Re: svn commit: r333263 - in head: lib/libjail sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/linprocfs sys/compat/linsysfs sys/fs/devfs sys/fs/fdescfs sys/fs/nullfs sys/fs/procfs sys/fs/ps
On 2018-11-16 16:30, Alan Somers wrote: > On Fri, Nov 16, 2018 at 2:28 PM James Gritton wrote: > > On 2018-11-16 10:34, Alan Somers wrote: > > On Fri, May 4, 2018 at 2:54 PM Jamie Gritton wrote: > Author: jamie > Date: Fri May 4 20:54:27 2018 > New Revision: 333263 > URL: https://svnweb.freebsd.org/changeset/base/333263 > > Log: > Make it easier for filesystems to count themselves as jail-enabled, > by doing most of the work in a new function prison_add_vfs in kern_jail.c > Now a jail-enabled filesystem need only mark itself with VFCF_JAIL, and > the rest is taken care of. This includes adding a jail parameter like > allow.mount.foofs, and a sysctl like security.jail.mount_foofs_allowed. > Both of these used to be a static list of known filesystems, with > predefined permission bits. > > Reviewed by: kib > Differential Revision:D14681 > > Modified: > head/lib/libjail/jail.c > head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c > head/sys/compat/linprocfs/linprocfs.c > head/sys/compat/linsysfs/linsysfs.c > head/sys/fs/devfs/devfs_vfsops.c > head/sys/fs/fdescfs/fdesc_vfsops.c > head/sys/fs/nullfs/null_vfsops.c > head/sys/fs/procfs/procfs.c > head/sys/fs/pseudofs/pseudofs.h > head/sys/fs/tmpfs/tmpfs_vfsops.c > head/sys/kern/kern_jail.c > head/sys/kern/vfs_init.c > head/sys/kern/vfs_mount.c > head/sys/kern/vfs_subr.c > head/sys/sys/jail.h > head/sys/sys/mount.h > head/usr.sbin/jail/jail.8 > > Modified: head/lib/libjail/jail.c > == > --- head/lib/libjail/jail.c Fri May 4 20:38:26 2018(r333262) > +++ head/lib/libjail/jail.c Fri May 4 20:54:27 2018(r333263) > @@ -1048,7 +1048,13 @@ kldload_param(const char *name) > else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 || > strcmp(name, "sysvshm") == 0) > kl = kldload(name); > - else { > + else if (strncmp(name, "allow.mount.", 12) == 0) { > + /* Load the matching filesystem */ > + kl = kldload(name + 12); > + if (kl < 0 && errno == ENOENT && > + strncmp(name + 12, "no", 2) == 0) > + kl = kldload(name + 14); > + } else { > errno = ENOENT; > return (-1); > } > I'm curious about this part of the change. Why is it necessary to load the > module in the "allow.mount.noXXXfs" case, when the jail is forbidden to mount > the filesystem? It seems like that would just load modules that aren't going > to be used. > Additional discussion at https://github.com/iocage/iocage/issues/689 . > -Alan Presumably such a parameter would be included in some jails in conjunction with the positive being included in others (perhaps as a default). The truth is I never really considered whether the "no" option would be used, I just always treat these option as pairs. It may be reasonable (at least in the allow.mount.* case) to silently disregard a "no" option that doesn't exist, but I don't know how many places would need to be modified for that to go smoothly. Though I don't expect that there would be too many people who bother to include a jail parameter about a filesystem which they're not planning to use. - Jamie Well, many people use the "no" option because one of the most popular jail managers, iocage, uses it under the hood. But since "no" is the default, its presence on the command line is a noop. Are there any situations in which the "no" option has an effect? The only two possibilities I could think of were: 1) Somebody puts both the positive and negative options on the same command line. From experiment, it seems like the last option takes effect. In this case, the presence of the positive option would cause the kld to be loaded, regardless of the presence of the negative option. 2) When using hierarchical jails, it might make sense to use the positive option for the outer jail and the negative option for the inner jail. But this would only be important if the inner jail inherited the outer jail's parameters, which doesn't seem to be the case. So I can't think of any reason to continue to mount the kld for "no" options. Can you? 3) There's allow.mount.foofs as a global parameter, with some jails overriding that with a jail-specific allow.mount.nofoofs. In that case, KLD loading shouldn't be a problem as global parameters typically come first. It makes sense not to load a KLD for a "no" option, as long as that option is then silently ignored. I wouldn't want it to error out with "unknown parameter". ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r340488 - in head/sys/x86: include x86 xen
On 11/16/18 3:39 PM, John Baldwin wrote: > Author: jhb > Date: Fri Nov 16 23:39:39 2018 > New Revision: 340488 > URL: https://svnweb.freebsd.org/changeset/base/340488 > > Log: > Axe MINIMUM_MSI_INT. > > Just allow MSI interrupts to always start at the end of the I/O APIC > pins. Since existing machines already have more than 255 I/O APIC > pins, IRQ 255 is no longer reliably invalid, so just remove the > minimum starting value for MSI. > > Reviewed by:kib, markj > Differential Revision: https://reviews.freebsd.org/D17991 Note that this will renumber IRQ values. If you are used to seeing IRQ values > 256 as meaning MSI, that will no longer be true. If you must know which interrupts are MSI you can check the machdep.first_msi_irq sysctl. I've also considered renaming them to 'msi' instead of 'irq' in vmstat -i output. We still have to have a number for cpuset -x to work, otherwise we could name MSI interrupts after the device perhaps. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340490 - head/sys/dev/pci
Author: brooks Date: Sat Nov 17 00:03:04 2018 New Revision: 340490 URL: https://svnweb.freebsd.org/changeset/base/340490 Log: Fix stray tab. Reported by: jbeich MFC after:3 days MFC with: r340489 Sponsored by: DARPA, AFRL Differential Revision:https://reviews.freebsd.org/D18011 Modified: head/sys/dev/pci/pci_user.c Modified: head/sys/dev/pci/pci_user.c == --- head/sys/dev/pci/pci_user.c Fri Nov 16 23:58:51 2018(r340489) +++ head/sys/dev/pci/pci_user.c Sat Nov 17 00:03:04 2018(r340490) @@ -966,7 +966,7 @@ pci_ioctl(struct cdev *dev, u_long cmd, caddr_t data, switch (cmd) { case PCIOCGETCONF: #ifdef COMPAT_FREEBSD32 - case PCIOCGETCONF32: + case PCIOCGETCONF32: #endif #ifdef PRE7_COMPAT case PCIOCGETCONF_OLD: ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340489 - head/sys/dev/pci
Author: brooks Date: Fri Nov 16 23:58:51 2018 New Revision: 340489 URL: https://svnweb.freebsd.org/changeset/base/340489 Log: Fix freebsd32 support for PCIOCGETCONF. This fixes regresssions in pciconf -l and some ports as reported on freebsd-current: https://lists.freebsd.org/pipermail/freebsd-current/2018-November/072144.html Reported by: jbeich Reviewed by: kib (also proposed an idential patch) Tested by:jbeich MFC after:3 days Sponsored by: DARPA, AFRL Differential Revision:https://reviews.freebsd.org/D18011 Modified: head/sys/dev/pci/pci_user.c Modified: head/sys/dev/pci/pci_user.c == --- head/sys/dev/pci/pci_user.c Fri Nov 16 23:39:39 2018(r340488) +++ head/sys/dev/pci/pci_user.c Fri Nov 16 23:58:51 2018(r340489) @@ -945,6 +945,9 @@ pci_ioctl(struct cdev *dev, u_long cmd, caddr_t data, if (!(flag & FWRITE)) { switch (cmd) { case PCIOCGETCONF: +#ifdef COMPAT_FREEBSD32 + case PCIOCGETCONF32: +#endif #ifdef PRE7_COMPAT case PCIOCGETCONF_OLD: #ifdef COMPAT_FREEBSD32 @@ -962,6 +965,9 @@ pci_ioctl(struct cdev *dev, u_long cmd, caddr_t data, switch (cmd) { case PCIOCGETCONF: +#ifdef COMPAT_FREEBSD32 + case PCIOCGETCONF32: +#endif #ifdef PRE7_COMPAT case PCIOCGETCONF_OLD: #ifdef COMPAT_FREEBSD32 ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340488 - in head/sys/x86: include x86 xen
Author: jhb Date: Fri Nov 16 23:39:39 2018 New Revision: 340488 URL: https://svnweb.freebsd.org/changeset/base/340488 Log: Axe MINIMUM_MSI_INT. Just allow MSI interrupts to always start at the end of the I/O APIC pins. Since existing machines already have more than 255 I/O APIC pins, IRQ 255 is no longer reliably invalid, so just remove the minimum starting value for MSI. Reviewed by: kib, markj Differential Revision:https://reviews.freebsd.org/D17991 Modified: head/sys/x86/include/intr_machdep.h head/sys/x86/x86/msi.c head/sys/x86/xen/pvcpu_enum.c head/sys/x86/xen/xen_msi.c Modified: head/sys/x86/include/intr_machdep.h == --- head/sys/x86/include/intr_machdep.h Fri Nov 16 21:27:11 2018 (r340487) +++ head/sys/x86/include/intr_machdep.h Fri Nov 16 23:39:39 2018 (r340488) @@ -51,15 +51,11 @@ * IRQ values returned by ACPI methods such as _CRS can be used * directly by the ACPI bus driver. * - * MSI interrupts allocate a block of interrupts starting at either - * the end of the I/O APIC range or 256, whichever is higher. When - * running under the Xen Hypervisor, an additional range of IRQ values - * are available for binding to event channel events. We use 256 as - * the minimum IRQ value for MSI interrupts to attempt to leave 255 - * unused since 255 is used in PCI to indicate an invalid INTx IRQ. + * MSI interrupts allocate a block of interrupts starting at the end + * of the I/O APIC range. When running under the Xen Hypervisor, an + * additional range of IRQ values are available for binding to event + * channel events. */ -#defineMINIMUM_MSI_INT 256 - extern u_int first_msi_irq; extern u_int num_io_irqs; extern u_int num_msi_irqs; Modified: head/sys/x86/x86/msi.c == --- head/sys/x86/x86/msi.c Fri Nov 16 21:27:11 2018(r340487) +++ head/sys/x86/x86/msi.c Fri Nov 16 23:39:39 2018(r340488) @@ -153,6 +153,8 @@ struct pic msi_pic = { }; u_int first_msi_irq; +SYSCTL_UINT(_machdep, OID_AUTO, first_msi_irq, CTLFLAG_RD, &first_msi_irq, 0, +"Number of first IRQ reserved for MSI and MSI-X interrupts"); u_int num_msi_irqs = 512; SYSCTL_UINT(_machdep, OID_AUTO, num_msi_irqs, CTLFLAG_RDTUN, &num_msi_irqs, 0, @@ -339,7 +341,7 @@ msi_init(void) if (num_msi_irqs == 0) return; - first_msi_irq = max(MINIMUM_MSI_INT, num_io_irqs); + first_msi_irq = num_io_irqs; if (num_msi_irqs > UINT_MAX - first_msi_irq) panic("num_msi_irq too high"); num_io_irqs = first_msi_irq + num_msi_irqs; Modified: head/sys/x86/xen/pvcpu_enum.c == --- head/sys/x86/xen/pvcpu_enum.c Fri Nov 16 21:27:11 2018 (r340487) +++ head/sys/x86/xen/pvcpu_enum.c Fri Nov 16 23:39:39 2018 (r340488) @@ -199,7 +199,7 @@ xenpv_setup_io(void) * this is legacy code so just keep using the previous * behaviour and assume a maximum of 256 interrupts. */ - num_io_irqs = max(MINIMUM_MSI_INT - 1, num_io_irqs); + num_io_irqs = max(255, num_io_irqs); acpi_SetDefaultIntrModel(ACPI_INTR_APIC); } Modified: head/sys/x86/xen/xen_msi.c == --- head/sys/x86/xen/xen_msi.c Fri Nov 16 21:27:11 2018(r340487) +++ head/sys/x86/xen/xen_msi.c Fri Nov 16 23:39:39 2018(r340488) @@ -57,7 +57,7 @@ xen_msi_init(void) { MPASS(num_io_irqs > 0); - first_msi_irq = min(MINIMUM_MSI_INT, num_io_irqs); + first_msi_irq = num_io_irqs; if (num_msi_irqs > UINT_MAX - first_msi_irq) panic("num_msi_irq too high"); num_io_irqs = first_msi_irq + num_msi_irqs; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r333263 - in head: lib/libjail sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/linprocfs sys/compat/linsysfs sys/fs/devfs sys/fs/fdescfs sys/fs/nullfs sys/fs/procfs sys/fs/ps
On Fri, Nov 16, 2018 at 2:28 PM James Gritton wrote: > On 2018-11-16 10:34, Alan Somers wrote: > > On Fri, May 4, 2018 at 2:54 PM Jamie Gritton wrote: > >> Author: jamie >> Date: Fri May 4 20:54:27 2018 >> New Revision: 333263 >> URL: https://svnweb.freebsd.org/changeset/base/333263 >> >> Log: >> Make it easier for filesystems to count themselves as jail-enabled, >> by doing most of the work in a new function prison_add_vfs in >> kern_jail.c >> Now a jail-enabled filesystem need only mark itself with VFCF_JAIL, and >> the rest is taken care of. This includes adding a jail parameter like >> allow.mount.foofs, and a sysctl like security.jail.mount_foofs_allowed. >> Both of these used to be a static list of known filesystems, with >> predefined permission bits. >> >> Reviewed by: kib >> Differential Revision:D14681 >> >> Modified: >> head/lib/libjail/jail.c >> head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c >> head/sys/compat/linprocfs/linprocfs.c >> head/sys/compat/linsysfs/linsysfs.c >> head/sys/fs/devfs/devfs_vfsops.c >> head/sys/fs/fdescfs/fdesc_vfsops.c >> head/sys/fs/nullfs/null_vfsops.c >> head/sys/fs/procfs/procfs.c >> head/sys/fs/pseudofs/pseudofs.h >> head/sys/fs/tmpfs/tmpfs_vfsops.c >> head/sys/kern/kern_jail.c >> head/sys/kern/vfs_init.c >> head/sys/kern/vfs_mount.c >> head/sys/kern/vfs_subr.c >> head/sys/sys/jail.h >> head/sys/sys/mount.h >> head/usr.sbin/jail/jail.8 >> >> Modified: head/lib/libjail/jail.c >> >> == >> --- head/lib/libjail/jail.c Fri May 4 20:38:26 2018(r333262) >> +++ head/lib/libjail/jail.c Fri May 4 20:54:27 2018(r333263) >> @@ -1048,7 +1048,13 @@ kldload_param(const char *name) >> else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") >> == 0 || >> strcmp(name, "sysvshm") == 0) >> kl = kldload(name); >> - else { >> + else if (strncmp(name, "allow.mount.", 12) == 0) { >> + /* Load the matching filesystem */ >> + kl = kldload(name + 12); >> + if (kl < 0 && errno == ENOENT && >> + strncmp(name + 12, "no", 2) == 0) >> + kl = kldload(name + 14); >> + } else { >> errno = ENOENT; >> return (-1); >> } >> > > I'm curious about this part of the change. Why is it necessary to load > the module in the "allow.mount.noXXXfs" case, when the jail is forbidden to > mount the filesystem? It seems like that would just load modules that > aren't going to be used. > > Additional discussion at https://github.com/iocage/iocage/issues/689 . > > -Alan > > > Presumably such a parameter would be included in some jails in conjunction > with the positive being included in others (perhaps as a default). The > truth is I never really considered whether the "no" option would be used, I > just always treat these option as pairs. > > It may be reasonable (at least in the allow.mount.* case) to silently > disregard a "no" option that doesn't exist, but I don't know how many > places would need to be modified for that to go smoothly. Though I don't > expect that there would be too many people who bother to include a jail > parameter about a filesystem which they're not planning to use. > > - Jamie > Well, many people use the "no" option because one of the most popular jail managers, iocage, uses it under the hood. But since "no" is the default, its presence on the command line is a noop. Are there any situations in which the "no" option has an effect? The only two possibilities I could think of were: 1) Somebody puts both the positive and negative options on the same command line. From experiment, it seems like the last option takes effect. In this case, the presence of the positive option would cause the kld to be loaded, regardless of the presence of the negative option. 2) When using hierarchical jails, it might make sense to use the positive option for the outer jail and the negative option for the inner jail. But this would only be important if the inner jail inherited the outer jail's parameters, which doesn't seem to be the case. So I can't think of any reason to continue to mount the kld for "no" options. Can you? ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r338990 - in head/sys: compat/freebsd32 dev/pci
On Fri, Nov 16, 2018 at 11:52:09PM +0100, Jan Beich wrote: > Brooks Davis writes: > > > Author: brooks > > Date: Thu Sep 27 21:08:32 2018 > > New Revision: 338990 > > URL: https://svnweb.freebsd.org/changeset/base/338990 > > > > Log: > > Centralize compat support for PCIOCGETCONF. > > > > The pre-7.x compat for both native and 32-bit code was already in > > pci_user.c. Use this infrastructure to add implement 32-bit support. > > This is more correct as ioctl(2) commands only have meaning in the > > context of a file descriptor. > > > > Reviewed by: kib > > Approved by: re (gjb) > > Obtained from:CheriBSD > > Sponsored by: DARPA, AFRL > > Differential revision:https://reviews.freebsd.org/D17324 > > After this commit getdevice() from pciconf(8) and pci_find_conf() in > tools/tools/dmardump/dmardump.c always fail in EPERM in -m32 mode. > Found via graphics/libdrm where PCIOCGETCONF is used to get a list of > DRM devices for use by OpenGL/Vulkan/VAAPI userland drivers. > > Can you fix the regression before 12.0R or back the commit out? > > https://lists.freebsd.org/pipermail/freebsd-current/2018-November/072144.html Eeek, looks like I missed a case statment in a switch that I somehow didn't hit in testing. I'm building a potential fix now. -- Brooks signature.asc Description: PGP signature
Re: svn commit: r338990 - in head/sys: compat/freebsd32 dev/pci
On Fri, Nov 16, 2018 at 11:52:09PM +0100, Jan Beich wrote: > Brooks Davis writes: > > > Author: brooks > > Date: Thu Sep 27 21:08:32 2018 > > New Revision: 338990 > > URL: https://svnweb.freebsd.org/changeset/base/338990 > > > > Log: > > Centralize compat support for PCIOCGETCONF. > > > > The pre-7.x compat for both native and 32-bit code was already in > > pci_user.c. Use this infrastructure to add implement 32-bit support. > > This is more correct as ioctl(2) commands only have meaning in the > > context of a file descriptor. > > > > Reviewed by: kib > > Approved by: re (gjb) > > Obtained from:CheriBSD > > Sponsored by: DARPA, AFRL > > Differential revision:https://reviews.freebsd.org/D17324 > > After this commit getdevice() from pciconf(8) and pci_find_conf() in > tools/tools/dmardump/dmardump.c always fail in EPERM in -m32 mode. > Found via graphics/libdrm where PCIOCGETCONF is used to get a list of > DRM devices for use by OpenGL/Vulkan/VAAPI userland drivers. > > Can you fix the regression before 12.0R or back the commit out? > > https://lists.freebsd.org/pipermail/freebsd-current/2018-November/072144.html Try this. diff --git a/sys/dev/pci/pci_user.c b/sys/dev/pci/pci_user.c index 380beff0d31..b6a53dd0982 100644 --- a/sys/dev/pci/pci_user.c +++ b/sys/dev/pci/pci_user.c @@ -945,6 +945,9 @@ pci_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, struct thread *t if (!(flag & FWRITE)) { switch (cmd) { case PCIOCGETCONF: +#ifdef COMPAT_FREEBSD32 + case PCIOCGETCONF32: +#endif #ifdef PRE7_COMPAT case PCIOCGETCONF_OLD: #ifdef COMPAT_FREEBSD32 @@ -962,6 +965,9 @@ pci_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, struct thread *t switch (cmd) { case PCIOCGETCONF: +#ifdef COMPAT_FREEBSD32 + case PCIOCGETCONF32: +#endif #ifdef PRE7_COMPAT case PCIOCGETCONF_OLD: #ifdef COMPAT_FREEBSD32 ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r338990 - in head/sys: compat/freebsd32 dev/pci
Brooks Davis writes: > Author: brooks > Date: Thu Sep 27 21:08:32 2018 > New Revision: 338990 > URL: https://svnweb.freebsd.org/changeset/base/338990 > > Log: > Centralize compat support for PCIOCGETCONF. > > The pre-7.x compat for both native and 32-bit code was already in > pci_user.c. Use this infrastructure to add implement 32-bit support. > This is more correct as ioctl(2) commands only have meaning in the > context of a file descriptor. > > Reviewed by:kib > Approved by:re (gjb) > Obtained from: CheriBSD > Sponsored by: DARPA, AFRL > Differential revision: https://reviews.freebsd.org/D17324 After this commit getdevice() from pciconf(8) and pci_find_conf() in tools/tools/dmardump/dmardump.c always fail in EPERM in -m32 mode. Found via graphics/libdrm where PCIOCGETCONF is used to get a list of DRM devices for use by OpenGL/Vulkan/VAAPI userland drivers. Can you fix the regression before 12.0R or back the commit out? https://lists.freebsd.org/pipermail/freebsd-current/2018-November/072144.html ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r340478 - head/share/man/man7
In message , =?utf-8?Q?Edward _Tomasz_Napiera=C5=82a?= writes: > > > > On 16 Nov 2018, at 18:40, Cy Schubert wrote: > > > > In message <201811161804.wagi44wc047...@pdx.rh.cn85.dnsmgr.net>, > > "Rodney W. Gri > > mes" writes: > On Fri, Nov 16, 2018 at 7:29 AM Mateusz Piotrowski <0...@freebsd.org> wro > te: > > A few years ago jilles@ proposed changing reboot's default to signallin > >> g > init (preserving reboot -q which just invokes the reboot system call), > but > this was not accepted. Perhaps this can be tried again for 13.0. > > >>> > >>> I didn't like it at the time, however I was wrong. Much of my reasoning f > or > >>> doing it has become muted as well since then, and the need to do it has > >>> become more amplified as more rc scripts have grown shutdown > >>> functionality... > >>> > >>> I think if we make what's now reboot 'fastreboot' or 'reboot -q' (both of > >>> which are historic replacements), we can make 'reboot' what's now 'shutdo > wn > >>> -r now'. > >> > >> I support this position. > > > > reboot(2) should be changed to signal init(8). RB_AUTOBOOT should > > signal init while a new RB_FASTBOOT or RB_LEGACY (or pick a name) would > > preserve traditional behavior. RB_POWEROFF, RB_POWERCYCLE and RB_HALT > > would also signal init except when RB_FASTBOOT flag is set. > > Wouldnât this break rebooting when UID 1 is not init(8)? You mean PID 1, right? This would obviously require special case handling when the caller is PID 1. Tangentially, though Linux vaguely documents RB_*, they document LINUX_REBOOT_* in their man page, which obviously doesn't work here. -- Cheers, Cy Schubert FreeBSD UNIX: Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r333263 - in head: lib/libjail sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/linprocfs sys/compat/linsysfs sys/fs/devfs sys/fs/fdescfs sys/fs/nullfs sys/fs/procfs sys/fs/ps
On 2018-11-16 10:34, Alan Somers wrote: > On Fri, May 4, 2018 at 2:54 PM Jamie Gritton wrote: > >> Author: jamie >> Date: Fri May 4 20:54:27 2018 >> New Revision: 333263 >> URL: https://svnweb.freebsd.org/changeset/base/333263 >> >> Log: >> Make it easier for filesystems to count themselves as jail-enabled, >> by doing most of the work in a new function prison_add_vfs in kern_jail.c >> Now a jail-enabled filesystem need only mark itself with VFCF_JAIL, and >> the rest is taken care of. This includes adding a jail parameter like >> allow.mount.foofs, and a sysctl like security.jail.mount_foofs_allowed. >> Both of these used to be a static list of known filesystems, with >> predefined permission bits. >> >> Reviewed by: kib >> Differential Revision:D14681 >> >> Modified: >> head/lib/libjail/jail.c >> head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c >> head/sys/compat/linprocfs/linprocfs.c >> head/sys/compat/linsysfs/linsysfs.c >> head/sys/fs/devfs/devfs_vfsops.c >> head/sys/fs/fdescfs/fdesc_vfsops.c >> head/sys/fs/nullfs/null_vfsops.c >> head/sys/fs/procfs/procfs.c >> head/sys/fs/pseudofs/pseudofs.h >> head/sys/fs/tmpfs/tmpfs_vfsops.c >> head/sys/kern/kern_jail.c >> head/sys/kern/vfs_init.c >> head/sys/kern/vfs_mount.c >> head/sys/kern/vfs_subr.c >> head/sys/sys/jail.h >> head/sys/sys/mount.h >> head/usr.sbin/jail/jail.8 >> >> Modified: head/lib/libjail/jail.c >> == >> --- head/lib/libjail/jail.c Fri May 4 20:38:26 2018(r333262) >> +++ head/lib/libjail/jail.c Fri May 4 20:54:27 2018(r333263) >> @@ -1048,7 +1048,13 @@ kldload_param(const char *name) >> else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 || >> strcmp(name, "sysvshm") == 0) >> kl = kldload(name); >> - else { >> + else if (strncmp(name, "allow.mount.", 12) == 0) { >> + /* Load the matching filesystem */ >> + kl = kldload(name + 12); >> + if (kl < 0 && errno == ENOENT && >> + strncmp(name + 12, "no", 2) == 0) >> + kl = kldload(name + 14); >> + } else { >> errno = ENOENT; >> return (-1); >> } > > I'm curious about this part of the change. Why is it necessary to load the > module in the "allow.mount.noXXXfs" case, when the jail is forbidden to mount > the filesystem? It seems like that would just load modules that aren't going > to be used. > > Additional discussion at https://github.com/iocage/iocage/issues/689 . > > -Alan Presumably such a parameter would be included in some jails in conjunction with the positive being included in others (perhaps as a default). The truth is I never really considered whether the "no" option would be used, I just always treat these option as pairs. It may be reasonable (at least in the allow.mount.* case) to silently disregard a "no" option that doesn't exist, but I don't know how many places would need to be modified for that to go smoothly. Though I don't expect that there would be too many people who bother to include a jail parameter about a filesystem which they're not planning to use. - Jamie ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340487 - in head/sys: amd64/vmm/intel x86/include x86/x86
Author: kib Date: Fri Nov 16 21:27:11 2018 New Revision: 340487 URL: https://svnweb.freebsd.org/changeset/base/340487 Log: Align IA32_ARCH_CAP MSR definitions and use with SDM rev. 068. SDM rev. 068 was released yesterday and it contains the description of the MSR 0x10a IA32_ARCH_CAP. This change adds symbolic definitions for all bits present in the document, and decode them in the CPU identification lines printed on boot. But also, the document defines SSB_NO as bit 4, while FreeBSD used but 2 to detect the need to work-around Speculative Store Bypass issue. Change code to use the bit from SDM. Similarly, the document describes bit 3 as an indicator that L1TF issue is not present, in particular, no L1D flush is needed on VMENTRY. We used RDCL_NO to avoid flushing, and again I changed the code to follow new spec from SDM. In fact my Apollo Lake machine with latest ucode shows this: IA32_ARCH_CAPS=0x19 Reviewed by: bwidawsk Sponsored by: The FreeBSD Foundation MFC after:3 days Differential revision:https://reviews.freebsd.org/D18006 Modified: head/sys/amd64/vmm/intel/vmx.c head/sys/x86/include/specialreg.h head/sys/x86/x86/cpu_machdep.c head/sys/x86/x86/identcpu.c Modified: head/sys/amd64/vmm/intel/vmx.c == --- head/sys/amd64/vmm/intel/vmx.c Fri Nov 16 19:08:52 2018 (r340486) +++ head/sys/amd64/vmm/intel/vmx.c Fri Nov 16 21:27:11 2018 (r340487) @@ -814,7 +814,8 @@ vmx_init(int ipinum) return (error); } - guest_l1d_flush = (cpu_ia32_arch_caps & IA32_ARCH_CAP_RDCL_NO) == 0; + guest_l1d_flush = (cpu_ia32_arch_caps & + IA32_ARCH_CAP_SKIP_L1DFL_VMENTRY) == 0; TUNABLE_INT_FETCH("hw.vmm.l1d_flush", &guest_l1d_flush); /* Modified: head/sys/x86/include/specialreg.h == --- head/sys/x86/include/specialreg.h Fri Nov 16 19:08:52 2018 (r340486) +++ head/sys/x86/include/specialreg.h Fri Nov 16 21:27:11 2018 (r340487) @@ -434,7 +434,9 @@ /* MSR IA32_ARCH_CAP(ABILITIES) bits */ #defineIA32_ARCH_CAP_RDCL_NO 0x0001 #defineIA32_ARCH_CAP_IBRS_ALL 0x0002 -#defineIA32_ARCH_CAP_SSBD_NO 0x0004 +#defineIA32_ARCH_CAP_RSBA 0x0004 +#defineIA32_ARCH_CAP_SKIP_L1DFL_VMENTRY0x0008 +#defineIA32_ARCH_CAP_SSB_NO0x0010 /* * CPUID manufacturers identifiers Modified: head/sys/x86/x86/cpu_machdep.c == --- head/sys/x86/x86/cpu_machdep.c Fri Nov 16 19:08:52 2018 (r340486) +++ head/sys/x86/x86/cpu_machdep.c Fri Nov 16 21:27:11 2018 (r340487) @@ -891,7 +891,7 @@ hw_ssb_recalculate(bool all_cpus) hw_ssb_set(true, all_cpus); break; case 2: /* auto */ - hw_ssb_set((cpu_ia32_arch_caps & IA32_ARCH_CAP_SSBD_NO) != 0 ? + hw_ssb_set((cpu_ia32_arch_caps & IA32_ARCH_CAP_SSB_NO) != 0 ? false : true, all_cpus); break; } Modified: head/sys/x86/x86/identcpu.c == --- head/sys/x86/x86/identcpu.c Fri Nov 16 19:08:52 2018(r340486) +++ head/sys/x86/x86/identcpu.c Fri Nov 16 21:27:11 2018(r340487) @@ -1014,6 +1014,9 @@ printcpuinfo(void) "\020" "\001RDCL_NO" "\002IBRS_ALL" + "\003RSBA" + "\004SKIP_L1DFL_VME" + "\005SSB_NO" ); } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r340478 - head/share/man/man7
> On 16 Nov 2018, at 18:40, Cy Schubert wrote: > > In message <201811161804.wagi44wc047...@pdx.rh.cn85.dnsmgr.net>, > "Rodney W. Gri > mes" writes: On Fri, Nov 16, 2018 at 7:29 AM Mateusz Piotrowski <0...@freebsd.org> wrote: A few years ago jilles@ proposed changing reboot's default to signallin >> g init (preserving reboot -q which just invokes the reboot system call), but this was not accepted. Perhaps this can be tried again for 13.0. >>> >>> I didn't like it at the time, however I was wrong. Much of my reasoning for >>> doing it has become muted as well since then, and the need to do it has >>> become more amplified as more rc scripts have grown shutdown >>> functionality... >>> >>> I think if we make what's now reboot 'fastreboot' or 'reboot -q' (both of >>> which are historic replacements), we can make 'reboot' what's now 'shutdown >>> -r now'. >> >> I support this position. > > reboot(2) should be changed to signal init(8). RB_AUTOBOOT should > signal init while a new RB_FASTBOOT or RB_LEGACY (or pick a name) would > preserve traditional behavior. RB_POWEROFF, RB_POWERCYCLE and RB_HALT > would also signal init except when RB_FASTBOOT flag is set. Wouldn’t this break rebooting when UID 1 is not init(8)? ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340486 - in head/sys/dev/cxgbe: crypto tom
Author: jhb Date: Fri Nov 16 19:08:52 2018 New Revision: 340486 URL: https://svnweb.freebsd.org/changeset/base/340486 Log: Consolidate on a single set of constants for SCMD fields. Both ccr(4) and the TOE TLS code had separate sets of constants for fields in SCMD messages. Sponsored by: Chelsio Communications Modified: head/sys/dev/cxgbe/crypto/t4_crypto.c head/sys/dev/cxgbe/crypto/t4_crypto.h head/sys/dev/cxgbe/tom/t4_tls.c head/sys/dev/cxgbe/tom/t4_tls.h Modified: head/sys/dev/cxgbe/crypto/t4_crypto.c == --- head/sys/dev/cxgbe/crypto/t4_crypto.c Fri Nov 16 19:04:12 2018 (r340485) +++ head/sys/dev/cxgbe/crypto/t4_crypto.c Fri Nov 16 19:08:52 2018 (r340486) @@ -444,10 +444,10 @@ ccr_hash(struct ccr_softc *sc, struct ccr_session *s, if (s->mode == HMAC) { use_opad = 1; - hmac_ctrl = CHCR_SCMD_HMAC_CTRL_NO_TRUNC; + hmac_ctrl = SCMD_HMAC_CTRL_NO_TRUNC; } else { use_opad = 0; - hmac_ctrl = CHCR_SCMD_HMAC_CTRL_NOP; + hmac_ctrl = SCMD_HMAC_CTRL_NOP; } /* PADs must be 128-bit aligned. */ @@ -513,8 +513,8 @@ ccr_hash(struct ccr_softc *sc, struct ccr_session *s, /* These two flits are actually a CPL_TLS_TX_SCMD_FMT. */ crwr->sec_cpl.seqno_numivs = htobe32( V_SCMD_SEQ_NO_CTRL(0) | - V_SCMD_PROTO_VERSION(CHCR_SCMD_PROTO_VERSION_GENERIC) | - V_SCMD_CIPH_MODE(CHCR_SCMD_CIPHER_MODE_NOP) | + V_SCMD_PROTO_VERSION(SCMD_PROTO_VERSION_GENERIC) | + V_SCMD_CIPH_MODE(SCMD_CIPH_MODE_NOP) | V_SCMD_AUTH_MODE(s->hmac.auth_mode) | V_SCMD_HMAC_CTRL(hmac_ctrl)); crwr->sec_cpl.ivgen_hdrlen = htobe32( @@ -682,11 +682,11 @@ ccr_blkcipher(struct ccr_softc *sc, struct ccr_session /* These two flits are actually a CPL_TLS_TX_SCMD_FMT. */ crwr->sec_cpl.seqno_numivs = htobe32( V_SCMD_SEQ_NO_CTRL(0) | - V_SCMD_PROTO_VERSION(CHCR_SCMD_PROTO_VERSION_GENERIC) | + V_SCMD_PROTO_VERSION(SCMD_PROTO_VERSION_GENERIC) | V_SCMD_ENC_DEC_CTRL(op_type) | V_SCMD_CIPH_MODE(s->blkcipher.cipher_mode) | - V_SCMD_AUTH_MODE(CHCR_SCMD_AUTH_MODE_NOP) | - V_SCMD_HMAC_CTRL(CHCR_SCMD_HMAC_CTRL_NOP) | + V_SCMD_AUTH_MODE(SCMD_AUTH_MODE_NOP) | + V_SCMD_HMAC_CTRL(SCMD_HMAC_CTRL_NOP) | V_SCMD_IV_SIZE(s->blkcipher.iv_len / 2) | V_SCMD_NUM_IVS(0)); crwr->sec_cpl.ivgen_hdrlen = htobe32( @@ -760,12 +760,12 @@ ccr_hmac_ctrl(unsigned int hashsize, unsigned int auth { if (authsize == 10) - return (CHCR_SCMD_HMAC_CTRL_TRUNC_RFC4366); + return (SCMD_HMAC_CTRL_TRUNC_RFC4366); if (authsize == 12) - return (CHCR_SCMD_HMAC_CTRL_IPSEC_96BIT); + return (SCMD_HMAC_CTRL_IPSEC_96BIT); if (authsize == hashsize / 2) - return (CHCR_SCMD_HMAC_CTRL_DIV2); - return (CHCR_SCMD_HMAC_CTRL_NO_TRUNC); + return (SCMD_HMAC_CTRL_DIV2); + return (SCMD_HMAC_CTRL_NO_TRUNC); } static int @@ -1018,7 +1018,7 @@ ccr_authenc(struct ccr_softc *sc, struct ccr_session * hmac_ctrl = ccr_hmac_ctrl(axf->hashsize, hash_size_in_response); crwr->sec_cpl.seqno_numivs = htobe32( V_SCMD_SEQ_NO_CTRL(0) | - V_SCMD_PROTO_VERSION(CHCR_SCMD_PROTO_VERSION_GENERIC) | + V_SCMD_PROTO_VERSION(SCMD_PROTO_VERSION_GENERIC) | V_SCMD_ENC_DEC_CTRL(op_type) | V_SCMD_CIPH_AUTH_SEQ_CTRL(op_type == CHCR_ENCRYPT_OP ? 1 : 0) | V_SCMD_CIPH_MODE(s->blkcipher.cipher_mode) | @@ -1361,11 +1361,11 @@ ccr_gcm(struct ccr_softc *sc, struct ccr_session *s, s hmac_ctrl = ccr_hmac_ctrl(AES_GMAC_HASH_LEN, hash_size_in_response); crwr->sec_cpl.seqno_numivs = htobe32( V_SCMD_SEQ_NO_CTRL(0) | - V_SCMD_PROTO_VERSION(CHCR_SCMD_PROTO_VERSION_GENERIC) | + V_SCMD_PROTO_VERSION(SCMD_PROTO_VERSION_GENERIC) | V_SCMD_ENC_DEC_CTRL(op_type) | V_SCMD_CIPH_AUTH_SEQ_CTRL(op_type == CHCR_ENCRYPT_OP ? 1 : 0) | - V_SCMD_CIPH_MODE(CHCR_SCMD_CIPHER_MODE_AES_GCM) | - V_SCMD_AUTH_MODE(CHCR_SCMD_AUTH_MODE_GHASH) | + V_SCMD_CIPH_MODE(SCMD_CIPH_MODE_AES_GCM) | + V_SCMD_AUTH_MODE(SCMD_AUTH_MODE_GHASH) | V_SCMD_HMAC_CTRL(hmac_ctrl) | V_SCMD_IV_SIZE(iv_len / 2) | V_SCMD_NUM_IVS(0)); @@ -1933,8 +1933,8 @@ ccr_newsession(device_t dev, crypto_session_t cses, st cipher = NULL; hash = NULL; auth_hash = NULL; - auth_mode = CHCR_SCMD_AUTH_MODE_NOP; - cipher_mode = CHCR_SCMD_CIPHER_MODE_NOP; + auth_mode = SCMD_AUTH_MODE_NOP; + cipher_mode = SCMD_CIPH_MODE_NOP; iv_len = 0; mk_size = 0;
svn commit: r340485 - head/tests/sys/netinet
Author: markj Date: Fri Nov 16 19:04:12 2018 New Revision: 340485 URL: https://svnweb.freebsd.org/changeset/base/340485 Log: Add regression tests for r340313 and r340483. Reviewed by: emaste MFC after:1 week Sponsored by: The FreeBSD Foundation Differential Revision:https://reviews.freebsd.org/D17926 Added: head/tests/sys/netinet/ip_reass_test.c (contents, props changed) Modified: head/tests/sys/netinet/Makefile Modified: head/tests/sys/netinet/Makefile == --- head/tests/sys/netinet/Makefile Fri Nov 16 18:59:58 2018 (r340484) +++ head/tests/sys/netinet/Makefile Fri Nov 16 19:04:12 2018 (r340485) @@ -3,7 +3,8 @@ TESTSDIR= ${TESTSBASE}/sys/netinet BINDIR=${TESTSDIR} -ATF_TESTS_C= so_reuseport_lb_test +ATF_TESTS_C= ip_reass_test \ + so_reuseport_lb_test ATF_TESTS_SH= fibs_test Added: head/tests/sys/netinet/ip_reass_test.c == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/tests/sys/netinet/ip_reass_test.c Fri Nov 16 19:04:12 2018 (r340485) @@ -0,0 +1,381 @@ +/*- + * Copyright (c) 2018 The FreeBSD Foundation + * + * This software was developed by Mark Johnston under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in + *the documentation and/or other materials provided with the + *distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +struct lopacket { + u_int family; + struct ip hdr; + charpayload[]; +}; + +static void +update_cksum(struct ip *ip) +{ + size_t i; + uint32_t cksum; + uint16_t *cksump; + + ip->ip_sum = 0; + cksump = (uint16_t *)ip; + for (cksum = 0, i = 0; i < sizeof(*ip) / sizeof(*cksump); cksump++, i++) + cksum += ntohs(*cksump); + cksum = (cksum >> 16) + (cksum & 0x); + cksum = ~(cksum + (cksum >> 16)); + ip->ip_sum = htons((uint16_t)cksum); +} + +static struct lopacket * +alloc_lopacket(in_addr_t dstaddr, size_t payloadlen) +{ + struct ip *ip; + struct lopacket *packet; + size_t pktlen; + + pktlen = sizeof(*packet) + payloadlen; + packet = malloc(pktlen); + ATF_REQUIRE(packet != NULL); + + memset(packet, 0, pktlen); + packet->family = AF_INET; + + ip = &packet->hdr; + ip->ip_hl = sizeof(struct ip) >> 2; + ip->ip_v = 4; + ip->ip_tos = 0; + ip->ip_len = htons(sizeof(*ip) + payloadlen); + ip->ip_id = 0; + ip->ip_off = 0; + ip->ip_ttl = 1; + ip->ip_p = IPPROTO_IP; + ip->ip_sum = 0; + ip->ip_src.s_addr = dstaddr; + ip->ip_dst.s_addr = dstaddr; + update_cksum(ip); + + return (packet); +} + +static void +free_lopacket(struct lopacket *packet) +{ + + free(packet); +} + +static void +write_lopacket(int bpffd, struct lopacket *packet) +{ + struct timespec ts; + ssize_t n; + size_t len; + + len = sizeof(packet->family) + ntohs(packet->hdr.ip_len); + n = write(bpffd, packet, len); + ATF_REQUIRE_MSG(n >= 0, "packet write failed: %s", strerror(errno)); + ATF_REQUIRE_MSG((size_t)n == len, "wrote %zd bytes instead of %zu", + n, len); + + /* +* Loopback packets are dispatched asynchronously, give netisr some +* time. +*/ + ts.tv_sec = 0; + ts.tv_nsec = 500
svn commit: r340484 - in head: . tests/sys/netinet
Author: markj Date: Fri Nov 16 18:59:58 2018 New Revision: 340484 URL: https://svnweb.freebsd.org/changeset/base/340484 Log: Rename the SO_REUSEPORT_LB test file to be consistent with other tests. MFC after:1 week Added: head/tests/sys/netinet/so_reuseport_lb_test.c - copied unchanged from r340483, head/tests/sys/netinet/reuseport_lb.c Deleted: head/tests/sys/netinet/reuseport_lb.c Modified: head/ObsoleteFiles.inc head/tests/sys/netinet/Makefile Modified: head/ObsoleteFiles.inc == --- head/ObsoleteFiles.inc Fri Nov 16 18:32:48 2018(r340483) +++ head/ObsoleteFiles.inc Fri Nov 16 18:59:58 2018(r340484) @@ -38,6 +38,8 @@ # xargs -n1 | sort | uniq -d; # done +# 20181116: Rename test file. +OLD_FILES+=usr/tests/sys/netinet/reuseport_lb # 20181112: Cleanup old libcap_dns. OLD_LIBS+=lib/casper/libcap_dns.so.1 OLD_LIBS+=usr/lib32/libcap_dns.so.1 Modified: head/tests/sys/netinet/Makefile == --- head/tests/sys/netinet/Makefile Fri Nov 16 18:32:48 2018 (r340483) +++ head/tests/sys/netinet/Makefile Fri Nov 16 18:59:58 2018 (r340484) @@ -3,7 +3,7 @@ TESTSDIR= ${TESTSBASE}/sys/netinet BINDIR=${TESTSDIR} -ATF_TESTS_C= reuseport_lb +ATF_TESTS_C= so_reuseport_lb_test ATF_TESTS_SH= fibs_test Copied: head/tests/sys/netinet/so_reuseport_lb_test.c (from r340483, head/tests/sys/netinet/reuseport_lb.c) == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/tests/sys/netinet/so_reuseport_lb_test.c Fri Nov 16 18:59:58 2018(r340484, copy of r340483, head/tests/sys/netinet/reuseport_lb.c) @@ -0,0 +1,242 @@ +/*- + * Copyright (c) 2018 The FreeBSD Foundation + * + * This software was developed by Mark Johnston under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in + *the documentation and/or other materials provided with the + *distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include + +#include + +#include +#include +#include +#include + +#include + +/* + * Given an array of non-blocking listening sockets configured in a LB group + * for "addr", try connecting to "addr" in a loop and verify that connections + * are roughly balanced across the sockets. + */ +static void +lb_simple_accept_loop(int domain, const struct sockaddr *addr, int sds[], +size_t nsds, int nconns) +{ + size_t i; + int *acceptcnt; + int csd, error, excnt, sd; + + /* +* We expect each listening socket to accept roughly nconns/nsds +* connections, but allow for some error. +*/ + excnt = nconns / nsds / 8; + acceptcnt = calloc(nsds, sizeof(*acceptcnt)); + ATF_REQUIRE_MSG(acceptcnt != NULL, "calloc() failed: %s", + strerror(errno)); + + while (nconns-- > 0) { + sd = socket(domain, SOCK_STREAM, 0); + ATF_REQUIRE_MSG(sd >= 0, "socket() failed: %s", + strerror(errno)); + + error = connect(sd, addr, addr->sa_len); + ATF_REQUIRE_MSG(error == 0, "connect() failed: %s", + strerror(errno)); + + /* +* Poll the listening sockets. +*/ + do { + for (i = 0; i < nsds; i++) { + csd = accept(sds[i], NULL, NULL); + if (csd &
Re: svn commit: r340478 - head/share/man/man7
In message <201811161804.wagi44wc047...@pdx.rh.cn85.dnsmgr.net>, "Rodney W. Gri mes" writes: > > On Fri, Nov 16, 2018 at 7:29 AM Mateusz Piotrowski <0...@freebsd.org> wrote: > > > > > A few years ago jilles@ proposed changing reboot's default to signallin > g > > > init (preserving reboot -q which just invokes the reboot system call), > > > but > > > this was not accepted. Perhaps this can be tried again for 13.0. > > > > > > > I didn't like it at the time, however I was wrong. Much of my reasoning for > > doing it has become muted as well since then, and the need to do it has > > become more amplified as more rc scripts have grown shutdown > > functionality... > > > > I think if we make what's now reboot 'fastreboot' or 'reboot -q' (both of > > which are historic replacements), we can make 'reboot' what's now 'shutdown > > -r now'. > > I support this position. reboot(2) should be changed to signal init(8). RB_AUTOBOOT should signal init while a new RB_FASTBOOT or RB_LEGACY (or pick a name) would preserve traditional behavior. RB_POWEROFF, RB_POWERCYCLE and RB_HALT would also signal init except when RB_FASTBOOT flag is set. This aligns us better with what Linux is currently doing. IIRC Solaris still uses the legacy behavior however Solaris isn't relevant any more. Linux is pretty much the standard and we should endeavour to conform as much as we can. -- Cheers, Cy Schubert FreeBSD UNIX: Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340483 - head/sys/netinet
Author: jtl Date: Fri Nov 16 18:32:48 2018 New Revision: 340483 URL: https://svnweb.freebsd.org/changeset/base/340483 Log: Add some additional length checks to the IPv4 fragmentation code. Specifically, block 0-length fragments, even when the MF bit is clear. Also, ensure that every fragment with the MF bit clear ends at the same offset and that no subsequently-received fragments exceed that offset. Reviewed by: glebius, markj MFC after:3 days Sponsored by: Netflix Differential Revision:https://reviews.freebsd.org/D17922 Modified: head/sys/netinet/ip_reass.c head/sys/netinet/ip_var.h Modified: head/sys/netinet/ip_reass.c == --- head/sys/netinet/ip_reass.c Fri Nov 16 17:07:54 2018(r340482) +++ head/sys/netinet/ip_reass.c Fri Nov 16 18:32:48 2018(r340483) @@ -211,19 +211,21 @@ ip_reass(struct mbuf *m) * convert offset of this to bytes. */ ip->ip_len = htons(ntohs(ip->ip_len) - hlen); - if (ip->ip_off & htons(IP_MF)) { - /* -* Make sure that fragments have a data length -* that's a non-zero multiple of 8 bytes. -*/ - if (ip->ip_len == htons(0) || (ntohs(ip->ip_len) & 0x7) != 0) { - IPSTAT_INC(ips_toosmall); /* XXX */ - IPSTAT_INC(ips_fragdropped); - m_freem(m); - return (NULL); - } + /* +* Make sure that fragments have a data length +* that's a non-zero multiple of 8 bytes, unless +* this is the last fragment. +*/ + if (ip->ip_len == htons(0) || + ((ip->ip_off & htons(IP_MF)) && (ntohs(ip->ip_len) & 0x7) != 0)) { + IPSTAT_INC(ips_toosmall); /* XXX */ + IPSTAT_INC(ips_fragdropped); + m_freem(m); + return (NULL); + } + if (ip->ip_off & htons(IP_MF)) m->m_flags |= M_IP_FRAG; - } else + else m->m_flags &= ~M_IP_FRAG; ip->ip_off = htons(ntohs(ip->ip_off) << 3); @@ -301,9 +303,28 @@ ip_reass(struct mbuf *m) fp->ipq_src = ip->ip_src; fp->ipq_dst = ip->ip_dst; fp->ipq_frags = m; + if (m->m_flags & M_IP_FRAG) + fp->ipq_maxoff = -1; + else + fp->ipq_maxoff = ntohs(ip->ip_off) + ntohs(ip->ip_len); m->m_nextpkt = NULL; goto done; } else { + /* +* If we already saw the last fragment, make sure +* this fragment's offset looks sane. Otherwise, if +* this is the last fragment, record its endpoint. +*/ + if (fp->ipq_maxoff > 0) { + i = ntohs(ip->ip_off) + ntohs(ip->ip_len); + if (((m->m_flags & M_IP_FRAG) && i >= fp->ipq_maxoff) || + ((m->m_flags & M_IP_FRAG) == 0 && + i != fp->ipq_maxoff)) { + fp = NULL; + goto dropfrag; + } + } else if ((m->m_flags & M_IP_FRAG) == 0) + fp->ipq_maxoff = ntohs(ip->ip_off) + ntohs(ip->ip_len); fp->ipq_nfrags++; atomic_add_int(&nfrags, 1); #ifdef MAC Modified: head/sys/netinet/ip_var.h == --- head/sys/netinet/ip_var.h Fri Nov 16 17:07:54 2018(r340482) +++ head/sys/netinet/ip_var.h Fri Nov 16 18:32:48 2018(r340483) @@ -61,6 +61,7 @@ struct ipq { u_char ipq_ttl;/* time for reass q to live */ u_char ipq_p; /* protocol of this fragment */ u_short ipq_id; /* sequence id for reassembly */ + int ipq_maxoff; /* total length of packet */ struct mbuf *ipq_frags; /* to ip headers of fragments */ struct in_addr ipq_src,ipq_dst; u_char ipq_nfrags; /* # frags in this packet */ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r340478 - head/share/man/man7
> On Fri, Nov 16, 2018 at 7:29 AM Mateusz Piotrowski <0...@freebsd.org> wrote: > > > A few years ago jilles@ proposed changing reboot's default to signalling > > init (preserving reboot -q which just invokes the reboot system call), > > but > > this was not accepted. Perhaps this can be tried again for 13.0. > > > > I didn't like it at the time, however I was wrong. Much of my reasoning for > doing it has become muted as well since then, and the need to do it has > become more amplified as more rc scripts have grown shutdown > functionality... > > I think if we make what's now reboot 'fastreboot' or 'reboot -q' (both of > which are historic replacements), we can make 'reboot' what's now 'shutdown > -r now'. I support this position. -- Rod Grimes rgri...@freebsd.org ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r340478 - head/share/man/man7
On Fri, Nov 16, 2018 at 7:29 AM Mateusz Piotrowski <0...@freebsd.org> wrote: > A few years ago jilles@ proposed changing reboot's default to signalling > init (preserving reboot -q which just invokes the reboot system call), > but > this was not accepted. Perhaps this can be tried again for 13.0. > I didn't like it at the time, however I was wrong. Much of my reasoning for doing it has become muted as well since then, and the need to do it has become more amplified as more rc scripts have grown shutdown functionality... I think if we make what's now reboot 'fastreboot' or 'reboot -q' (both of which are historic replacements), we can make 'reboot' what's now 'shutdown -r now'. Warner ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r333263 - in head: lib/libjail sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/linprocfs sys/compat/linsysfs sys/fs/devfs sys/fs/fdescfs sys/fs/nullfs sys/fs/procfs sys/fs/ps
On Fri, May 4, 2018 at 2:54 PM Jamie Gritton wrote: > Author: jamie > Date: Fri May 4 20:54:27 2018 > New Revision: 333263 > URL: https://svnweb.freebsd.org/changeset/base/333263 > > Log: > Make it easier for filesystems to count themselves as jail-enabled, > by doing most of the work in a new function prison_add_vfs in kern_jail.c > Now a jail-enabled filesystem need only mark itself with VFCF_JAIL, and > the rest is taken care of. This includes adding a jail parameter like > allow.mount.foofs, and a sysctl like security.jail.mount_foofs_allowed. > Both of these used to be a static list of known filesystems, with > predefined permission bits. > > Reviewed by: kib > Differential Revision:D14681 > > Modified: > head/lib/libjail/jail.c > head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c > head/sys/compat/linprocfs/linprocfs.c > head/sys/compat/linsysfs/linsysfs.c > head/sys/fs/devfs/devfs_vfsops.c > head/sys/fs/fdescfs/fdesc_vfsops.c > head/sys/fs/nullfs/null_vfsops.c > head/sys/fs/procfs/procfs.c > head/sys/fs/pseudofs/pseudofs.h > head/sys/fs/tmpfs/tmpfs_vfsops.c > head/sys/kern/kern_jail.c > head/sys/kern/vfs_init.c > head/sys/kern/vfs_mount.c > head/sys/kern/vfs_subr.c > head/sys/sys/jail.h > head/sys/sys/mount.h > head/usr.sbin/jail/jail.8 > > Modified: head/lib/libjail/jail.c > > == > --- head/lib/libjail/jail.c Fri May 4 20:38:26 2018(r333262) > +++ head/lib/libjail/jail.c Fri May 4 20:54:27 2018(r333263) > @@ -1048,7 +1048,13 @@ kldload_param(const char *name) > else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") > == 0 || > strcmp(name, "sysvshm") == 0) > kl = kldload(name); > - else { > + else if (strncmp(name, "allow.mount.", 12) == 0) { > + /* Load the matching filesystem */ > + kl = kldload(name + 12); > + if (kl < 0 && errno == ENOENT && > + strncmp(name + 12, "no", 2) == 0) > + kl = kldload(name + 14); > + } else { > errno = ENOENT; > return (-1); > } > I'm curious about this part of the change. Why is it necessary to load the module in the "allow.mount.noXXXfs" case, when the jail is forbidden to mount the filesystem? It seems like that would just load modules that aren't going to be used. Additional discussion at https://github.com/iocage/iocage/issues/689 . -Alan ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340482 - in head/sys: compat/linux kern sys
Author: mjg Date: Fri Nov 16 17:07:54 2018 New Revision: 340482 URL: https://svnweb.freebsd.org/changeset/base/340482 Log: proc: always store parent pid in p_oppid Doing so removes the dependency on proctree lock from sysctl process list export which further reduces contention during poudriere -j 128 runs. Reviewed by: kib (previous version) Sponsored by: The FreeBSD Foundation Differential Revision:https://reviews.freebsd.org/D17825 Modified: head/sys/compat/linux/linux_fork.c head/sys/kern/kern_exit.c head/sys/kern/kern_fork.c head/sys/kern/kern_kthread.c head/sys/kern/kern_proc.c head/sys/kern/kern_prot.c head/sys/kern/sys_procdesc.c head/sys/kern/sys_process.c head/sys/sys/proc.h Modified: head/sys/compat/linux/linux_fork.c == --- head/sys/compat/linux/linux_fork.c Fri Nov 16 16:51:44 2018 (r340481) +++ head/sys/compat/linux/linux_fork.c Fri Nov 16 17:07:54 2018 (r340482) @@ -235,7 +235,7 @@ linux_clone_proc(struct thread *td, struct linux_clone if (args->flags & LINUX_CLONE_PARENT) { sx_xlock(&proctree_lock); PROC_LOCK(p2); - proc_reparent(p2, td->td_proc->p_pptr); + proc_reparent(p2, td->td_proc->p_pptr, true); PROC_UNLOCK(p2); sx_xunlock(&proctree_lock); } Modified: head/sys/kern/kern_exit.c == --- head/sys/kern/kern_exit.c Fri Nov 16 16:51:44 2018(r340481) +++ head/sys/kern/kern_exit.c Fri Nov 16 17:07:54 2018(r340482) @@ -107,14 +107,9 @@ proc_realparent(struct proc *child) struct proc *p, *parent; sx_assert(&proctree_lock, SX_LOCKED); - if ((child->p_treeflag & P_TREE_ORPHANED) == 0) { - if (child->p_oppid == 0 || - child->p_pptr->p_pid == child->p_oppid) - parent = child->p_pptr; - else - parent = initproc; - return (parent); - } + if ((child->p_treeflag & P_TREE_ORPHANED) == 0) + return (child->p_pptr->p_pid == child->p_oppid ? + child->p_pptr : initproc); for (p = child; (p->p_treeflag & P_TREE_FIRST_ORPHAN) == 0;) { /* Cannot use LIST_PREV(), since the list head is not known. */ p = __containerof(p->p_orphan.le_prev, struct proc, @@ -144,7 +139,7 @@ reaper_abandon_children(struct proc *p, bool exiting) LIST_INSERT_HEAD(&p1->p_reaplist, p2, p_reapsibling); if (exiting && p2->p_pptr == p) { PROC_LOCK(p2); - proc_reparent(p2, p1); + proc_reparent(p2, p1, true); PROC_UNLOCK(p2); } } @@ -458,7 +453,7 @@ exit1(struct thread *td, int rval, int signo) q->p_sigparent = SIGCHLD; if (!(q->p_flag & P_TRACED)) { - proc_reparent(q, q->p_reaper); + proc_reparent(q, q->p_reaper, true); if (q->p_state == PRS_ZOMBIE) { /* * Inform reaper about the reparented @@ -494,10 +489,10 @@ exit1(struct thread *td, int rval, int signo) */ t = proc_realparent(q); if (t == p) { - proc_reparent(q, q->p_reaper); + proc_reparent(q, q->p_reaper, true); } else { PROC_LOCK(t); - proc_reparent(q, t); + proc_reparent(q, t, true); PROC_UNLOCK(t); } /* @@ -589,7 +584,7 @@ exit1(struct thread *td, int rval, int signo) mtx_unlock(&p->p_pptr->p_sigacts->ps_mtx); pp = p->p_pptr; PROC_UNLOCK(pp); - proc_reparent(p, p->p_reaper); + proc_reparent(p, p->p_reaper, true); p->p_sigparent = SIGCHLD; PROC_LOCK(p->p_pptr); @@ -855,7 +850,7 @@ proc_reap(struct thread *td, struct proc *p, int *stat * If we got the child via a ptrace 'attach', we need to give it back * to the old parent. */ - if (p->p_oppid != 0 && p->p_oppid != p->p_pptr->p_pid) { + if (p->p_oppid != p->p_pptr->p_pid) { PROC_UNLOCK(p); t = proc_realparent(p); PROC_LOCK(t); @@ -863,8 +858,7 @@ proc_reap(struct thread *td, struct proc *p, int *stat CTR2(KTR_PTRACE, "wait: traced child %d moved back to parent %d",
svn commit: r340481 - head/sys/dev/nvme
Author: imp Date: Fri Nov 16 16:51:44 2018 New Revision: 340481 URL: https://svnweb.freebsd.org/changeset/base/340481 Log: Remove do-nothing nvme_modevent. nvme_modevent no longer does anything interesting, remove it. Sponsored by: Netflix Modified: head/sys/dev/nvme/nvme.c Modified: head/sys/dev/nvme/nvme.c == --- head/sys/dev/nvme/nvme.cFri Nov 16 16:23:45 2018(r340480) +++ head/sys/dev/nvme/nvme.cFri Nov 16 16:51:44 2018(r340481) @@ -61,7 +61,6 @@ static intnvme_probe(device_t); static intnvme_attach(device_t); static intnvme_detach(device_t); static intnvme_shutdown(device_t); -static intnvme_modevent(module_t mod, int type, void *arg); static devclass_t nvme_devclass; @@ -80,7 +79,7 @@ static driver_t nvme_pci_driver = { sizeof(struct nvme_controller), }; -DRIVER_MODULE(nvme, pci, nvme_pci_driver, nvme_devclass, nvme_modevent, 0); +DRIVER_MODULE(nvme, pci, nvme_pci_driver, nvme_devclass, NULL, NULL); MODULE_VERSION(nvme, 1); MODULE_DEPEND(nvme, cam, 1, 1, 1); @@ -181,16 +180,6 @@ nvme_uninit(void) SYSUNINIT(nvme_unregister, SI_SUB_DRIVERS, SI_ORDER_SECOND, nvme_uninit, NULL); -static void -nvme_load(void) -{ -} - -static void -nvme_unload(void) -{ -} - static int nvme_shutdown(device_t dev) { @@ -198,24 +187,6 @@ nvme_shutdown(device_t dev) ctrlr = DEVICE2SOFTC(dev); nvme_ctrlr_shutdown(ctrlr); - - return (0); -} - -static int -nvme_modevent(module_t mod, int type, void *arg) -{ - - switch (type) { - case MOD_LOAD: - nvme_load(); - break; - case MOD_UNLOAD: - nvme_unload(); - break; - default: - break; - } return (0); } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340480 - head/sys/compat/linuxkpi/common/include/linux
Author: hselasky Date: Fri Nov 16 16:23:45 2018 New Revision: 340480 URL: https://svnweb.freebsd.org/changeset/base/340480 Log: Define asm macro in the LinuxKPI. Submitted by: Johannes Lundberg MFC after:1 week Sponsored by: Mellanox Technologies Modified: head/sys/compat/linuxkpi/common/include/linux/kernel.h Modified: head/sys/compat/linuxkpi/common/include/linux/kernel.h == --- head/sys/compat/linuxkpi/common/include/linux/kernel.h Fri Nov 16 16:19:16 2018(r340479) +++ head/sys/compat/linuxkpi/common/include/linux/kernel.h Fri Nov 16 16:23:45 2018(r340480) @@ -138,6 +138,8 @@ #defineprintk(...) printf(__VA_ARGS__) #definevprintk(f, a) vprintf(f, a) +#defineasm __asm + extern void linux_dump_stack(void); #definedump_stack()linux_dump_stack() ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340479 - head/sys/compat/linuxkpi/common/include/linux
Author: hselasky Date: Fri Nov 16 16:19:16 2018 New Revision: 340479 URL: https://svnweb.freebsd.org/changeset/base/340479 Log: Implement ktime_get_ts64() function macro in the LinuxKPI. Submitted by: Johannes Lundberg MFC after:1 week Sponsored by: Mellanox Technologies Modified: head/sys/compat/linuxkpi/common/include/linux/ktime.h Modified: head/sys/compat/linuxkpi/common/include/linux/ktime.h == --- head/sys/compat/linuxkpi/common/include/linux/ktime.h Fri Nov 16 14:29:28 2018(r340478) +++ head/sys/compat/linuxkpi/common/include/linux/ktime.h Fri Nov 16 16:19:16 2018(r340479) @@ -176,6 +176,7 @@ timeval_to_ktime(struct timeval tv) #definektime_to_timespec64(kt) ns_to_timespec(kt) #definektime_to_timeval(kt)ns_to_timeval(kt) #definektime_to_ns(kt) (kt) +#definektime_get_ts64(ts) ktime_get_ts(ts) static inline int64_t ktime_get_ns(void) ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340478 - head/share/man/man7
Author: 0mp (ports committer) Date: Fri Nov 16 14:29:28 2018 New Revision: 340478 URL: https://svnweb.freebsd.org/changeset/base/340478 Log: development(7): Replace "reboot" with "shutdown -r now" We generally document shutdown(8) instead of reboot(8) as it's better for interactive use. In modern FreeBSD is matters a lot less, it's mostly just convention. One minor thing is that shutdown(8) produces a global message, while reboot(8) does not. It is believed that historically, some versions of reboot did not do appropriate safe shutdown checks and just rebooted. It's also just consistency: for example the handbook[1] documents shutdown. There is actually another important difference between reboot and shutdown -r now: reboot does not run /etc/rc.shutdown. This is because reboot has its own shutdown procedure and does not signal init like init 6 and shutdown -r now do (except in the case of rerooting via reboot -r). A few years ago jilles@ proposed changing reboot's default to signalling init (preserving reboot -q which just invokes the reboot system call), but this was not accepted. Perhaps this can be tried again for 13.0. [1]: https://www.freebsd.org/doc/handbook/boot-shutdown.html Reported by: eadler Reviewed by: eadler, jilles Approved by: krion (mentor) Differential Revision:https://reviews.freebsd.org/D16843 Modified: head/share/man/man7/development.7 Modified: head/share/man/man7/development.7 == --- head/share/man/man7/development.7 Fri Nov 16 14:21:57 2018 (r340477) +++ head/share/man/man7/development.7 Fri Nov 16 14:29:28 2018 (r340478) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 22, 2018 +.Dd November 16, 2018 .Dt DEVELOPMENT 7 .Os .Sh NAME @@ -110,7 +110,7 @@ system: svnlite co https://svn.FreeBSD.org/base/head src cd src make -j8 buildworld buildkernel installkernel -reboot +shutdown -r now .Ed .Pp After reboot: ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340477 - head/sys/net
Author: ae Date: Fri Nov 16 14:21:57 2018 New Revision: 340477 URL: https://svnweb.freebsd.org/changeset/base/340477 Log: Allow configuration of several ipsec interfaces with the same tunnel endpoints. This can be used to configure several IPsec tunnels between two hosts with different security associations. Obtained from:Yandex LLC MFC after:2 weeks Sponsored by: Yandex LLC Modified: head/sys/net/if_ipsec.c Modified: head/sys/net/if_ipsec.c == --- head/sys/net/if_ipsec.c Fri Nov 16 11:17:18 2018(r340476) +++ head/sys/net/if_ipsec.c Fri Nov 16 14:21:57 2018(r340477) @@ -968,7 +968,7 @@ static int ipsec_set_addresses(struct ifnet *ifp, struct sockaddr *src, struct sockaddr *dst) { - struct ipsec_softc *sc, *tsc; + struct ipsec_softc *sc; struct secasindex *saidx; sx_assert(&ipsec_ioctl_sx, SA_XLOCKED); @@ -982,18 +982,6 @@ ipsec_set_addresses(struct ifnet *ifp, struct sockaddr key_sockaddrcmp(&saidx->dst.sa, dst, 0) == 0) return (0); /* Nothing has been changed. */ - } - /* Check that given addresses aren't already configured */ - CK_LIST_FOREACH(tsc, ipsec_srchash(src), srchash) { - if (tsc == sc) - continue; - MPASS(tsc->family == src->sa_family); - saidx = ipsec_getsaidx(tsc, IPSEC_DIR_OUTBOUND, tsc->family); - if (key_sockaddrcmp(&saidx->src.sa, src, 0) == 0 && - key_sockaddrcmp(&saidx->dst.sa, dst, 0) == 0) { - /* We already have tunnel with such addresses */ - return (EADDRNOTAVAIL); - } } /* If reqid is not set, generate new one. */ if (ipsec_init_reqid(sc) != 0) ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340476 - head/sys/mips/mediatek
Author: sgalabov Date: Fri Nov 16 11:17:18 2018 New Revision: 340476 URL: https://svnweb.freebsd.org/changeset/base/340476 Log: Implement support for sysctl hw.model for Mediatek/Ralink SoCs These SoCs have CHIPID registers, which store the Chip model, according to the manufacturer; make use of those in order to better identify the chip we're actually running on. If we're unable to read the CHIPID registers for some reason we will use the string "unknown " as a value for hw.model. Reported by: yamori...@yahoo.co.jp Sponsored by: Smartcom - Bulgaria AD Modified: head/sys/mips/mediatek/mtk_machdep.c head/sys/mips/mediatek/mtk_soc.c head/sys/mips/mediatek/mtk_soc.h head/sys/mips/mediatek/mtk_sysctl.h Modified: head/sys/mips/mediatek/mtk_machdep.c == --- head/sys/mips/mediatek/mtk_machdep.cFri Nov 16 10:20:35 2018 (r340475) +++ head/sys/mips/mediatek/mtk_machdep.cFri Nov 16 11:17:18 2018 (r340476) @@ -233,6 +233,8 @@ platform_start(__register_t a0 __unused, __register_t while (1); mtk_soc_try_early_detect(); + mtk_soc_set_cpu_model(); + if ((timer_clk = mtk_soc_get_timerclk()) == 0) timer_clk = 10; /* no such speed yet */ Modified: head/sys/mips/mediatek/mtk_soc.c == --- head/sys/mips/mediatek/mtk_soc.cFri Nov 16 10:20:35 2018 (r340475) +++ head/sys/mips/mediatek/mtk_soc.cFri Nov 16 11:17:18 2018 (r340476) @@ -52,6 +52,9 @@ static uint32_t mtk_soc_uartclk = 0; static uint32_t mtk_soc_cpuclk = MTK_CPU_CLK_880MHZ; static uint32_t mtk_soc_timerclk = MTK_CPU_CLK_880MHZ / 2; +static uint32_t mtk_soc_chipid0_3 = MTK_UNKNOWN_CHIPID0_3; +static uint32_t mtk_soc_chipid4_7 = MTK_UNKNOWN_CHIPID4_7; + static const struct ofw_compat_data compat_data[] = { { "ralink,rt2880-soc", MTK_SOC_RT2880 }, { "ralink,rt3050-soc", MTK_SOC_RT3050 }, @@ -295,6 +298,10 @@ mtk_soc_try_early_detect(void) if (bus_space_map(bst, base, MTK_DEFAULT_SIZE, 0, &bsh)) return; + /* Get our CHIP ID */ + mtk_soc_chipid0_3 = bus_space_read_4(bst, bsh, SYSCTL_CHIPID0_3); + mtk_soc_chipid4_7 = bus_space_read_4(bst, bsh, SYSCTL_CHIPID4_7); + /* First, figure out the CPU clock */ switch (mtk_soc_socid) { case MTK_SOC_RT2880: @@ -387,6 +394,28 @@ mtk_soc_try_early_detect(void) } bus_space_unmap(bst, bsh, MTK_DEFAULT_SIZE); +} + +extern char cpu_model[]; + +void +mtk_soc_set_cpu_model(void) +{ + uint32_t *p_model = (uint32_t *)cpu_model; + + /* +* CHIPID is always 2x32 bit registers, containing the ASCII +* representation of the chip, so use that directly. +* +* The info is either pre-populated in mtk_soc_try_early_detect() or +* it is left at its default value of "unknown " if it could not be +* obtained for some reason. +*/ + p_model[0] = mtk_soc_chipid0_3; + p_model[1] = mtk_soc_chipid4_7; + + /* Null-terminate the string */ + cpu_model[8] = 0; } uint32_t Modified: head/sys/mips/mediatek/mtk_soc.h == --- head/sys/mips/mediatek/mtk_soc.hFri Nov 16 10:20:35 2018 (r340475) +++ head/sys/mips/mediatek/mtk_soc.hFri Nov 16 11:17:18 2018 (r340476) @@ -122,6 +122,7 @@ enum mtk_soc_id { #define MTK_DEFAULT_SIZE 0x6000 extern void mtk_soc_try_early_detect(void); +extern voidmtk_soc_set_cpu_model(void); extern uint32_t mtk_soc_get_uartclk(void); extern uint32_t mtk_soc_get_cpuclk(void); extern uint32_t mtk_soc_get_timerclk(void); Modified: head/sys/mips/mediatek/mtk_sysctl.h == --- head/sys/mips/mediatek/mtk_sysctl.h Fri Nov 16 10:20:35 2018 (r340475) +++ head/sys/mips/mediatek/mtk_sysctl.h Fri Nov 16 11:17:18 2018 (r340476) @@ -54,6 +54,9 @@ #define RT3350_CHIPID0_3 0x5452 +#define MTK_UNKNOWN_CHIPID0_3 0x6E6B6E75 /* "unkn" */ +#define MTK_UNKNOWN_CHIPID4_7 0x206E776F /* "own " */ + extern uint32_tmtk_sysctl_get(uint32_t); extern voidmtk_sysctl_set(uint32_t, uint32_t); extern voidmtk_sysctl_clr_set(uint32_t, uint32_t, uint32_t); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r340475 - head/share/man/man9
Author: vmaffione Date: Fri Nov 16 10:20:35 2018 New Revision: 340475 URL: https://svnweb.freebsd.org/changeset/base/340475 Log: ifnet(9): Add description of IFCAP_NETMAP Describe IFCAP_NETMAP adding a cross reference to netmap(4). Reviewed by: bcr, 0mp Approved by: gnn (mentor) MFC after:3 days Differential Revision:https://reviews.freebsd.org/D17988 Modified: head/share/man/man9/ifnet.9 Modified: head/share/man/man9/ifnet.9 == --- head/share/man/man9/ifnet.9 Fri Nov 16 03:42:29 2018(r340474) +++ head/share/man/man9/ifnet.9 Fri Nov 16 10:20:35 2018(r340475) @@ -28,7 +28,7 @@ .\" .\" $FreeBSD$ .\" -.Dd December 6, 2017 +.Dd November 14, 2018 .Dt IFNET 9 .Os .Sh NAME @@ -759,6 +759,9 @@ interfaces (implies .Dv IFCAP_TSO ) . .It Dv IFCAP_LINKSTATE This Ethernet interface supports dynamic link state changes. +.It Dv IFCAP_NETMAP +This Ethernet interface supports +.Xr netmap 4 . .El .Pp The ability of advanced network interfaces to offload certain ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r340472 - in head: lib/libc/amd64/string sys/amd64/amd64
On Fri, 16 Nov 2018, Mateusz Guzik wrote: Log: amd64: handle small memset buffers with overlapping stores Instead of jumping to locations which store the exact number of bytes, use displacement to move the destination. In particular the following clears an area between 8-16 (inclusive) branch-free: movq%r10,(%rdi) movq%r10,-8(%rdi,%rcx) For instance for rcx of 10 the second line is rdi + 10 - 8 = rdi + 2. Writing 8 bytes starting at that offset overlaps with 6 bytes written previously and writes 2 new, giving 10 in total. Provides a nice win for smaller stores. Other ones are erratic depending on the microarchitecture. General idea taken from NetBSD (restricted use of the trick) and bionic string functions (use for various ranges like in this patch). Why not take such ideas from FreeBSD (or at least from FreeBSD committers) where this one was used between 1996 and 2010 for the i586(npx)-optimized bzero? Testing showed that it wasn't a very good idea, so I didn't use it anywhere else and didn't complain much when it was backed out. It is not very good since it pessimizes the usual case where everything is aligned. Now it is an even larger pessimization for the ERMS case, at least in theory, since "rep movsb" should be able to handle alignment stuff. Here it is for the version in FreeBSD-5: XX i586_bz2: XX fldz XX XX /* XX * Align to an 8 byte boundary (misalignment in the main loop would XX * cost a factor of >= 2). Avoid jumps (at little cost if it is XX * already aligned) by always zeroing 8 bytes and using the part up XX * to the _next_ alignment position. XX */ XX fstl0(%edx) XX addl%edx,%ecx /* part of %ecx -= new_%edx - %edx */ XX addl$8,%edx XX andl$~7,%edx XX subl%edx,%ecx XX XX /* XX * Similarly align `len' to a multiple of 8. XX */ XX fstl-8(%edx,%ecx) XX decl%ecx XX andl$~7,%ecx This even has comments. The "little" cost mentioned in the comments is just the instruction fetch cost plus an extra fstl in cases where everthing is aligned. The first fstl in the above doesn't have much extra cost since it replaces an fstl in the loop later. The second one is only needed when the alignment stuff is needed (e.g., to write 14 bytes as 8+8 with an overlap of too), but it is always done to reduces branches. With too many instructions to fetch, code like this becomes almost as slow as "rep movs". IIRC, on Haswell, "rep movs[bwlq]" takes 25 cycles to start up (most x86's take about that long to start up string instructions and ERMS doesn't improve this on at least Haswell), and all cases have a throughput of 32 bytes/cycle, so in 25 cycles 800 bytes can be copied and for data smaller than about this size it is best not to use string instructions, provided you don't use methods that take too many cycles to start up. Alignment stuff tends to take too many cycles to start up especially if it has lots of branches which trash the branch target caches. I think the above takes about 3 cycles on Haswell, except for the fstls which are quite slow. IIRC, they have a throughput of about 1 every 2 cycles and a latency of 4 or 8 cycles. The above code was optimized for Pentium-1's where the times in cycles for fstl were not much different from on newer CPUs, but everything else is either wider or faster so going through npx registers is a pessimization. Pentium-1's can barely saturate their slow L1 cache using npx instructions. I don't like the way ERMS is used in -current on amd64: - pagezero_erms: this is useless on at least Haswell since it has the same speed as pagezero_std. ERMS makes "rep stosq" equally fast to "rep stosb" and everything is aligned so there is no difference in the setup overhead. (There might be a difference dividing the count by the access width, but this is done at compile time in pagezero_std, and in the overhead for doing this at runtime is in the noise.) - memmove_erms: with a large size, this should just use "rep movsb" with almost no setup. Instead, it uses the MEMMOVE macro to do lots of setup and to obfuscate its pessimizations. Disassembly shows that memmove_erms ends up with 152 instructions while memmove_std ends up with 164 instructions. There is little difference except that memmove_std has an extra main loop doing "rep movsq". This is implemented by testing the erms arg of MEMMOVE in just 2 places. The non-erms case of course has to divide by the access width, and then has to arrange to copy any remaining bytes. - memmove_std: this still has the pessimization of using "rep movsb" to finish up in some cases. This costs ~25 cycles of setup overhead when it is reached. erms as currently used gives almost no optimizations except by bypassing this pessimization. The finishing should be done using integer registers. Only 1 store is needed using overlapping store