Remove the device from the list before unbinding it. Doing it in this
order allows calling xen_intr_unbind without holding the bind_mutex
lock.
Sponsored by: Citrix Systems R&D
There's no need to perform the interrupt unbind while holding the
blkback lock, and doing so leads to the following LOR:
lock order reversal: (sleepable after non-sleepable)
1st 0xfffff8000802fe90 xbbd1 (xbbd1) @ /usr/src/sys/dev/xen/blkback/blkback.c:3423
2nd 0xffffffff81fdf890 intrsrc (intrsrc) @ /usr/src/sys/x86/x86/intr_machdep.c:224
stack backtrace:
#0 0xffffffff80bdd993 at witness_debugger+0x73
#1 0xffffffff80bdd814 at witness_checkorder+0xe34
#2 0xffffffff80b7d798 at _sx_xlock+0x68
#3 0xffffffff811b3913 at intr_remove_handler+0x43
#4 0xffffffff811c63ef at xen_intr_unbind+0x10f
#5 0xffffffff80a12ecf at xbb_disconnect+0x2f
#6 0xffffffff80a12e54 at xbb_shutdown+0x1e4
#7 0xffffffff80a10be4 at xbb_frontend_changed+0x54
#8 0xffffffff80ed66a4 at xenbusb_back_otherend_changed+0x14
#9 0xffffffff80a2a382 at xenwatch_thread+0x182
#10 0xffffffff80b34164 at fork_exit+0x84
#11 0xffffffff8101ec9e at fork_trampoline+0xe
Reported by: Nathan Friess <nathan.friess@gmail.com>
Sponsored by: Citrix Systems R&D
The user-space xenstore device is currently lacking a check to make
sure that the caller is only using transaction ids currently assigned
to it. This allows users of the xenstore device to hijack transactions
not started by them, although the scope is limited to transactions
started by the same domain.
Tested by: Nathan Friess <nathan.friess@gmail.com>
Sponsored by: Citrix Systems R&D
This is hardware support for the SO_MAX_PACING_RATE sockopt (see
setsockopt(2)), which is available in kernels built with "options
RATELIMIT".
Relnotes: Yes
Sponsored by: Chelsio Communications
Allow user-space applications to register watches using the xenstore
device. This is needed in order to run toolstack operations on
domains different than the one where xenstore is running (in which
case the device is not used, since the connection to xenstore is done
using a plain socket).
Tested by: Nathan Friess <nathan.friess@gmail.com>
Sponsored by: Citrix Systems R&D
Due to the current synchronous xenstore implementation in FreeBSD, we
cannot return from xs_read_reply without reading a reply, or else the
ring gets out of sync and the next request will read the previous
reply and crash due to the type mismatch. A proper solution involves
making use of the req_id field in the message and allowing multiple
in-flight messages at the same time on the ring.
Remove the PCATCH flag so that signals don't interrupt the wait.
Tested by: Nathan Friess <nathan.friess@gmail.com>
Sponsored by: Citrix Systems R&D
There's no need to prevent suspend while doing xenstore transactions,
callers of transactions are supposed to be prepared for a transaction
to fail.
This fixes a bug that could be triggered from the xenstore user-space
device, since starting a transaction from user-space would result in
returning there with a sx lock held, that causes a WITNESS check to
trigger.
Tested by: Nathan Friess <nathan.friess@gmail.com>
Sponsored by: Citrix Systems R&D
According to PR there are cases of controller hang if soft reset is
sent before device report ready status after the hard reset.
I don't think this patch is perfect, but it was reported as working
by the submitter, and I have neither the old hardware nor interest to
test some improved version, so just done some style cleaning.
PR: 183294
Submitted by: alexandre.martins@netasq.com
MFC after: 1 month
This driver was developed for the LAN7800 and the register-compatible
LAN7515 (found on Raspberry Pi 3B+) and has only been tested on those
devices.
Sponsored by: The FreeBSD Foundation
We shouldn't be mapping this memory, so we need to find it so it
can be excluded from the phys_avail map.
Reviewed by: manu
Obtained from: ABT Systems Ltd
Sponsored by: Turing Robotic Industries
Differential Revision: https://reviews.freebsd.org/D15518
This apparently works around issues with updates of certain Broadwell
CPUs.
Reviewed by: emaste, kib, sbruno
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D15520
Linux will not connect to a backend that's in state 3
(XenbusStateInitialised), it needs to be in state 2
(XenbusStateInitWait) for Linux to attempt to connect to the backend.
The protocol seems to suggest that the backend should indeed wait in
state 2 for the frontend to connect, which makes state 3 unusable for
disk backends.
Also make sure blkback will connect to the frontend if the frontend
reaches state 3 (XenbusStateInitialised) before blkback has processed
the results from the hotplug script (Submitted by Nathan Friess).
MFC after: 1 week
Speculative Store Bypass (SSB) is a speculative execution side channel
vulnerability identified by Jann Horn of Google Project Zero (GPZ) and
Ken Johnson of the Microsoft Security Response Center (MSRC)
https://bugs.chromium.org/p/project-zero/issues/detail?id=1528.
Updated Intel microcode introduces a MSR bit to disable SSB as a
mitigation for the vulnerability.
Introduce a sysctl hw.spec_store_bypass_disable to provide global
control over the SSBD bit, akin to the existing sysctl that controls
IBRS. The sysctl can be set to one of three values:
0: off
1: on
2: auto
Future work will enable applications to control SSBD on a per-process
basis (when it is not enabled globally).
SSBD bit detection and control was verified with prerelease microcode.
Security: CVE-2018-3639
Tested by: emaste (previous version, without updated microcode)
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
This change adds support for a UBS<->RS232 adapter based on CH340 (or an
analogue) that I own. The device seems to have a newer internal version
(0x30) and the existing code incorrectly configures line control for it
resulting in garbled transmission. The changes are based on what I
learned in Linux drivers for the same hardware.
Additional changes:
- use UCHCOM_REG_LCR1 / UCHCOM_REG_LCR2 instead of explicit 0x18 and
0x25
- use NULL instead of 0 where a pointer is expected
Reviewed by: hselasky
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D15498
Also, add definitions for more bits of UCHCOM_REG_LCR1 as seen in the
Linux driver. UCHCOM_LCR1_PARENB definition was different from that in
the Linux driver and clashed with newly added UCHCOM_LCR1_RX. I took a
liberty to change UCHCOM_LCR1_PARENB to the Linux definition as it was
unused in the driver anyway. This change should make
uchcom_cfg_set_break() easier to understand.
Approved by: hselasky
MFC after: 2 weeks
Product IDs are specified in vendor documents. The previously used
device ID is not. This is a cosmetic change. No functionality depends
on those IDs.
Reviewed by: hselasky
MFC after: 2 weeks
I have a system that is very unstable after resuming from suspend-to-RAM
but only if HPET is used as the event timer. The theory is that SMM
code / firmware could be enabling HPET for its own uses and unexpected
interrupts cause a trouble for it. Originally I wanted to solve the
problem in hpet_suspend() method, but that was insufficient as the event
timer could get reprogrammed again.
So, it's better, for my case and in general, to stop the event timer(s)
before entering the hardware suspend.
MFC after: 4 weeks
Differential Revision: https://reviews.freebsd.org/D15413
MMU is disabled.
This expands some earlier logic and avoids a number of potential problems:
1. The CPU may not be able to access the framebuffer in real mode (real
mode does not necessarily encompass all available memory, especially
under a hypervisor).
2. Real mode accesses generally assume cacheability, so it might not
even have worked.
3. The difference in cacheability between real mode and later (and
potentially earlier) points in the boot with the MMU on may cause
ERAT parity problems, resulting in a machine check.
This fixes real-mode (usefdt=1) early boot on the G5 iMac, which was
previously broken as a result of issue #3. Late boot will require some
other fixups.
muge was committed to the tree in r333713 but not yet connected to the
tree, and it crossed paths with the migration to using ck.
Sponsored by: The FreeBSD Foundation
If a socket is closed or shutdown and a partial record (or what
appears to be a partial record) is waiting in the socket buffer,
discard the partial record and close the connection rather than
waiting forever for the rest of the record.
Reported by: Harsh Jain @ Chelsio
Sponsored by: Chelsio Communications
