This was originally added as "exit $SUCCESS" but with nothing to set the
SUCCESS variable. Thus it became an exit with no argument, which just
exits with the status of the preceding command.
Approved by: re (gjb)
Sponsored by: The FreeBSD Foundation
Permit a deflateParams() parameter change as soon as possible.
This change fixes compression errors seen when the embedded Tomcat
web server of a UniFi Controller zlib compresses responses. Given
that Tomcat just uses Java/OpenJDK which in turn employs zlib for
its compression/decompression support, this bug might very well
affect other applications, too.
PR: 222136
Approved by: re (gjb)
Previously we added an ifconfig_$INTERFACE line to rc.conf for each
unsuccessful DCHP attempt.
PR: 219515
Approved by: re (marius)
Sponsored by: The FreeBSD Foundation
"pw usermod someuser -G ''" is supposed make sure that someuser
doesn't have any secondary group memberships.
Previouly it was a nop because split_groups() only intitialised
"groups" if at least one group was specified. As a result the
existing secondary group memberships were kept.
PR: 221417
Submitted by: Fabian Keil
Approved by: re (kib)
Obtained from: ElectroBSD
Relnotes: yes
Previouly it was possible to create users with spaces in the name with:
pw useradd -u 1234 -g 1234 -n 'test user'
The "-g 1234" is relevant, without it the name was already rejected
as expected:
[fk@test ~]$ sudo pw useradd -u 1234 -n 'test user'
pw: invalid character ` ' at position 4 in userid/group name
Bug unintentionally found with a salt config without explicit name entry:
test user:
user.present:
- uid: 1234
- gid: 1234
- fullname: Test user
- shell: /usr/local/bin/bash
- home: /home/test
- groups:
- wheel
- salt
"Luckily" salt modules rarely bother with input validation either ...
PR: 221416
Submitted by: Fabian Keil
Approved by: re (kib)
Obtained from: ElectroBSD
illumos 4185 ("add new cryptographic checksums to ZFS: SHA-512, Skein,
Edon-R") was intentionally merged only partially in r289422, without
adding support for skein, sha512 and edonr on FreeBSD.
Support for skein and sha512 was added later on (in head), but none of
these are supported in stable/10. Prior to this commit zfs(8) correctly
rejected these algorithms, but with an error message that claimed
support:
fk@r500 ~ $zfs set checksum=edonr tank
cannot set property for 'tank': 'checksum' must be one of 'on | off |
fletcher2 | fletcher4 | sha256 | sha512 | skein | edonr'
(This commit removes sha512 and skein in addition to edonr from the
merge of head's r323002.)
PR: 204055
Submitted by: Fabian Keil
Approved by: re (kib)
Obtained from: ElectroBSD
was committed in r295133 (MFCed to stable/10 in r295287), CSUM_TSO gets
always disabled by em(4) on the first invocation of em_init_locked() as
at that point no link is established, yet. In turn, this causes CSUM_TSO
also to be off when em(4) is used as a parent device for vlan(4), i. e.
besides IFCAP_TSO4, IFCAP_VLAN_HWTSO effectively doesn't work either.
In head an attempt to fix this was made with r308345, but that revision
had several problems on its own. One of which was that r308345 caused
IFCAP_TSO4 to also be cleared from both the interface capability and
capability enable bits. Thus, once a link switched from gigabit to a
lower speed, TSO no longer could be enabled, even not via ifconfig(8).
So this change moves the aforementioned WAR to em_update_link_status()
like r308345 did, but only alters the hardware assist bits accordingly,
leaving IFCAP_TSO4 flags alone.
Still, this isn't the only problem r308345 had. Another one is that there
just is no way to atomically flush TSO-using descriptors already queued
at the point in time a link speed switch to below GbE occurs. Thus, such
in-flight descriptors still may hang the MAC. Moreover, at least currently
there also is no way of triggering a reconfiguration of vlan(4) when the
state of IFCAP_VLAN_HWTSO support changes at runtime, causing vlan(4) to
continue employing TSO. Last but not least, testing shows that - despite
all the WARs for TSO-related silicon bugs in em(4) - at least 82579 still
may hang at gigabit speed with IFCAP_TSO4 enabled. Therefore, this change
further removes IFCAP_TSO4 and IFCAP_VLAN_HWTSO from interface capability
enable bits as set by em(4). While at it, the use of CSUM_TCP is replaced
with CSUM_IP_TSO as em(4) only implements support for IFCAP_TSO4 but not
IFCAP_TSO6 (although in principle available with a subset of the supported
MACs).
At the bottom line, this change allows IFCAP_TSO4 and IFCAP_VLAN_HWTSO to
be used again with em(4), but these hardware offloading capabilities now
need to be explicitly enabled via ifconfig(8). Beware that it's only
considered safe to do so (and also only may work) in environments where
the link speed is not to be expected to change from GbE. Moreover, em(4)
appears to still be missing some more TSO workarounds for at least some
models, specifically the 82579 (I could not find an errata sheet and
"specification update" respectively for these latter, though, and the
generic ICH8 one doesn't list any TSO related bugs).
- Let igb_tso_setup() handle EtherType protocols that are unsupported or
for which support hasn't been compiled in gracefully instead of calling
panic(9).
- Make em_allocate_{legacy,msix}() and lem_allocate_irq() match their
prototypes WRT static.
This is a direct commit to stable/10 as corresponding code is no longer
present in head.
Approved by: re (gjb, kib)
Add new mlx5ib(4) driver to the kernel source tree which supports
Remote DMA over Converged Ethernet, RoCE, for the ConnectX-4 series of
PCI express network cards.
There is currently no user-space support and this driver only supports
kernel side non-routable RoCE V1. The krping kernel module can be used
to test this driver. Full user-space support including RoCE V2 will be
added as part of the ongoing upgrade to ibcore from Linux 4.9. Otherwise
this driver is feature equivalent to mlx4ib(4). The mlx5ib(4) kernel
module will only be built when WITH_OFED=YES is specified.
Approved by: re (marius)
Sponsored by: Mellanox Technologies
In compiler-rt, a few assembler implementations for i386 floating point
conversion functions use SSE2 instructions, but these are not guarded by
#ifdef __SSE2__, and there is no implementation using general purpose
registers. For these functions, use the generic C variants instead,
otherwise they will cause SIGILL on older processors.
Approved by: re (kib)
Reported by: bsdpr@phoe.frmug.org
PR: 221733
MFC r323014:
Follow-up to r323001: if the actually selected CPUTYPE is capable of
SSE2 instructions, we can use them.
Suggested by: jkim
PR: 221733
This is the last version of OpenSSH which does not break compatibility
more than we can live with in a stable branch. Further commits will
follow to backport some bug fixes from newer versions.
The sshd breakage in the previous attempt was due to an upstream bug
(a 0 was changed to a 1 while refactoring send_rexec_state() in sshd.c)
which only manifested itself when sshd was built with SSH 1 support.
Approved by: re@
This is the last version of OpenSSH which does not break compatibility
more than we can live with in a stable branch. Further commits will
follow to backport some bug fixes from newer versions.
Approved by: re@
- Update WOL support for newer em(4) devices. [1]
- Add support for Kaby Lake generation i219 (4) and i219 (5) devices.
- Enable WOL features also for the igb(4) class of devices. [1]
- Don't set any WOL enabling hardware bits if WOL isn't requested
according to the enabled interface capability bits.
PR: 208343 [1]
Submitted by: Kaho Tashikazu <kaho@elam.kais.kyoto-u.ac.jp> [1]
Approved by: re (kib)
Fix qlnx_tso_check() so that every window of
(ETH_TX_LSO_WINDOW_BDS_NUM - nbds_in_hdr) has atleast
ETH_TX_LSO_WINDOW_MIN_LEN bytes
Approved by:re(marius)
Upgrade FW to 5.4.66
sysctls to display stats, stats polled every 2 seconds
Modify QLA_LOCK()/QLA_UNLOCK() to not sleep after acquiring mtx_lock
Add support to turn OFF/ON error recovery following heartbeat failure for
debug purposes.
Set default max values to 32 Tx/Rx/SDS rings
Approved by: re(gjb)
Performance enhancements to reduce CPU utililization for large number of
TCP connections (order of tens of thousands), with predominantly Transmits.
Submitted by: Vaishali.Kulkarni@cavium.com
Approved by: re(marius)
276737: Remove old ioctl use and support
322200: Remove (broken) search for alternate superblocks
322201: Show differences when alternate superblock fails to match
322271: Cleanup for 322200.
322297: Restore fsck_ffs ability to find alternate superblocks
Discussed with: kib, imp
Differential Revision: https://reviews.freebsd.org/D11589
Approved by: re (kib)
Bring back the much more readable unified format for differences in
/etc/{group,master.passwd}. This was originally turned on for all of
/etc/{aliases,group,master.passwd} in r55196, but then backed out
only for the latter two in r56697, as the adaption of the sed(1)ing
done in r56308 was incorrect. This left us with inconsistent diff(1)
formats in the daily output of periodic(8) ever since, despite in
r56697 having been promised to be revisited. So properly adapt the
password hash filtering to the unified format and turn the later on
again for /etc/{group,master.passwd}, too.
Approved by: re (kib)
This change merges devctl notification for userland coredumps.
r278479 (rpaulo):
Notify devd(8) when a process crashed.
This change implements a notification (via devctl) to userland when
the kernel produces coredumps after a process has crashed.
devd can then run a specific command to produce a human readable crash
report. The command is most usually a helper that runs gdb/lldb
commands on the file/coredump pair. It's possible to use this
functionality for implementing automatic generation of crash reports.
devd(8) will be notified of the full path of the binary that crashed and
the full path of the coredump file.
r278494 (rpaulo):
Sanitise the coredump file names sent to devd.
While there, add a sysctl to turn this feature off as requested by kib@.
r278525 (rpaulo):
Remove a printf and an strlen() from the coredump code.
r278545 (rpaulo):
Restore the data array in coredump(), but use a different style to
calculate the length.
r278592 (rpaulo):
Remove check against NULL after M_WAITOK.
r279237 (kib):
Keep a reference on the coredump vnode for vn_fullpath() call. Do it
by moving vn_close() after the point where notification is sent.
r280410 (rpaulo):
Disable coredump_devctl because it could lead to leaking paths to jails.
Approved by: re
r322770:
Apply changes from bin/chmod/tests/chmod_test.sh, adding
atf_expect_fail() before chflags(8) is invoked if the filesystem
is ZFS, which does not support UF_IMMUTABLE.
r322796:
Revert part of r322770 in usr.sbin/chown/tests/chown_test.sh,
which incorrectly adds atf_expect_fail() where there is no
failure case.
Approved by: re (marius)
Sponsored by: The FreeBSD Foundation
Always expand the full path to the configuration file specified
with the '-c' flag. This fixes an issue where the configuration
file would not properly be located intermittently.
Approved by: re (kib, marius)
Sponsored by: The FreeBSD Foundation
269692: cswitch is unsigned, so don't compare it < 0
322179: Correct ordering of bio's in gjournal queue
322463: Eliminate a variable that is set-only in g_journal.c
322464: Correct check for reads in gjournal
Submitted by: Dr. Andreas Longwitz <longwitz@incore.de>
Discussed with: kib
Approved by: re (marius)
------------------------------------------------------------------------
r322410 | ken | 2017-08-11 12:43:52 -0600 (Fri, 11 Aug 2017) | 16 lines
Add historical notes on QIC tape drives and fix a couple of issues in mt(1).
o Density code 0x5 is also known as QIC-11, and should have a footnote
reference.
o Add notes on QIC tape drives from the bug report. These may help anyone
trying to use a QIC drive.
o Take out a "more more" instance found by igor.
o Bump the man page date.
The PR is 14 years old, so it's past time to retire it.
PR: doc/53596
Submitted by: tedm@toybox.placo.com
Reviewed by: bcr
Sponsored by: Spectra Logic
------------------------------------------------------------------------
Approved by: re (gjb)
r321949 (ngie):
Add expected failures for ZFS
- :f_flag fails on ZFS because UF_IMMUTABLE isn't supported.
- :v_flag fails on ZFS because the mode for foo is [always] updated
unnecessarily.
get_filesystem(..) (supporting function that was added to the test
script) is based on equivalent logic in
usr.bin/extattr/tests/extattr_test.sh .
r321950 (ngie):
Always use first parameter passed to get_filesystem(..) instead of
discarding it and using `.` instead.
r322101 (ngie):
Don't check result of chflags in f_flag_cleanup()
This will prevent false positives from occurring if the test is run
on ZFS since ZFS doesn't support fflags throbbing like UFS.
PR: 221188, 221189
Approved by: re (marius)
Sponsored by: The FreeBSD Foundation
322299
hyperv/hn: Implement transparent mode network VF.
How network VF works with hn(4) on Hyper-V in transparent mode:
- Each network VF has a cooresponding hn(4).
- The network VF and the it's cooresponding hn(4) have the same hardware
address.
- Once the network VF is attached, the cooresponding hn(4) waits several
seconds to make sure that the network VF attach routing completes, then:
o Set the intersection of the network VF's if_capabilities and the
cooresponding hn(4)'s if_capabilities to the cooresponding hn(4)'s
if_capabilities. And adjust the cooresponding hn(4) if_capable and
if_hwassist accordingly. (*)
o Make sure that the cooresponding hn(4)'s TSO parameters meet the
constraints posed by both the network VF and the cooresponding hn(4).
(*)
o The network VF's if_input is overridden. The overriding if_input
changes the input packet's rcvif to the cooreponding hn(4). The
network layers are tricked into thinking that all packets are
neceived by the cooresponding hn(4).
o If the cooresponding hn(4) was brought up, bring up the network VF.
The transmission dispatched to the cooresponding hn(4) are
redispatched to the network VF.
o Bringing down the cooresponding hn(4) also brings down the network
VF.
o All IOCTLs issued to the cooresponding hn(4) are pass-through'ed to
the network VF; the cooresponding hn(4) changes its internal state
if necessary.
o The media status of the cooresponding hn(4) solely relies on the
network VF.
o If there are multicast filters on the cooresponding hn(4), allmulti
will be enabled on the network VF. (**)
- Once the network VF is detached. Undo all damages did to the
cooresponding hn(4) in the above item.
NOTE:
No operation should be issued directly to the network VF, if the
network VF transparent mode is enabled. The network VF transparent mode
can be enabled by setting tunable hw.hn.vf_transparent to 1. The network
VF transparent mode is _not_ enabled by default, as of this commit.
The benefit of the network VF transparent mode is that the network VF
attachment and detachment are transparent to all network layers; e.g. live
migration detaches and reattaches the network VF.
The major drawbacks of the network VF transparent mode:
- The netmap(4) support is lost, even if the VF supports it.
- ALTQ does not work, since if_start method cannot be properly supported.
(*)
These decisions were made so that things will not be messed up too much
during the transition period.
(**)
This does _not_ need to go through the fancy multicast filter management
stuffs like what vlan(4) has, at least currently:
- As of this write, multicast does not work in Azure.
- As of this write, multicast packets go through the cooresponding hn(4).
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D11803
322483
hyperv/hn: Update VF's ibytes properly under transparent VF mode.
While, I'm here add comment about why updating VF's imcast stat is
not necessary.
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D11948
322485
hyperv/hn: Fix/enhance receiving path when VF is activated.
- Update hn(4)'s stats properly for non-transparent mode VF.
- Allow BPF tapping to hn(4) for non-transparent mode VF.
- Don't setup mbuf hash, if 'options RSS' is set.
In Azure, when VF is activated, TCP SYN and SYN|ACK go through hn(4)
while the rest of segments and ACKs belonging to the same TCP 4-tuple
go through the VF. So don't setup mbuf hash, if a VF is activated
and 'options RSS' is not enabled. hn(4) and the VF may use neither
the same RSS hash key nor the same RSS hash function, so the hash
value for packets belonging to the same flow could be different!
- Disable LRO.
hn(4) will only receive broadcast packets, multicast packets, TCP
SYN and SYN|ACK (in Azure), LRO is useless for these packet types.
For non-transparent, we definitely _cannot_ enable LRO at all, since
the LRO flush will use hn(4) as the receiving interface; i.e.
hn_ifp->if_input(hn_ifp, m).
While I'm here, remove unapplied comment and minor style change.
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D11978
322486
hyperv/hn: Minor cleanup
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D11979
322487
hyperv/hn: Re-set datapath after synthetic parts reattached.
Do this even for non-transparent mode VF. Better safe than sorry.
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D11981
Approved by: re (delphij)
r278861, r280283, r280284, r280294, r280452, r280558, r280571, r281863,
r282049, r282357, r282440, r282441, r282358, r282359, r283550, r283918,
r290171, r290667, r290381, r290533, r290666, r292483, r295659, r297545,
r298305, r298383, r298428, r306489, r306557, r307067, r307068, r307087,
r307088, r307089, r307091, r307092, r307093, r307098, r307115, r307154,
r307240, r307241, r315967, r316476
Unbreak BCM2835/RPI-B support by bringing it in line with stable/11 and
head:
- Optimise reading of pending interrupt registers.
- Fix a bug where some DTS layouts could cause the premature ending of the
search (i.e. without returning any result) and you would end up with a
random MAC address.
- Reduce the diff between head and arm_intrng with the bcm2835 interrupt
controller.
- Allow the retrieving of the reserved pins state.
- Add support to the bcm2835 mailbox driver to work before interrupts are
enabled. This will be needed to enable the power on devices early on in the
boot process.
- Add support for enabling the USB on the Raspberry Pi boards when it hasn't
been done by U-Boot. This allows the USB to work when we load the kernel
directly.
- Call config_intrhook_disestablish on failure of the bcm2835 fb and fbd intr
hooks. With this we can get through the boot even if these functions fail.
- Add the structures needed to get/set the power state. These can be used
when, for example, we boot without U-Boot and wish to enable USB, or to
suspend an unneeded device.
- Add a mask to match only the relative base address of BSC controllers.
- Move the code to set the device power to the bcm2835 mailbox driver so it
can be reused by other drivers.
- Add the SOC_BCM2835 and SOC_BCM2836 options for the arm kernel and add the
former to std.bcm2835.
- Add a helper function to read clock frequencies from videocore and use this
to get the default frequency of the sdhci device.
- Add partial support for the Raspberry Pi 2.
- Remove a debug #error from the bcm2835 sdhci driver.
- Fetch the SDHCI frequency from videocore (our prefered source) and only if
it fails, fetch the clock-frequency from DTB. If both methods fail, use the
hardcoded default.
- Pass the supplied buffer length instead of a fixed size.
- Add the routines to query and setup the framebuffer state using the
BCM2835_MBOX_CHAN_PROP channel. The old channel (BCM2835_MBOX_CHAN_FB)
seems deprecated on recent firmware versions and is causing a freeze on
RPi 2.
- Fix DMA on RPi 2. BCM2836 has a different base address for peripherals.
- Enable DMA for sdhci on RPi 2 (BCM2836).
- Add a missing wakeup when releasing ownership of the SPI hardware.
- Fix framebuffer compatibility with new RPi firmware.
- Refactor bcm2835_cpufreq to use bcm2835_mbox_property API.
- Fix the sc(4) framebuffer driver on RPi 2.
- Fix the vt(4) framebuffer driver on RPi 2.
- Remove unused mutex and softc variables.
- Refactor mailbox property API to make it usable for /dev/vcio driver.
- Replace semaphore-base locking with sleep/wait synchronization.
- Fix infinite loop if response from VideoCore never received.
- Set have_message in interrupt to handle "response before READ" case.
- Serialize access to property channel when using bcm2835_mbox_property.
- Force framebuffer virtual viewport to be the same as physical.
- Use proper type of tag in bcm2835_mbox_fb_init.
- bcm2835_cpufreq: Only attach driver if we correcly match on the machine
compatible string.
- Add dev.fb.X.resync sysctl to resync ARM framebuffer with VideoCore.
- Do not use DMA channels used by GPU.
- Define local-intc for BCM2836 platform (RPI2) and make BCM2835 intc
a child of it.
- Fix build for Pi kernels with syscons enabled.
- Use VM_MEMATTR_WRITE_COMBINING memattr for mmap(2) on framebuffer.
- Make intc driver compatible with upstream DTS.
- Make Rapsberry Pi watchdog driver compatible with upstream DTS.
- Make sure intc is attached before interrupt consumers.
- Make framebuffer driver compatible with upstream DT.
- Add one more heuristic to determine MAC address of the SMSC device.
- Add compatibility strings from upstream DT.
- Fix spelling mistake, BCM2835_PASWORD -> BCM2835_PASSWORD.
Approved by: re (kib)
and WANDBOARD [2] images to fix a boot issue.
This is a direct commit to stable/10, as the change is not needed
for head and stable/11.
Approved by: re (marius)
Help from: manu [1], ian [2]
Tested by: gjb [1], ian [2]
Sponsored by: The FreeBSD Foundation
------------------------------------------------------------------------
r321502 | scottl | 2017-07-25 19:48:13 -0600 (Tue, 25 Jul 2017) | 2 lines
Quiet a message that sounds far more dire than it really is.
------------------------------------------------------------------------
r321714 | scottl | 2017-07-30 00:53:58 -0600 (Sun, 30 Jul 2017) | 13 lines
Split the interrupt setup code into two parts: allocation and configuration.
Do the allocation before requesting the IOCFacts message. This triggers
the LSI firmware to recognize the multiqueue should be enabled if available.
Multiqueue isn't used by the driver yet, but this also fixes a problem with
the cached IOCFacts not matching latter checks, leading to potential problems
with error recovery.
As a side-effect, fetch the driver tunables as early as possible.
Reviewed by: slm
Obtained from: Netflix
Differential Revision: D9243
------------------------------------------------------------------------
r321733 | scottl | 2017-07-30 16:34:24 -0600 (Sun, 30 Jul 2017) | 5 lines
Change from using underbar function names to normal function names for
the informational print functions. Collapse the debug API a bit to be
more generic and not require as much code duplication. While here, fix
a bug in MPS that was already fixed in MPR.
------------------------------------------------------------------------
r321737 | scottl | 2017-07-30 18:05:49 -0600 (Sun, 30 Jul 2017) | 3 lines
Don't re-parse PCI IDs in order to set card-specific flags, use
the flags field in the PCIID table.
------------------------------------------------------------------------
r321799 | scottl | 2017-07-31 10:55:56 -0600 (Mon, 31 Jul 2017) | 4 lines
Fix a logic bug in the split PCI interrupt code that slipped through
Reported by: Harry Schmalzbauer
------------------------------------------------------------------------
r322364 | ken | 2017-08-10 08:59:17 -0600 (Thu, 10 Aug 2017) | 39 lines
Changes to make mps(4) and mpr(4) handle reinit with reallocation.
When the mps(4) and mpr(4) drivers need to reinitialize the
firmware, they sometimes need to reallocate all of the memory
allocated by the driver. The reallocation happens whenever the IOC
Facts change. That should only happen after a firmware upgrade.
If the reinitialization happens as a result of a timed out command
sent to the card, the command that timed out and triggered the
reinit may have been freed if iocfacts_allocate() reallocated all
memory. If the caller attempts to access the command after that,
the kernel will panic because the caller will be dereferencing
freed memory.
The solution is to set a flag in the softc when we reallocate,
and avoid dereferencing the command strucure if we've reallocated.
The changes are largely the same in both drivers, since mpr(4) is a
derivative of mps(4).
o In iocfacts_allocate(), if the IOC Facts have changed and we
need to reallocate, set the REALLOCATED flag in the softc.
o Change wait_command() to take a struct mps_command ** instead of
a struct mps_command *. This allows us to NULL out the caller's
command pointer if we have to reinit the controller and the data
structures get reallocated. (The REALLOCATED flag will be set
in the softc if that has happened.)
o In every place that calls wait_command(), make sure we handle
the case where the command is NULL after the call.
o The mpr(4) driver has mpr_request_polled() which can also
reinitialize the card. Also check for reallocation there.
Reviewed by: scottl, slm
Sponsored by: Spectra Logic
------------------------------------------------------------------------
Approved by: re (marius)
