245018 Commits

Author SHA1 Message Date
jhb
29d37d493b Correct HWCAP_VFP3* values to match Linux.
Reviewed by:	andrew, ian
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D12388
2017-09-22 17:57:38 +00:00
kib
7abf2e5170 Fix 32bit build.
Reported by:	emaste
Sponsored by:	The FreeBSD Foundation
2017-09-22 16:42:41 +00:00
gjb
47aa838516 Revert r323812 from release/tools/arm.subr, which has broken the
build on arm/armv6 images.

Pointyhat:	gjb (myself)
MFC after:	immediate
MFC note:	releng/10.4 has broken because of this
Sponsored by:	The FreeBSD Foundation
2017-09-22 14:34:27 +00:00
mckusick
4c3c44cdd8 Continuing efforts to provide hardening of FFS, this change adds a
check hash to cylinder groups. If a check hash fails when a cylinder
group is read, no further allocations are attempted in that cylinder
group until it has been fixed by fsck. This avoids a class of
filesystem panics related to corrupted cylinder group maps. The
hash is done using crc32c.

Check hases are added only to UFS2 and not to UFS1 as UFS1 is primarily
used in embedded systems with small memories and low-powered processors
which need as light-weight a filesystem as possible.

Specifics of the changes:

sys/sys/buf.h:
    Add BX_FSPRIV to reserve a set of eight b_xflags that may be used
    by individual filesystems for their own purpose. Their specific
    definitions are found in the header files for each filesystem
    that uses them. Also add fields to struct buf as noted below.

sys/kern/vfs_bio.c:
    It is only necessary to compute a check hash for a cylinder
    group when it is actually read from disk. When calling bread,
    you do not know whether the buffer was found in the cache or
    read. So a new flag (GB_CKHASH) and a pointer to a function to
    perform the hash has been added to breadn_flags to say that the
    function should be called to calculate a hash if the data has
    been read. The check hash is placed in b_ckhash and the B_CKHASH
    flag is set to indicate that a read was done and a check hash
    calculated. Though a rather elaborate mechanism, it should
    also work for check hashing other metadata in the future. A
    kernel internal API change was to change breada into a static
    fucntion and add flags and a function pointer to a check-hash
    function.

sys/ufs/ffs/fs.h:
    Add flags for types of check hashes; stored in a new word in the
    superblock. Define corresponding BX_ flags for the different types
    of check hashes. Add a check hash word in the cylinder group.

sys/ufs/ffs/ffs_alloc.c:
    In ffs_getcg do the dance with breadn_flags to get a check hash and
    if one is provided, check it.

sys/ufs/ffs/ffs_vfsops.c:
    Copy across the BX_FFSTYPES flags in background writes.
    Update the check hash when writing out buffers that need them.

sys/ufs/ffs/ffs_snapshot.c:
    Recompute check hash when updating snapshot cylinder groups.

sys/libkern/crc32.c:
lib/libufs/Makefile:
lib/libufs/libufs.h:
lib/libufs/cgroup.c:
    Include libkern/crc32.c in libufs and use it to compute check
    hashes when updating cylinder groups.

Four utilities are affected:

sbin/newfs/mkfs.c:
    Add the check hashes when building the cylinder groups.

sbin/fsck_ffs/fsck.h:
sbin/fsck_ffs/fsutil.c:
    Verify and update check hashes when checking and writing cylinder groups.

sbin/fsck_ffs/pass5.c:
    Offer to add check hashes to existing filesystems.
    Precompute check hashes when rebuilding cylinder group
    (although this will be done when it is written in fsutil.c
    it is necessary to do it early before comparing with the old
    cylinder group)

sbin/dumpfs/dumpfs.c
    Print out the new check hash flag(s)

sbin/fsdb/Makefile:
    Needs to add libufs now used by pass5.c imported from fsck_ffs.

Reviewed by: kib
Tested by: Peter Holm (pho)
2017-09-22 12:45:15 +00:00
scottl
aa547b1162 Clean up error messages related to device discovery
Sponsored by:	Netflix
2017-09-22 12:07:03 +00:00
avg
7392d39323 MFV r323917: 8648 Fix range locking in ZIL commit codepath
illumos/illumos-gate@42b1411172
42b1411172

https://www.illumos.org/issues/8648
  I'm opening this bug to track integration of the following ZFS on Linux
  commit into illumos:

  commit f763c3d1df569a8d6b60bcb5e95cf07aa7a189e6
  Author: LOLi <loli10K@users.noreply.github.com>
  Date:   Mon Aug 21 17:59:48 2017 +0200

      Fix range locking in ZIL commit codepath

      Since OpenZFS 7578 (1b7c1e5) if we have a ZVOL with logbias=throughput
      we will force WR_INDIRECT itxs in zvol_log_write() setting itx->itx_lr
      offset and length to the offset and length of the BIO from
      zvol_write()->zvol_log_write(): these offset and length are later used
      to take a range lock in zillog->zl_get_data function: zvol_get_data().

      Now suppose we have a ZVOL with blocksize=8K and push 4K writes to
      offset 0: we will only be range-locking 0-4096. This means the
      ASSERTion we make in dbuf_unoverride() is no longer valid because now
      dmu_sync() is called from zilog's get_data functions holding a partial
      lock on the dbuf.

      Fix this by taking a range lock on the whole block in zvol_get_data().

      Reviewed-by: Chunwei Chen <tuxoko@gmail.com>
      Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
      Signed-off-by: loli10K <ezomori.nozomu@gmail.com>

Reviewed by: Igor Kozhukhov <igor@dilos.org>
Reviewed by: Matt Ahrens <mahrens@delphix.com>
Reviewed by: Andriy Gapon <avg@FreeBSD.org>
Reviewed by: Alexander Motin <mav@FreeBSD.org>
Approved by: Robert Mustacchi <rm@joyent.com>
Author: LOLi <loli10K@users.noreply.github.com>

MFC after:	10 days
2017-09-22 08:27:27 +00:00
hselasky
118c173868 Extend sysctl description for hw.usb.disable_enumeration .
PR:		222505
Submitted by:	Julian H. Stacey <jhs@berklix.com>
MFC after:	1 week
Sponsored by:	Mellanox Technologies
2017-09-22 08:21:35 +00:00
avg
4158f7abf5 MFV r323914: 8661 remove "zil-cw2" dtrace probe
illumos/illumos-gate@bd9d3f9046
bd9d3f9046

https://www.illumos.org/issues/8661
  The "zil-cw1" dtrace probe was previously removed in 8558, and the "zil-cw2"
  probe should have been removed in that patch as well. Unfortunately, the "zil-
  cw2" was not removed in 8558, so this bug is to track it's removal.

Reviewed by: Serapheim Dimitropoulos <serapheim@delphix.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Igor Kozhukhov <igor@dilos.org>
Approved by: Robert Mustacchi <rm@joyent.com>
Author: Prakash Surya <prakash.surya@delphix.com>

MFC after:	1 week
2017-09-22 08:21:14 +00:00
hselasky
10ef676c4b Add support for 32-bit compatibility IOCTLs in the LinuxKPI.
Bump the FreeBSD version to force recompilation of external
kernel modules due to structure change.

PR:		222504
Submitted by:	Greg V <greg@unrelenting.technology>
MFC after:	1 week
Sponsored by:	Mellanox Technologies
2017-09-22 08:12:08 +00:00
tsoome
bb780d8fb8 libefi: define EISA PNP constants
Define EISA PNP constants and use them, also fix ID for 0x701
2017-09-22 07:44:36 +00:00
tsoome
4dbc9cd35f libefi: efipart_hdinfo_add_filepath should check strtol result
Use errno for error checking.
2017-09-22 07:40:05 +00:00
tsoome
33da44a63f libefi: efipart.c cstyle fix for efipart_print_common()
The else statement should have { }
2017-09-22 07:37:42 +00:00
tsoome
6be612a073 libefi: efipart_strategy() should return ENXIO when there is no media
We should return ENXIO to indicate the situation with device present,
but no media.
2017-09-22 07:34:08 +00:00
tsoome
aee8c6eefe libefi: pdinfo_t pd_unit and pd_open should be unsigned
The device index, partition index and reference counter are all positive
numbers. However, since our internal partition number may be negative
to indicate GPT table, the compare expression need to take care when comparing
pdinfo_t and partition data.
2017-09-22 07:29:26 +00:00
tuexen
e2a38ef632 Add missing locking. Found by Coverity while scanning the usrsctp
library.

MFC after:	1 week
2017-09-22 06:33:01 +00:00
tuexen
bea9f86ffd Add missing socket lock.
MFC after:	1 week
2017-09-22 06:07:47 +00:00
cem
7cc3781303 cryptotest.py: Like r323869, skip SHA HMAC tests on non-SHA drivers
Sponsored by:	Dell EMC Isilon
2017-09-22 04:41:48 +00:00
cem
8863661513 cryptotest.py: Fix whitespace style errors
I accidentally introduced different whitespace style in r323878.  I'm not
used to using tabs for indentation in Python scripts.

Whitespace only; no functional change.

Sponsored by:	Dell EMC Isilon
2017-09-22 04:25:44 +00:00
tsoome
a5452b6d59 efilib.h: typo in structure member description
The link should be replaced by list.
2017-09-22 02:58:47 +00:00
tsoome
e66e69c094 r323885 did miss efilib.h update
The efilib.h update was left out from r323885 by mistake.
2017-09-22 02:56:26 +00:00
tsoome
7064325a7e libefi: efi_devpath_match local len should be unsigned
DevicePathNodeLength() will always return unsigned value.
2017-09-22 02:53:01 +00:00
imp
2a0fe7d822 cam iosched: Bettar account IOPS for smoother performance
Prevent cam_iosched_iops_tick() from discarding 'unspent' ios unless
it's a new accounting interval.

Previously ios that weren't used between ticks were lost, as a result
the iops limiter could enforce a limit below the configured maximum.

Obtained from: ElectroBSD
Submitted by: Fabian Keil
PR: 221974
2017-09-22 02:36:36 +00:00
imp
aafe805fed cam iosched: Enforce iop limits below the quanta value
Previously the iops limiter would always allow at least
quanta ios per second as cam_iosched_iops_tick() never set
ios->l_value1 below 1.

Submitted by: Fabian Keil <fk@fabiankeil.de>
Obtained from: ElectroBSD
PR: 221974
2017-09-22 02:36:32 +00:00
jhb
3c2af9be8d Support AEAD requests with non-GCM algorithms.
In particular, support chaining an AES cipher with an HMAC for a request
including AAD.  This permits submitting requests from userland to encrypt
objects like IPSec packets using these algorithms.

In the non-GCM case, the authentication crypto descriptor covers both the
AAD and the ciphertext.  The GCM case remains unchanged.  This matches
the requests created internally in IPSec.  For the non-GCM case, the
COP_F_CIPHER_FIRST is also supported since the ordering matters.

Note that while this can be used to simulate IPSec requests from userland,
this ioctl cannot currently be used to perform TLS requests using AES-CBC
and MAC-before-encrypt.

Reviewed by:	cem
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D11759
2017-09-22 00:34:46 +00:00
jhb
bee88d82bb Add a new COP_F_CIPHER_FIRST flag for struct crypt_op.
This requests that the cipher be performed before rather than after
the HMAC when both are specified for a single operation.

Reviewed by:	cem
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D11757
2017-09-22 00:21:58 +00:00
jhb
8ef23ac4de Place the AAD before the plaintext/ciphertext for CIOCRYPTAEAD.
Software crypto implementations don't care how the buffer is laid out,
but hardware implementations may assume that the AAD is always before
the plain/cipher text and that the hash/tag is immediately after the end
of the plain/cipher text.

In particular, this arrangement matches the layout of both IPSec packets
and TLS frames.  Linux's crypto framework also assumes this layout for
AEAD requests.

Reviewed by:	cem
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D11758
2017-09-22 00:15:54 +00:00
shurd
5116c3be34 Fix undeclared identifier error introduced in r323879
It doesn't appear to be safe to use gtask->gt_name.

Reported by:	Mark Johnston, Jenkins
Reviewed by:	sbruno
Approved by:	sbruno (mentor)
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D12448
2017-09-21 23:27:35 +00:00
tsoome
e3bd1c0037 libefi: efipart.c should use calloc()
The device specific *_add functions are using malloc() + memset,
should use calloc instead.
2017-09-21 23:22:18 +00:00
tsoome
0f3861f775 libefi: efi_devpath_match() should return bool
The current implementation of efi_devpath_match() is returning values 0 or 1,
so it should be updated to return bool.
2017-09-21 23:14:07 +00:00
imp
ef7d9c4940 Always create usr/local/etc -> /etc/local symlink
/usr/local/etc gets created and populated by packages. However, if no
packages are installed when setup_nanobsd is run, this symlink won't
get created, causing problems if packages are installed later (say on
first boot). Therefore, always create the symlink and etc/local. It
does no harm and may help.

Inspired by crochet issue #183 (consuingly says NanoBSD, means crochet)
Sponsored by: Netflix
2017-09-21 23:10:56 +00:00
jhb
c5f4b54f16 Only handle _PC_MAX_CANON, _PC_MAX_INPUT, and _PC_VDISABLE for TTY devices.
Move handling of these three pathconf() variables out of vop_stdpathconf()
and into devfs_pathconf() as TTY devices can only be devfs files.  In
addition, only return settings for these three variables for devfs devices
whose device switch has the D_TTY flag set.

Discussed with:	bde, kib
Sponsored by:	Chelsio Communications
2017-09-21 23:05:32 +00:00
jhb
ebd5dd0a34 Use UFS_LINK_MAX instead of LINK_MAX.
Submitted by:	bde
Sponsored by:	Chelsio Communications
2017-09-21 22:33:59 +00:00
markj
6f05d50cd3 Simplify i915_gem_wire_page() and avoid unneeded page-busying.
Reviewed by:	alc, kib
MFC after:	1 week
2017-09-21 22:15:45 +00:00
shurd
c8fa21be21 Improved logging of gtaskqueue failues
Check the return code of intr_setaffinity() and log any errors
it returns. When a qid is not located, log an error before returning
failure.  Also, use __func__ rather than hardcoding the function name

Reviewed by:	sbruno
Approved by:	sbruno (mentor)
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D12436
2017-09-21 21:14:48 +00:00
cem
23508ac59c cryptotest.py: Actually use NIST-KAT HMAC test vectors and test the right hashes
Previously, this test was entirely a no-op as no vector in the NIST-KAT file
has a precisely 20-byte key.

Additionally, not every vector in the file is SHA1.  The length field
determines the hash under test, and is now decoded correctly.

Finally, due to a limitation I didn't feel like fixing in cryptodev.py, MACs
are truncated to 16 bytes in this test.

With this change and the uncommitted D12437 (to allow key sizes other than
those used in IPSec), the SHA tests in cryptotest.py actually test something
and e.g. at least cryptosoft passes the test.

Sponsored by:	Dell EMC Isilon
2017-09-21 21:07:21 +00:00
shurd
8b20e8f83d Fix M_GTASKQUEUE definition
Previously had the same short and long description as taskqueues.
This could cause problems with memguard(9) and vmstat -m which use
the short description as a unique identifier.

Reviewed by:	sbruno
Approved by:	sbruno (mentor)
MFC after:	3 days
Sponsored by:	Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D12438
2017-09-21 20:34:33 +00:00
shurd
c932e515c4 bnxt: Fix driver when attached to a VF
- Use HWRM_FUNC_VF_CFG instead of HWRM_FUNC_CFG on VFs
- Fix NPAR/VF detection
- Clean up flag definitions
- Don't allow WoL on VFs

Although the bnxt driver doesn't support SR-IOV so can create VFs yet,
the PF could be running Linux or ESCi with a VF passed through to a
FreeBSD guest.  This fixes the driver for that use case.

Submitted by:	Siva Kallam <siva.kallam@@broadcom.com>
Reviewed by:	shurd, sbruno
Approved by:	sbruno (mentor)
Sponsored by:	Broadcom Limited
Differential Revision:	https://reviews.freebsd.org/D12410
2017-09-21 20:27:43 +00:00
eugen
74e3f7a235 Unprotected modification of ng_iface(4) private data leads to kernel panic.
Fix a race with per-node read-mostly lock and refcounting for a hook.

PR:			220076
Tested by:		peixoto.cassiano
Approved by:		avg (mentor), mav (mentor)
MFC after:		1 week
Relnotes:		yes
Differential Revision:	https://reviews.freebsd.org/D12435
2017-09-21 20:16:10 +00:00
cem
ce5730adaa cryptotest.py: Do not run AES-CBC or AES-GCM tests on non-AES crypto(4) drivers
For some reason, we only skipped AES-XTS tests if a driver was not in the
aesmodules list.  Skip other AES modes as well to prevent spurious failures
in non-AES drivers.

Sponsored by:	Dell EMC Isilon
2017-09-21 18:06:21 +00:00
alc
cb98f1d27d Modernize calls to vm_page_unwire(). As of r288122, vm_page_unwire()
accepts PQ_NONE as the specified queue and returns a Boolean indicating
whether the page's wire count transitioned to zero.  Use these features
in dev/drm2.

Reviewed by:	kib, markj
MFC after:	1 week
2017-09-21 15:32:41 +00:00
tsoome
a36c36a04d libefi: devicename.c cleanups
Remove duplicated free()+return statements, default unit to 0
and improve strtol error processing.
2017-09-21 15:30:20 +00:00
oshogbo
37b8624aaf We use a few different ifdef's names to check if we are using Casper or not,
let's standardize this. Now we are always use WITH_CASPER name.

Discussed with:	emaste@
MFC after:	1 month
2017-09-21 14:41:41 +00:00
sevan
dee8fcc6f9 Ammend bin/cat/cat.c so the output is the same aside
from blank lines being numbered or unnumbered, depending on whether cat
was invoked with -ne or -be.

At present, when cat is invoked with -be, there is an aditional
difference that the '$' on blank lines is placed on the far left of the
output.

Discussed in bug 210607.

While here, revert the workaround from r304035 which skipped the unit test for
this issue previously.

PR:		210607
Submitted by:	myself
Reviewed by:	bdrewery
Obtained from:	NetBSD
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D12432
2017-09-21 14:14:49 +00:00
kp
deed61f436 bridge: Set module version
This ensures that the loader will not load the module if it's also built in to
the kernel.

PR:		220860
Submitted by:	Eugene Grosbein <eugen@freebsd.org>
Reported by:	Marie Helene Kvello-Aune <marieheleneka@gmail.com>
2017-09-21 14:14:01 +00:00
tuexen
8b25605cf2 Code cleanup, no functional change.
MFC after:	1 week
2017-09-21 11:56:31 +00:00
oshogbo
d1a32b7182 Plug memory leak in case when nvlist allocation succeeds, but nvpair
allocation fails.

Submitted by:	pjd@
MFC after:	1 month
Sponsored by:	Wheel Systems
2017-09-21 10:28:22 +00:00
oshogbo
7bed56b0fa Simplify the code by _not_ expecting success under 'fail'.
Submitted by:	pjd@ and oshogbo@
MFC after:	1 month
Sponsored by:	Wheel Systems
2017-09-21 10:18:02 +00:00
oshogbo
5b3c574401 IMHO it is possible that failure will be treated as success because we don't
initialize nvp on every loop iteration and the code under 'fail'(!) label
detects success by checking of nvp != NULL.

Submitted by:	pjd@
MFC after:	1 month
Sponsored by:   Wheel Systems
2017-09-21 10:16:44 +00:00
oshogbo
14c708eabc Free 'value' only once we are done freeing all individual
Submitted by:   pjd@
MFC after:	1 month
Found by:       scan-build
Sponsored by:   Wheel Systems
2017-09-21 10:14:43 +00:00
n_hibma
775755f18f Remove an 'unused' function.
This function was only set in legacy.sh and only at the very end after
the disk image had been successfully created. The only difference will be
that the message 'Error encountered. Please check...' will not appear if
nanobsd.sh exits with an error after the disk image has been created.
2017-09-21 10:13:48 +00:00