There was already a per-vty defaults field, but it was useless since it was
only initialized when propagating the global settings and thus no different
from the current global settings and not per-vty.  The global defaults field
was also invariant after boot time, but not quite so useless.

Fix this by adding a second selection bit the the control flags of the
relevant ioctl().  vidcontrol doesn't support this yet.  Setting either
default propagates the change to the current setting for the same level
and then to all lower levels.

Improve the 3-way escape sequence used by termcap to control the cursor.
The "normal" (ve) case has always used reset, so the user could set
it to anything, but since the reset is to a global value this is not
very useful, especially since the "very visible" (vs) case doesn't
reset but inconsistently forces to a blinking block.  Change vs to
first reset and then XOR the blinking bit so that it is predictably
different from ve.
2017-08-19 23:13:33 +00:00
bde
1eec2f6095 Rename curr_curs_attr to base_curr_attr. The actual current cursor
attribute field is curs_attr.  The base field holds user data translated
in a reversible way and is needed because current field holds this in
an irreversible way for efficiency.

Factor out some common code for the reversible translation.  This is
slightly simpler now, and much easier to expand.

Translate the magic flags value -1 to a single control flag internally
up front so other flags can be trusted later.  This can be used for the
relevant ioctl() too.

Remove CONS_CURSOR_FLAGS which contained all the control flags.  It was
unused and not useful.  After adding more flags, there will be tests on
a couple at a time but never on them all.  This API should have used this
to disallow unknown flags.
2017-08-19 21:40:42 +00:00
kib
03221989ce Use the known valid segment when accessing memory in #UD handler.
Make sure that %eflags.D flag is cleared for hook.
Improve comments.

When #UD dtrace code checks for a registered hook before checking that
the exception was raised from kernel mode, we might run with the user
%ds, trapping on access.  Exception entry from userspace automatically
load valid %ss, which we can use there instead.

Noted and reviewed by:	bde
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2017-08-19 21:00:02 +00:00
bde
fce552fb16 Use better hard-coded defaults for the cursor shape, and remove nearby
redundant initializations.

Hard-code base = 0, height = (approx. 1/8 of the boot-time font height)
in all cases, and remove the BIOS/MD support for setting these values.
This asks for an underline cursor sized for the boot-time font instead
of various less hard-coded but worse values.  I used that think that
the x86 BIOS always gave the same values as the above hard-coding, but
on 1 of my systems it gives the wrong value of base = 1.

The remaining BIOS fields are shift_state and bell_pitch.  These are now
consistently not explicitly reinitialized to 0.  All sc_get_bios_value()
functions except x86's are now empty, and the only useful thing that x86
returns is shift_state.  This really belongs in atkbdc, but heavier
use of the BIOS to read the more useful typematic rate has been removed
there.  fb still makes much heavier use of the BIOS.
2017-08-19 19:33:16 +00:00
andrew
822360eddd Remove redundant declarations. Newer gcc has a warning for these so will
fail when building with -Werror.

Sponsored by:	DARPA, AFRL
2017-08-19 17:18:27 +00:00
andrew
08f348902e Use armv8-a in -march, it is accepted by both clang and gcc.
Sponsored by:	DARPA, AFRL
2017-08-19 17:15:40 +00:00
wulf
4fb9fa1d37 Add support for generic MS Windows 7/8/10-compatible USB HID touchscreens
found in many laptops.

Reviewed by:		hps, gonzo, bcr (manpages)
Approved by:		gonzo (mentor)
Differential Revision:	https://reviews.freebsd.org/D12017
2017-08-19 17:00:10 +00:00
manu
814b1e36e8 RPI DTS: Add value previously set by VideoCore and DTB links
Using latest U-Boot for RPI 1 or 2 the DTB loaded by the firmware is discarded.
The DTB was previously patched by the firmware to contain the DMA channel mask.
DTB provided by the rpi firmware or DTS in the Linux tree contain the raw value
directly. Do the same for our DTS as we cannot switch to the upstream ones yet.
Not having the DMA channel mask setup properly cause mmc not to be detected
(and probably other problems on driver using DMA).

Also, add links for rpi dtb to the name used by u-boot. This way the dtb can be
loaded by ubldr using the U-Boot env variable fdtfile.

Tested On: RPI B Rev2, RPI Zero, RPI 2 v1.1 RPI 2 v1.2

Thanks to Sylvain Garrigues <sylvain@sylvaingarrigues.com> for the help.

PR:		218344
2017-08-19 14:27:11 +00:00
bde
fc1337bf84 Reduce complexity and backwards compatibilty a little by removing new aliases
and repurposing "blink".  Improve accuracy of documentation of historical
mistakes and other bugs.

"blink" now means "set the blink attribute for the target(s)" instead of
"set the blink attribute and clear other attributes [and control flags]".
It was even more confusing to use "blinking" for the single attribute to
keep the old meaning for "blink".

"destructive" is not as historically broken or gone as the previous version
said.

The bugs involving resetting from defaults are now understood and partly
documented (the defaults are mis-initialized).
2017-08-19 12:14:46 +00:00
emaste
b623f058d5 sys/modules: don't build qlxgbe if the user objects to sourceless ucode
PR:		204749
Submitted by:	Fabian Keil
Obtained from:	ElectroBSD
MFC after:	1 week
2017-08-19 01:12:05 +00:00
emaste
d83f9c37c8 ena.4: fix spelling of 'occurred'
PR:		331298
Submitted by:	Fabian Keil
Obtained from:	ElectroBSD
MFC after:	1 week
2017-08-19 00:51:45 +00:00
emaste
f8dbd1e52f sys/modules: don't build bxe if the user objects to sourceless ucode
PR:		204747
Submitted by:	Fabian Keil
Obtained from:	ElectroBSD
MFC after:	1 week
2017-08-19 00:45:29 +00:00
emaste
671d8fa20b sa.4: fix spelling of 'suppresses'
PR:		221302
Submitted by:	Fabian Keil
Obtained from:	ElectroBSD
MFC after:	1 week
2017-08-19 00:37:33 +00:00
emaste
e182a6c1cb pw useradd: Validate the user name before creating the entry
Previouly it was possible to create users with spaces in the name with:
pw useradd -u 1234 -g 1234 -n 'test user'

The "-g 1234" is relevant, without it the name was already rejected
as expected:

[fk@test ~]$ sudo pw useradd -u 1234 -n 'test user'
pw: invalid character ` ' at position 4 in userid/group name

Bug unintentionally found with a salt config without explicit name entry:

test user:
  user.present:
    - uid: 1234
    - gid: 1234
    - fullname: Test user
    - shell: /usr/local/bin/bash
    - home: /home/test
    - groups:
      - wheel
      - salt

"Luckily" salt modules rarely bother with input validation either ...

PR:		221416
Submitted by:	Fabian Keil
Obtained from:	ElectroBSD
MFC after:	1 week
2017-08-19 00:32:26 +00:00
emaste
0c4cd99556 pw usermod: Properly deal with empty secondary group lists (-G '')
"pw usermod someuser -G ''" is supposed make sure that someuser
doesn't have any secondary group memberships.

Previouly it was a nop because split_groups() only intitialised
"groups" if at least one group was specified. As a result the
existing secondary group memberships were kept.

PR:		221417
Submitted by:	Fabian Keil
Obtained from:	ElectroBSD
MFC after:	1 week
Relnotes:	yes
2017-08-19 00:19:23 +00:00
emaste
9b17f402cc gas: add parens to clarify expression and eliminate clang warning
Building mips64 w/ Clang failed with -Werror,-Wshift-negative-value
error: shifting a negative signed value is undefined
2017-08-18 21:20:38 +00:00
sevan
8a3d7f42b1 Add Thunderbolt Apple interfaces to the bge(4) supported list.
Document message reported by kernel upon removal in DIAGNOSTIC section.
Document shortcomings in BUGS section.

Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D11771
2017-08-18 20:35:35 +00:00
cem
e2500ac573 Move some other SI_SUB_INIT_IF initializations to SI_SUB_TASKQ
Drop the EARLY_AP_STARTUP gtaskqueue code, as gtaskqueues are now
initialized before APs are started.

Reviewed by:	hselasky@, jhb@
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D12054
2017-08-18 18:55:07 +00:00
emaste
5b2ee3b7e9 gas: fix "format string is not a string literal" errors on mips
Sponsored by:	The FreeBSD Foundation
2017-08-18 18:26:30 +00:00
emaste
0c474a38fc bfd: cast BFD_ALIGN to fix clang error on mips
error: implicit conversion from 'bfd_vma' (aka 'unsigned long long')
to 'int' changes value from 18446744073709551615 to -1
  return BFD_ALIGN (ret, 16);
  ~~~~~~ ^~~~~~~~~~~~~~~~~~~
note: expanded from macro 'BFD_ALIGN'
   : ~ (bfd_vma) 0)
     ^~~~~~~~~~~~~

Sponsored by:	The FreeBSD Foundation
2017-08-18 18:20:51 +00:00
des
984a1974b4 In fetch_resolve(), if the port number or service name is included in
the host argument (e.g. "www.freebsd.org:443"), the service pointer,
which is supposed to point to the port or service part, instead points
to the separator, causing getaddrinfo() to fail.

Note that I have not been able to trigger this bug with fetch(1), nor
do I believe it is possible, as libfetch always parses the host:port
specification itself.  I discovered it when I copied fetch_resolve()
into an unrelated project.

MFC after:	3 days
2017-08-18 18:20:36 +00:00
maxim
7304973a93 FreeBSD 11.1 release added. 2017-08-18 17:32:14 +00:00
kib
6dd0b9e76c When checking that #UD comes from kernel mode, check that the
exception did not happen in vm86 mode.  A vm86 userland process could
have a %cs that matches GSEL_KPL, while dtrace cannot hook it.

Submitted by:	Maxime Villard <max@m00nbsd.net>
MFC after:	3 days
2017-08-18 17:11:15 +00:00
sevan
834204f6b8 Add caveat to kinfo_getvmmap(3) explaining high CPU utilisation.
Based on kib's reply on https://lists.freebsd.org/pipermail/freebsd-hackers/2016-July/049710.html

PR:		210904
Submitted by:	Yuri Victorovich <yuri AT rawbw DOT com>
Reviewed by:	jilles
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D12004
2017-08-18 16:42:58 +00:00
emaste
21f6c637f5 cam iosched: fix typos in comments
PR:		220947
Submitted by:	Fabian Keil
Obtained from:	ElectroBSD
2017-08-18 16:38:33 +00:00
sevan
4c3407649a Correct multicast address used in pfsync(4)
As stated in src/sys/netinet/in.h L395, address used is 224.0.0.240.

PR:		216885
Submitted by:	Matthias Ordner <matthias.ordner AT noris DOT net>
Reviewed by:	kp
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D12011
2017-08-18 16:14:41 +00:00
bde
9a96357487 Fix syscons escape sequence for setting the local cursor type. This sequence
was aliased to a vt sequence, causing and fixing various bugs.

For syscons, this restores support for arg 2 which sets blinking block
too forcefully, and restores bugs for arg 0 and 1.  Arg 2 is used for
vs in the cons25 entry in termcap, but I've never noticed an application
that uses this.  The bugs involve replacing local settings by global
ones and need better handling of defaults to fix.

For vt, this requires moving the aliasing code from teken to vt where
it belongs.  This sequences is very important for cons25 compatibility
in vt since it is used by the cons25 termcap entries for ve, vi and
vs.  vt can't properly support vs for either cons25 or xterm since it
doesn't support blinking.  For xterm, the termcap entry for vs asks
for something different using 12;25h instead of 25h.

Rename C25CURS for this to C25LCT and change its description to be closer
to echoing the old comment about it.  CURS is too generic.

Fix missing syscons escape sequence for setting the global cursor shape
(and type).  Only support this in syscons since vt can't emulate anything
in it.
2017-08-18 15:40:40 +00:00
br
11ea615d8d Fix module unload when SGX support is not present in CPU.
Sponsored by:	DARPA, AFRL
2017-08-18 14:47:06 +00:00
glebius
eabed56e84 Fix cut and paste typo that prevented T5 firmware to be compiled in.
Reviewed by:	np
2017-08-18 14:30:12 +00:00
sevan
07c0137d8e typo
PR:		211160
Submitted by:	Dan Robertson <dan.robertson AT anidata DOT org>
Reviewed by:	oshogbo
MFC after:	7 days
Differential Revision:	https://reviews.freebsd.org/D12005
2017-08-18 14:17:12 +00:00