Commit Graph

276534 Commits

Author SHA1 Message Date
wiz 930c6cf21c Sync usage with man page. 2020-05-07 12:52:40 +00:00
wiz a9c88f9a45 New sentence, new line. 2020-05-07 12:52:26 +00:00
macallan 5c1e31280b add entry for BCM43362, found on Cubietruck
ok jmcneill@
2020-05-07 11:46:27 +00:00
simonb da4f320927 Add PRID definition for newer SiByte SB1 cores (rev 0x11).
Add a constant for SiByte/BCRM cacheable coherent TLB cache attribute.
2020-05-07 11:43:28 +00:00
jmcneill 6a3493dbfe Add A20 CLK_OUT_A and CLK_OUT_B clocks 2020-05-07 11:24:47 +00:00
hannken f106ce5415 Operation zfs_zget_cleaner() cannot fail, comment and add assertions. 2020-05-07 09:13:06 +00:00
hannken 1243122ba6 Revert Rev. 1.31 as it is no longer possible for the handle to be NULL. 2020-05-07 09:12:31 +00:00
hannken 5e7dc406e9 Revert Rev. 1.63 and add a comment why we have to zil_commit() here:
Operation zfs_znode.c::zfs_zget_cleaner() depends on this
zil_commit() as a barrier to guarantee the znode cannot
get freed before its log entries are resolved.
2020-05-07 09:12:03 +00:00
riastradh caee431449 Fix two mistakes in entropy accounting.
1. When consolidating entropy from per-CPU pools, drop the amount
   pending to zero; otherwise the entropy consolidation thread might
   keep consolidating every second.

This uncovered a feedback loop with kern.entropy.depletion=1 and
on-demand entropy sources, which is that depleting the pool and then
requesting more from it causes the on-demand entropy sources to
trigger reseed, which causes cprng_fast/strong to request more which
depletes the pool again which causes on-demand entropy sources to
trigger reseed, and so on.

To work around this:

2. Set a rate limit on reseeding (advancing the entropy epoch) when
   kern.entropy.depletion=1; otherwise reseeding gets into a feedback
   loop when there are on-demand entropy sources like RDRAND/RDSEED.

(By default, kern.entropy.depletion=0, so this mainly only affects
systems where you're simulating what happens when /dev/random blocks
for testing.)
2020-05-07 00:55:13 +00:00
bouyer 9aa14e3164 The event channel is not necesserely bound to the primary CPU.
Use the CPU returned in the interrupt handler instead.
2020-05-06 20:40:33 +00:00
rkujawa c388420a0e Document the HDAUDIO_ENABLE_HDMI and HDAUDIO_ENABLE_DISPLAYPORT options. 2020-05-06 20:15:15 +00:00
bouyer b1ac263880 Drop xbdi_lock() before calling intr_disestablish(), it needs to take
cpu_lock.
2020-05-06 20:09:26 +00:00
bouyer f3d444f821 Attempts to make MP-safe:
xpmap_ptom_unmap() doens't need to be called at splvm; we own the pa.
Use atomic ops to change pmap_pa_end
Make sure the ptom/mtop are up to date before giving the pages back to the
pool.
2020-05-06 19:52:19 +00:00
bouyer 3705635c0d Make MP-safe: make sure the xpq_queue* are flushed before making the
pages visible to UVM.
2020-05-06 19:50:26 +00:00
bouyer 7cfb6126f7 We can't take v_interlock with a spin lock held. Release xbdi_lock
before scheduling the I/O, and take again once queued.
It looks safe to drop the lock here.
2020-05-06 19:49:00 +00:00
bouyer 0eef747d02 xpq_queue_* use per-cpu queue; splvm() is enough to protect them.
remove the XXX SMP comments.
2020-05-06 19:47:05 +00:00
kim 955964c1b9 Output records in original order
Append to the list of output records instead of pushing on it, so we
don't reverse the order of records (when not sorting).
2020-05-06 19:45:39 +00:00
bouyer 85af261e00 x86/x86/ipi.c should not be built for XENPV, even if dom0ops is defined. 2020-05-06 19:45:12 +00:00
kim b41a6df0d4 Use memcpy for copying out lastlog and lastlogx text
Lastlog and lastlogx text fields are not NUL-terminated when original data
is truncated.
2020-05-06 19:31:32 +00:00
riastradh 1e65f60a58 Tweak logic to decide whether a medium is safe for an rndseed.
- Teach rndctl to load the seed, but treat it as zero entropy, if the
  medium is read-only or if the update fails.

- Teach rndctl to accept `-i' flag instructing it to ignore the
  entropy estimate in the seed.

- Teach /etc/rc.d/random_seed to:
  (a) assume nonlocal file systems are unsafe, and use -i, but
  (b) assume / is safe, even if it is nonlocal.
  If the medium is nonwritable, leave it to rndctl to detect that.
  (Could use statvfs and check for ST_LOCAL in rndctl, I guess, but I
  already implemented it this way.)

Treating nonlocal / as safe is a compromise: it's up to the operator
to secure the network for (e.g.) nfs mounts, but that's true whether
we're talking entropy or not -- if the adversary has access to the
network that you've mounted / from, they can do a lot more damage
anyway; this reduces warning fatigue for diskless systems, e.g. test
racks.
2020-05-06 18:49:26 +00:00
riastradh df65398010 Update to reflect change to message. 2020-05-06 18:38:20 +00:00
riastradh 9d3b7ca9dc Don't reject seed file entropy estimates, until one is nonzero.
We try to avoid counting the seed file's entropy twice, e.g. once
from the boot loader and once from rndctl via /etc/rc.d/random_seed.

But previously, if you had a /var/db/entropy-file that was deemed to
have zero entropy, that would prevent rndctl -L from _ever_ setting a
nonzero entropy estimate, even if you (say) copy a seed file over
from another machine (over a non-eavesdroppable medium) and try to
load it in with rndctl -L, e.g. via `/etc/rc.d/random_seed start'.

Now we accept the first _nonzero_ entropy estimate from a seed file.

The operator can still always trick the kernel into believing there's
entropy in the system by writing data to /dev/random, if the operator
knows something the kernel doesn't; this only affects the _automated_
seed file loading.
2020-05-06 18:31:05 +00:00
aymeric c79f400cf4 In sink(), upon error, avoid multiple replies to the source as this
would lead to a desynchronization of the protocol and further files or
directories to be ignored or corrupted.

Reported by Daniel Goujot, Georges-Axel Jaloyan, Ryan Lahfa, and David Naccache.
2020-05-06 18:15:40 +00:00
bouyer 699b53bbee KASSERT() that the per-cpu queues are run at IPL_VM after boot. 2020-05-06 17:28:26 +00:00
bouyer dc28113a31 No need to run hypercalls at IPL_VM.
XXX still not MP-safe
2020-05-06 17:27:39 +00:00
bouyer 29dc0cfa77 Convert remaining splfoo/splx and tsleep/wakeup to mutex and condvar.
Mark kernel threads and interrupt handlers MPSAFE.
2020-05-06 16:50:13 +00:00
nia 5e1fba1a1e Add getentropy() to libc - a simple wrapper to access the kernel CSPRNG.
Posted to tech-userlevel@ a week ago and reviewed by riastradh@.

GETENTROPY(3)		   Library Functions Manual		 GETENTROPY(3)

NAME
     getentropy - fill a buffer with high quality random data

LIBRARY
     Standard C Library (libc, -lc)

SYNOPSIS
     #include <unistd.h>

     int
     getentropy(void *buf, size_t buflen);

DESCRIPTION
     The getentropy() function fills a buffer with high quality random data,
     suitable for seeding cryptographically secure psuedorandom number
     generators.

     getentropy() is only intended for seeding random number generators and is
     not intended for use by regular code which simply needs secure random
     data.  For this purpose, please use arc4random(3).

     The maximum value for buflen is 256 bytes.

IMPLEMENTATION NOTES
     getentropy() reads from the sysctl(7) variable kern.arandom.

RETURN VALUES
     The getentropy() function returns 0 on success, and -1 if an error
     occurred.

ERRORS
     getentropy() will succeed unless:

     [EFAULT]		The buf argument points to an invalid memory address.

     [EIO]		Too many bytes were requested.

SEE ALSO
     arc4random(3), rnd(4)

STANDARDS
     The getentropy() function is non-standard.

HISTORY
     The getentropy() function first appeared in OpenBSD 5.6, then in
     FreeBSD 12.0, and NetBSD 10.
2020-05-06 16:17:36 +00:00
snj cc9246a967 The name of the action used with blacklistd's control script is rem,
not remove.  From Jose Luis Duran in PR bin/55195.
2020-05-06 14:59:51 +00:00
snj d74cf4b1aa netsmb is no more 2020-05-06 14:33:52 +00:00
kim 6f210b4518 If the passwd entry is not found for a lastlogx entry, cons up a fake
struct passwd where pw_name is the numeric uid in parentheses. This was
already implemented for lastlog entries in revision 1.13.

If -n is specified more than once, also print the user numerically
(ie, uid instead of username) for lastlog entries. This was already
implemented for lastlogx entries in revision 1.13.

Reorder the lastlogx host name numeric condition so it better matches
the user name numeric condition.
2020-05-06 13:47:39 +00:00
bouyer d3cd9c5f63 remove the per-channel spin lock and instead make sure that events
add/remove will only be done on the CPU the handler is bound to, with
interrupts disabled.
Should be similar to the native x86 interrupts add/remove.
2020-05-06 13:43:48 +00:00
kre fff8f00d1b Bump date for previous change... I frequently forget that bit. 2020-05-06 13:13:50 +00:00
christos 81f24eb1c1 Allocate one more byte so that we are always NUL-terminated, and remove
the extra commented out NUL-terminations. As suggested in:

    http://mail-index.netbsd.org/source-changes-d/2020/04/01/msg012470.html
2020-05-06 12:44:36 +00:00
kim 45e7025978 Size output columns dynamically by default to fit contents. 2020-05-06 11:58:33 +00:00
bouyer da456d1ffb Bump INSTIMAGEMB, hopefully fix releng autobuilds 2020-05-06 09:18:10 +00:00
kre 45f67043e6 kill is built-in to more than just csh(1).
While here, add missing Xr sh 1 (which was previously needed, moreso now)
and also include STOP and CONT in the list of common signals.
2020-05-06 09:07:15 +00:00
kamil 0cb847d641 Avoid buffer overflow
Disable the offending code.

OK by kre@
2020-05-06 07:25:26 +00:00
thorpej d1852f1c12 Fix a bug in the futex_wake_highest_pri test case. Still fails as
expected.
2020-05-06 05:14:27 +00:00
christos 3e820cb068 Behave like gmake: empty string does not match % pattern 2020-05-06 02:30:10 +00:00
ad 3235a637ea lwp_unpark(): no need to acquire LWP refs or drop the proc lock.
On the hacky benchmarks I have, held over from the transition to 1:1
threading, this restores pthread_cond_signal() perf to radixtree/sleepq
levels, and semes much better than either with pthread_cond_broadcast() and
10 threads.  It would be interesting to see what might be achieved with a
lockless lookup, which is within grasp now thanks to pid_table being used
for lookup.
2020-05-05 22:12:06 +00:00
ad 56d6bdb9f7 PR port-amiga/55233 Process hangs indefinitely if not calling syscalls for a while
cpu_intr_p() is broken on amiga, fix it.

From code inspection it looks like amiga and other m68k ports check for ASTs
with interrupts enabled in some cases, which is racy.  Not fixed.
2020-05-05 21:22:48 +00:00
skrll 533e6b2e7c switch hppa to new binutils (2.34) 2020-05-05 20:47:38 +00:00
skrll bda3cfd2fc Disable attempt to use ifunc on hppa. It doesn't work and new binutils
throws a build error.
2020-05-05 20:47:14 +00:00
skrll fd7fe8589e Mark __cerror as hidden to avoid using the PLT. This is required for new
binutils where the PLT stubs now use %t1 (%r22) which is used to pass
the errno to __cerror.
2020-05-05 20:43:47 +00:00
skrll af937be388 Add a space before any non-nullified instruction. NFCI. 2020-05-05 20:39:18 +00:00
jdolecek 5eefcf3158 fix KASSERT() for MHLEN case in m_defrag() - network stack usually does
m_adj(ETHER_ALIGN) so check that the mbuf chain data fits
M_LEADINGSPACE() + M_TRAILINGSPACE()
2020-05-05 20:36:48 +00:00
maxv b3f22be23a Gather the section filtering in a single function, and add a sanity check
when relocating, to make sure the section we're accessing is mappable.

Currently this check fails, because of the Xen section, which has RELAs but
is an unmappable unallocated note.

Also improve the prekern ASSERTs while here.
2020-05-05 19:26:47 +00:00
kamil 43b8951996 Skip traceme_raise* tests rather than failing upfront
This avoid reporting the tests as unexpected failure.
2020-05-05 18:12:20 +00:00
bouyer 4dbd32ce08 Make DOM0OPS build for PVH/PVHVM too 2020-05-05 17:02:01 +00:00
bouyer 9ae5cc2e42 disable I/O or mem decode before probing BAR size.
Bar size is probed writing 0xffffffff to the BAR and reading back; but while
doing this the decoding address is not guaranteed to be valid and could have
side effect.

Xen PVH enforces disabling decoding before writing to a BAR.

Proposed on tech-kern@, got positive comments
2020-05-05 16:58:11 +00:00