[op/gsoc2014/smap+kpatch] variable sized patches #2
Assignees
Labels
Comments
opntr
changed the title
opntr
pushed a commit
that referenced
this issue
Aug 23, 2014
Mostly bugfixes or features developed in the past 6 months, so this is a 10.1 candidate. Basically no user API changes (some bugfixes in sys/net/netmap_user.h). In detail: 1. netmap support for virtio-net, including in netmap mode. Under bhyve and with a netmap backend [2] we reach over 1Mpps with standard APIs (e.g. libpcap), and 5-8 Mpps in netmap mode. 2. (kernel) add support for multiple memory allocators, so we can better partition physical and virtual interfaces giving access to separate users. The most visible effect is one additional argument to the various kernel functions to compute buffer addresses. All netmap-supported drivers are affected, but changes are mechanical and trivial 3. (kernel) simplify the prototype for *txsync() and *rxsync() driver methods. All netmap drivers affected, changes mostly mechanical. 4. add support for netmap-monitor ports. Think of it as a mirroring port on a physical switch: a netmap monitor port replicates traffic present on the main port. Restrictions apply. Drive carefully. 5. if_lem.c: support for various paravirtualization features, experimental and disabled by default. Most of these are described in our ANCS'13 paper [1]. Paravirtualized support in netmap mode is new, and beats the numbers in the paper by a large factor (under qemu-kvm, we measured gues-host throughput up to 10-12 Mpps). A lot of refactoring and additional documentation in the files in sys/dev/netmap, but apart from #2 and #3 above, almost nothing of this stuff is visible to other kernel parts. Example programs in tools/tools/netmap have been updated with bugfixes and to support more of the existing features. This is meant to go into 10.1 so we plan an MFC before the Aug.22 deadline. A lot of this code has been contributed by my colleagues at UNIPI, including Giuseppe Lettieri, Vincenzo Maffione, Stefano Garzarella. MFC after: 3 days.
opntr
pushed a commit
that referenced
this issue
Nov 1, 2014
Most of the tablearg-supported opcodes does not accept 0 as valid value: O_TAG, O_TAGGED, O_PIPE, O_QUEUE, O_DIVERT, O_TEE, O_SKIPTO, O_CALLRET, O_NETGRAPH, O_NGTEE, O_NAT treats 0 as invalid input. The rest are O_SETDSCP and O_SETFIB. 'Fix' them by adding high-order bit (0x8000) set for non-tablearg values. Do translation in kernel for old clients (import_rule0 / export_rule0), teach current ipfw(8) binary to add/remove given bit. This change does not affect handling SETDSCP values, but limit O_SETFIB values to 32767 instead of 65k. Since currently we have either old (16) or new (2^32) max fibs, this should not be a big deal: we're definitely OK for former and have to add another opcode to deal with latter, regardless of tablearg value.
opntr
pushed a commit
that referenced
this issue
Nov 1, 2014
Add new functions to manipulate these mode & state, instead of calling
kbdd_ioctl() everyhere.
This fixes at least two bugs:
1. The state of the Scroll Lock LED and the state of scroll mode
could be out-of-sync. For instance, if one enables scroll mode on
window #1 and switches to window #2, the LED would remain on, but
the window wouldn't be in scroll mode.
Similarily, when switching between a console and an X.Org
session, the LED states could be inconsistent with the real
state.
2. When exiting from an X.Org session, the user could be unable to
type anything. The workaround was to switch to another console
window and come back.
Differential Revision: https://reviews.freebsd.org/D821
Reviewed by: ray@
Approved by: ray@
Tested by: kwm@
MFC after: 3 days
opntr
pushed a commit
that referenced
this issue
Aug 20, 2015
The significant changes and bugs fixed here are: 1. Fixed a bug in the progress display code: When the user's filename is too big, or his terminal width is too small, the progress code could wind up using a negative number for the length of the "stars" that it uses to indicate progress. This negative value was assigned to an unsigned variable, resulting in a very large positive value. The result is that we wound up writing garbage from memory to the user's terminal. With an 80 column terminal, a file name length of more than 35 characters would generate this problem. To address this, we now set a minimum progress bar length, and truncate the user's file name as needed. This has been tested with large filenames and small terminals, and at least produces reasonable results. If the terminal is too narrow, the progress display takes up an additional line with each update, but this is more user friendly than writing garbage to the tty. 2. SATA drives connected via a SATA controller didn't have SCSI Inquiry data populated in struct cam_device. This meant that the code in fw_get_vendor() in fwdownload.c would try to match a zero-length vendor ID, and so return the first entry in the vendor table. (Which used to be HITACHI.) Fixed by grabbing identify data, passing the identify buffer into fw_get_vendor(), and matching against the model name. 3. SATA drives connected via a SAS controller do have Inquiry data populated. The table included a couple of entries -- "ATA ST" and "ATA HDS", intended to handle Seagate and Hitachi SATA drives attached via a SAS controller. SCSI to ATA translation layers use a vendor ID of "ATA" (which is standard), and then the model name from the ATA identify data as the SCSI product name when they are returning data on SATA disks. The cam_strmatch code will match the first part of the string (because the length it is given is the length of the vendor, "ATA"), and return 0 (i.e. a match). So all SATA drives attached to a SAS controller would be programmed using the Seagate method (WRITE BUFFER mode 7) of SCSI firmware downloading. 4. Issue #2 above covered up a bug in fw_download_img() -- if the maximum packet size in the vendor table was 0, it tried to default to a packet size of 32K. But then it didn't actually succeed in doing that, because it set the packet size to the value that was in the vendor table (0). Now that we actually have ATA attached drives fall use the VENDOR_ATA case, we need a reasonable default packet size. So this is fixed to properly set the default packet size. 5. Add support for downloading firmware to IBM LTO drives, and add a firmware file validation method to make sure that the firmware file matches the drive type. IBM tape drives include a Load ID and RU name in their vendor-specific VPD page 0x3. Those should match the IDs in the header of the firmware file to insure that the proper firmware file is loaded. 6. This also adds a new -q option to the camcontrol fwdownload subcommand to suppress informational output. When -q is used in combination with -y, the firmware upgrade will happen without prompting and without output except if an error condition occurs. 7. Re-add support for printing out SCSI inquiry information when asking the user to confirm that they want to download firmware, and add printing of ATA Identify data if it is a SATA disk. This was removed in r237281 when support for flashing ATA disks was added. 8. Add a new camcontrol(8) "opcodes" subcommand, and use the underlying code to get recommended timeout values for drive firmware downloads. Many SCSI devices support the REPORT SUPPORTED OPERATION CODES command, and some support the optional timeout descriptor that specifies nominal and recommended timeouts for the commands supported by the device. The new camcontrol opcodes subcommand allows displaying all opcodes supported by a drive, information about which fields in a SCSI CDB are actually used by a given SCSI device, and the nominal and recommended timeout values for each command. Since firmware downloads can take a long time in some devices, and the time varies greatly between different types of devices, take advantage of the infrastructure used by the camcontrol opcodes subcommand to determine the best timeout to use for the WRITE BUFFER command in SCSI device firmware downloads. If the device recommends a timeout, it is likely to be more accurate than the default 50 second timeout used by the firmware download code. If the user specifies a timeout, it will override the default or device recommended timeout. If the device doesn't support timeout descriptors, we fall back to the default. 9. Instead of downloading firmware to SATA drives behind a SAS controller using WRITE BUFFER, use the SCSI ATA PASS-THROUGH command to compose an ATA DOWNLOAD MICROCODE command and it to the drive. The previous version of this code attempted to send a SCSI WRITE BUFFER command to SATA drives behind a SAS controller. Although that is part of the SAT-3 spec, it doesn't work with the parameters used with LSI controllers at least. 10.Add a new mechanism for making common ATA passthrough and ATA-behind-SCSI passthrough commands. The existing camcontrol(8) ATA command mechanism checks the device type on every command executed. That works fine for individual commands, but is cumbersome for things like a firmware download that send a number of commands. The fwdownload code detects the device type up front, and then sends the appropriate commands. 11.In simulation mode (-s), if the user specifies the -v flag, print out the SCSI CDB or ATA registers that would be sent to the drive. This will aid in debugging any firmware download issues. sbin/camcontrol/fwdownload.c: Add a device type to the fw_vendor structure, so that we can specify different download methods for different devices from the same vendor. In this case, IBM hard drives (from when they still made hard drives) and tape drives. Add a tur_status field to the fw_vendor structure so that we can specify whether the drive to be upgraded should be ready, not ready, or whether it doesn't matter. Add the corresponding capability in fw_download_img(). Add comments describing each of the vendor table fields. Add HGST and SmrtStor to the supported SCSI vendors list. In fw_get_vendor(), look at ATA identify data if we have a SATA device to try to identify what the drive vendor is. Add IBM firmware file validation. This gets VPD page 0x3, and compares the Load ID and RU name in the page to the values included in the header. The validation code will refuse to load a firmware file if the values don't match. This does allow the user to attempt a downgrade; whether or not it succeeds will likely depend on the drive settings. Add a -q option, and disable all informative output (progress bars, etc.) when this is enabled. Re-add the inquiry in the confirmation dialog so the user has a better idea of which device he is talking to. Add support for displaying ATA identify data. Don't automatically disable confirmation in simulation (-s) mode. This allows the user to see the inquiry or identify data in the dialog, and see exactly what they would see when the command actually runs. Also, in simulation mode, if the user specifies the -v flag, print out the SCSI CDB or ATA registers that would be sent to the drive. This will aid in debugging any firmware download issues. Add a timeout field and timeout type to the firmware download vendor table. This allows specifying a default timeout and allows specifying whether we should attempt to probe for a recommended timeout from the drive. Add a new fuction, fw_get_timeout(), that will determine which timeout to use for the WRITE BUFFER command. If the user specifies a timeout, we always use that. Otherwise, we will use the drive recommended timeout, if available, and fall back to the default when a drive recommended timeout isn't available. When we prompt the user, tell him what timeout we're going to use, and the source of the timeout. Revamp the way SATA devices are handled. In fwdownload(), use the new get_device_type() function to determine what kind of device we're talking to. Allow firmware downloads to any SATA device, but restrict SCSI downloads to known devices. (The latter is not a change in behavior.) Break out the "ready" check from fw_download_img() into a new subfunction, fw_check_device_ready(). This sends the appropriate command to the device in question -- a TEST UNIT READY or an IDENTIFY. The IDENTIFY for SATA devices a SAT layer is done using the SCSI ATA PASS-THROUGH command. Use the new build_ata_cmd() function to build either a SCSI or ATA I/O CCB to issue the DOWNLOAD MICROCODE command to SATA devices. build_ata_cmd() figures looks at the devtype argument and fills in the correct CCB type and CDB or ATA registers. Revamp the vendor table to remove the previous vendor-specific ATA entries and use a generic ATA vendor placeholder. We currently use the same method for all ATA drives, although we may have to add vendor-specific behavior once we test this with more drives. sbin/camcontrol/progress.c: In progress_draw(), make barlength a signed value so that we can easily detect a negative value. If barlength (the length of the progress bar) would wind up negative due to a small TTY width or a large filename, set the bar length to the new minimum (10 stars) and truncate the user's filename. We will truncate it down to 0 characters if necessary. Calculate a new prefix_len variable (user's filename length) and use it as the precision when printing the filename. sbin/camcontrol/camcontrol.c: Implement a new camcontrol(8) subcommand, "opcodes". The opcodes subcommand allows displaying the entire list of SCSI commands supported by a device, or details on an individual command. In either case, it can display nominal and recommended timeout values. Add the scsiopcodes() function, which calls the new scsigetopcodes() function to fetch opcode data from a drive. Add two new functions, scsiprintoneopcode() and scsiprintopcodes(), which print information about one opcode or all opcodes, respectively. Remove the get_disk_type() function. It is no longer used. Add a new function, dev_has_vpd_page(), that fetches the supported INQUIRY VPD list from a device and tells the caller whether the requested VPD page is available. Add a new function, get_device_type(), that returns a more precise device type than the old get_disk_type() function. The get_disk_type() function only distinguished between SCSI and ATA devices, and SATA devices behind a SCSI to ATA translation layer were considered to be "SCSI". get_device_type() offers a third type, CC_DT_ATA_BEHIND_SCSI. We need to know this to know whether to attempt to send ATA passthrough commands. If the device has the ATA Information VPD page (0x89), then it is an ATA device behind a SCSI to ATA translation layer. Remove the type argument from the fwdownload() subcommand. Add a new function, build_ata_cmd(), that will take one set of common arguments and build either a SCSI or ATA I/O CCB, depending on the device type passed in. sbin/camcontrol/camcontrol.h: Add a prototype for scsigetopcodes(). Add a new enumeration, camcontrol_devtype. Add prototypes for dev_has_vpd_page(), get_device_type() and build_ata_cmd(). Remove the type argument from the fwdownload() subcommand. sbin/camcontrol/camcontrol.8 Explain that the fwdownload subcommand will use the drive recommended timeout if available, and that the user can override the timeout. Document the new opcodes subcommand. Explain that we will attempt to download firmware to any SATA device. Document supported SCSI vendors, and models tested if known. Explain the commands used to download firmware for the three different drive and controller combinations. Document that the -v flag in simulation mode for the fwdownload subcommand will print out the SCSI CDBs or ATA registers that would be used. sys/cam/scsi/scsi_all.h: Add new bit definitions for the one opcode descriptor for the REPORT SUPPORTED OPCODES command. Add a function prototype for scsi_report_supported_opcodes(). sys/cam/scsi/scsi_all.c: Add a new CDB building function, scsi_report_supported_opcodes(). Sponsored by: Spectra Logic MFC after: 1 week
opntr
pushed a commit
that referenced
this issue
Sep 22, 2015
------------------------------------------------------------------------
r286965 | ken | 2015-08-20 10:07:51 -0600 (Thu, 20 Aug 2015) | 297 lines
Revamp camcontrol(8) fwdownload support and add the opcodes subcommand.
The significant changes and bugs fixed here are:
1. Fixed a bug in the progress display code:
When the user's filename is too big, or his terminal width is too
small, the progress code could wind up using a negative number for
the length of the "stars" that it uses to indicate progress.
This negative value was assigned to an unsigned variable, resulting
in a very large positive value.
The result is that we wound up writing garbage from memory to the
user's terminal.
With an 80 column terminal, a file name length of more than 35
characters would generate this problem.
To address this, we now set a minimum progress bar length, and
truncate the user's file name as needed.
This has been tested with large filenames and small terminals, and
at least produces reasonable results. If the terminal is too
narrow, the progress display takes up an additional line with each
update, but this is more user friendly than writing garbage to the
tty.
2. SATA drives connected via a SATA controller didn't have SCSI Inquiry
data populated in struct cam_device. This meant that the code in
fw_get_vendor() in fwdownload.c would try to match a zero-length
vendor ID, and so return the first entry in the vendor table. (Which
used to be HITACHI.) Fixed by grabbing identify data, passing the
identify buffer into fw_get_vendor(), and matching against the model
name.
3. SATA drives connected via a SAS controller do have Inquiry data
populated. The table included a couple of entries -- "ATA ST" and
"ATA HDS", intended to handle Seagate and Hitachi SATA drives attached
via a SAS controller. SCSI to ATA translation layers use a vendor
ID of "ATA" (which is standard), and then the model name from the ATA
identify data as the SCSI product name when they are returning data on
SATA disks. The cam_strmatch code will match the first part of the
string (because the length it is given is the length of the vendor,
"ATA"), and return 0 (i.e. a match). So all SATA drives attached to
a SAS controller would be programmed using the Seagate method
(WRITE BUFFER mode 7) of SCSI firmware downloading.
4. Issue #2 above covered up a bug in fw_download_img() -- if the
maximum packet size in the vendor table was 0, it tried to default
to a packet size of 32K. But then it didn't actually succeed in
doing that, because it set the packet size to the value that was
in the vendor table (0). Now that we actually have ATA attached
drives fall use the VENDOR_ATA case, we need a reasonable default
packet size. So this is fixed to properly set the default packet size.
5. Add support for downloading firmware to IBM LTO drives, and add a
firmware file validation method to make sure that the firmware
file matches the drive type. IBM tape drives include a Load ID and
RU name in their vendor-specific VPD page 0x3. Those should match
the IDs in the header of the firmware file to insure that the
proper firmware file is loaded.
6. This also adds a new -q option to the camcontrol fwdownload
subcommand to suppress informational output. When -q is used in
combination with -y, the firmware upgrade will happen without
prompting and without output except if an error condition occurs.
7. Re-add support for printing out SCSI inquiry information when
asking the user to confirm that they want to download firmware, and
add printing of ATA Identify data if it is a SATA disk. This was
removed in r237281 when support for flashing ATA disks was added.
8. Add a new camcontrol(8) "opcodes" subcommand, and use the
underlying code to get recommended timeout values for drive
firmware downloads.
Many SCSI devices support the REPORT SUPPORTED OPERATION CODES
command, and some support the optional timeout descriptor that
specifies nominal and recommended timeouts for the commands
supported by the device.
The new camcontrol opcodes subcommand allows displaying all
opcodes supported by a drive, information about which fields
in a SCSI CDB are actually used by a given SCSI device, and the
nominal and recommended timeout values for each command.
Since firmware downloads can take a long time in some devices, and
the time varies greatly between different types of devices, take
advantage of the infrastructure used by the camcontrol opcodes
subcommand to determine the best timeout to use for the WRITE
BUFFER command in SCSI device firmware downloads.
If the device recommends a timeout, it is likely to be more
accurate than the default 50 second timeout used by the firmware
download code. If the user specifies a timeout, it will override
the default or device recommended timeout. If the device doesn't
support timeout descriptors, we fall back to the default.
9. Instead of downloading firmware to SATA drives behind a SAS controller
using WRITE BUFFER, use the SCSI ATA PASS-THROUGH command to compose
an ATA DOWNLOAD MICROCODE command and it to the drive. The previous
version of this code attempted to send a SCSI WRITE BUFFER command to
SATA drives behind a SAS controller. Although that is part of the
SAT-3 spec, it doesn't work with the parameters used with LSI
controllers at least.
10.Add a new mechanism for making common ATA passthrough and
ATA-behind-SCSI passthrough commands.
The existing camcontrol(8) ATA command mechanism checks the device
type on every command executed. That works fine for individual
commands, but is cumbersome for things like a firmware download
that send a number of commands.
The fwdownload code detects the device type up front, and then
sends the appropriate commands.
11.In simulation mode (-s), if the user specifies the -v flag, print out
the SCSI CDB or ATA registers that would be sent to the drive. This will
aid in debugging any firmware download issues.
sbin/camcontrol/fwdownload.c:
Add a device type to the fw_vendor structure, so that we can
specify different download methods for different devices from the
same vendor. In this case, IBM hard drives (from when they
still made hard drives) and tape drives.
Add a tur_status field to the fw_vendor structure so that we can
specify whether the drive to be upgraded should be ready, not
ready, or whether it doesn't matter. Add the corresponding
capability in fw_download_img().
Add comments describing each of the vendor table fields.
Add HGST and SmrtStor to the supported SCSI vendors list.
In fw_get_vendor(), look at ATA identify data if we have a SATA
device to try to identify what the drive vendor is.
Add IBM firmware file validation. This gets VPD page 0x3, and
compares the Load ID and RU name in the page to the values
included in the header. The validation code will refuse to load
a firmware file if the values don't match. This does allow the
user to attempt a downgrade; whether or not it succeeds will
likely depend on the drive settings.
Add a -q option, and disable all informative output
(progress bars, etc.) when this is enabled.
Re-add the inquiry in the confirmation dialog so the user has
a better idea of which device he is talking to. Add support for
displaying ATA identify data.
Don't automatically disable confirmation in simulation (-s) mode.
This allows the user to see the inquiry or identify data in the
dialog, and see exactly what they would see when the command
actually runs. Also, in simulation mode, if the user specifies
the -v flag, print out the SCSI CDB or ATA registers that would
be sent to the drive. This will aid in debugging any firmware
download issues.
Add a timeout field and timeout type to the firmware download
vendor table. This allows specifying a default timeout and allows
specifying whether we should attempt to probe for a recommended
timeout from the drive.
Add a new fuction, fw_get_timeout(), that will determine
which timeout to use for the WRITE BUFFER command. If the
user specifies a timeout, we always use that. Otherwise,
we will use the drive recommended timeout, if available,
and fall back to the default when a drive recommended
timeout isn't available.
When we prompt the user, tell him what timeout we're going
to use, and the source of the timeout.
Revamp the way SATA devices are handled.
In fwdownload(), use the new get_device_type() function to
determine what kind of device we're talking to.
Allow firmware downloads to any SATA device, but restrict
SCSI downloads to known devices. (The latter is not a
change in behavior.)
Break out the "ready" check from fw_download_img() into a
new subfunction, fw_check_device_ready(). This sends the
appropriate command to the device in question -- a TEST
UNIT READY or an IDENTIFY. The IDENTIFY for SATA devices
a SAT layer is done using the SCSI ATA PASS-THROUGH
command.
Use the new build_ata_cmd() function to build either a SCSI or
ATA I/O CCB to issue the DOWNLOAD MICROCODE command to SATA
devices. build_ata_cmd() figures looks at the devtype argument
and fills in the correct CCB type and CDB or ATA registers.
Revamp the vendor table to remove the previous
vendor-specific ATA entries and use a generic ATA vendor
placeholder. We currently use the same method for all ATA
drives, although we may have to add vendor-specific
behavior once we test this with more drives.
sbin/camcontrol/progress.c:
In progress_draw(), make barlength a signed value so that
we can easily detect a negative value.
If barlength (the length of the progress bar) would wind up
negative due to a small TTY width or a large filename,
set the bar length to the new minimum (10 stars) and
truncate the user's filename. We will truncate it down to
0 characters if necessary.
Calculate a new prefix_len variable (user's filename length)
and use it as the precision when printing the filename.
sbin/camcontrol/camcontrol.c:
Implement a new camcontrol(8) subcommand, "opcodes". The
opcodes subcommand allows displaying the entire list of
SCSI commands supported by a device, or details on an
individual command. In either case, it can display
nominal and recommended timeout values.
Add the scsiopcodes() function, which calls the new
scsigetopcodes() function to fetch opcode data from a
drive.
Add two new functions, scsiprintoneopcode() and
scsiprintopcodes(), which print information about one
opcode or all opcodes, respectively.
Remove the get_disk_type() function. It is no longer used.
Add a new function, dev_has_vpd_page(), that fetches the
supported INQUIRY VPD list from a device and tells the
caller whether the requested VPD page is available.
Add a new function, get_device_type(), that returns a more
precise device type than the old get_disk_type() function.
The get_disk_type() function only distinguished between
SCSI and ATA devices, and SATA devices behind a SCSI to ATA
translation layer were considered to be "SCSI".
get_device_type() offers a third type, CC_DT_ATA_BEHIND_SCSI.
We need to know this to know whether to attempt to send ATA
passthrough commands. If the device has the ATA
Information VPD page (0x89), then it is an ATA device
behind a SCSI to ATA translation layer.
Remove the type argument from the fwdownload() subcommand.
Add a new function, build_ata_cmd(), that will take one set
of common arguments and build either a SCSI or ATA I/O CCB,
depending on the device type passed in.
sbin/camcontrol/camcontrol.h:
Add a prototype for scsigetopcodes().
Add a new enumeration, camcontrol_devtype.
Add prototypes for dev_has_vpd_page(), get_device_type()
and build_ata_cmd().
Remove the type argument from the fwdownload() subcommand.
sbin/camcontrol/camcontrol.8
Explain that the fwdownload subcommand will use the drive
recommended timeout if available, and that the user can
override the timeout.
Document the new opcodes subcommand.
Explain that we will attempt to download firmware to any
SATA device.
Document supported SCSI vendors, and models tested if known.
Explain the commands used to download firmware for the
three different drive and controller combinations.
Document that the -v flag in simulation mode for the fwdownload
subcommand will print out the SCSI CDBs or ATA registers that would
be used.
sys/cam/scsi/scsi_all.h:
Add new bit definitions for the one opcode descriptor for
the REPORT SUPPORTED OPCODES command.
Add a function prototype for scsi_report_supported_opcodes().
sys/cam/scsi/scsi_all.c:
Add a new CDB building function, scsi_report_supported_opcodes().
Sponsored by: Spectra Logic
opntr
added a commit
that referenced
this issue
Aug 19, 2016
unp_dispose and unp_gc could race to teardown the same mbuf chains, which can lead to dereferencing freed filedesc pointers. This patch adds an IGNORE_RIGHTS flag on unpcbs marking the unpcb's RIGHTS as invalid/freed. The flag is protected by UNP_LIST_LOCK. To serialize against unp_gc, unp_dispose needs the socket object. Change the dom_dispose() KPI to take a socket object instead of an mbuf chain directly. PR: 194264 Differential Revision: https://reviews.freebsd.org/D3044 Reviewed by: mjg (earlier version) Approved by: markj (mentor) Obtained from: mjg MFC after: 1 month Sponsored by: EMC / Isilon Storage Division This commit was never MFCd to 10-STABLE, and the issue is still reproducible in 2016, with the linked test program from FreeBSD's phabricator. --8<-- Unread portion of the kernel message buffer: [206] [206] [206] Fatal trap 9: general protection fault while in kernel mode [206] cpuid = 1; apic id = 01 [206] instruction pointer = 0x20:0xffffffff809e10e8 [206] stack pointer = 0x28:0xfffffe002bd96960 [206] frame pointer = 0x28:0xfffffe002bd969e0 [206] code segment = base 0x0, limit 0xfffff, type 0x1b [206] = DPL 0, pres 1, long 1, def32 0, gran 1 [206] processor eflags = interrupt enabled, resume, IOPL = 0 [206] current process = 0 (thread taskq) [206] trap number = 9 [206] panic: general protection fault [206] cpuid = 1 [206] KDB: stack backtrace: [206] #0 0xffffffff8098dc90 at kdb_backtrace+0x60 [206] #1 0xffffffff80953ed6 at vpanic+0x126 [206] #2 0xffffffff80953f63 at panic+0x43 [206] #3 0xffffffff80d6b2cb at trap_fatal+0x36b [206] #4 0xffffffff80d6af49 at trap+0x839 [206] #5 0xffffffff80d4f3ec at calltrap+0x8 [206] #6 0xffffffff809a2940 at taskqueue_run_locked+0xf0 [206] #7 0xffffffff809a32ab at taskqueue_thread_loop+0x9b [206] #8 0xffffffff8091c144 at fork_exit+0x84 [206] freebsd#9 0xffffffff80d4f92e at fork_trampoline+0xe [206] Uptime: 3m26s [206] Dumping 73 out of 487 MB:..22%..44%..66%..88% --8<-- (cherry picked from commit 576619e) Signed-off-by: Oliver Pinter <[email protected]> CC: Bryan Drewery <[email protected]> CC: Mark Johnston <[email protected]>
opntr
added a commit
that referenced
this issue
Aug 19, 2016
…unix socket. - by markj@ If the listening socket is closed while sonewconn() is executing, the nascent child socket is aborted, which results in recursion on the unp_link lock when the child's pru_detach method is invoked. Fix this by using a flag to mark such sockets, and skip a part of the socket's teardown during detach. Reported by: Raviprakash Darbha <[email protected]> Tested by: pho MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D7398 --8<-- [128] panic: __rw_wlock_hard: recursing but non-recursive rw unp_link_rwlock @ /usr/src/sys/kern/uipc_usrreq.c:654 [128] [128] cpuid = 1 [128] KDB: stack backtrace: [128] #0 0xffffffff8098dc90 at kdb_backtrace+0x60 [128] #1 0xffffffff80953ed6 at vpanic+0x126 [128] #2 0xffffffff80953da9 at kassert_panic+0x139 [128] #3 0xffffffff80951454 at __rw_wlock_hard+0x394 [128] #4 0xffffffff80951072 at _rw_wlock_cookie+0x92 [128] #5 0xffffffff809de636 at uipc_detach+0x36 [128] #6 0xffffffff809d217a at sofree+0x1da [128] #7 0xffffffff809d1da4 at sonewconn+0x324 [128] #8 0xffffffff809e0496 at unp_connectat+0x326 [128] freebsd#9 0xffffffff809de4ac at uipc_connect+0x4c [128] freebsd#10 0xffffffff809d8cf6 at kern_connectat+0x126 [128] freebsd#11 0xffffffff809d8b87 at sys_connect+0x77 [128] freebsd#12 0xffffffff80d6bab4 at amd64_syscall+0x2c4 [128] freebsd#13 0xffffffff80d4f6db at Xfast_syscall+0xfb [128] Uptime: 2m8s [128] Dumping 73 out of 487 MB:..22%..44%..66%..88% --8<-- (cherry picked from commit cfea0ef) Signed-off-by: Oliver Pinter <[email protected]>
opntr
pushed a commit
that referenced
this issue
Sep 22, 2016
…xes. (dfb2179) MFV r305816: Sync libarchive with vendor including important security fixes. Issues fixed (FreeBSD): PR freebsd#778: ACL error handling Issue freebsd#745: Symlink check prefix optimization is too aggressive Issue freebsd#746: Hard links with data can evade sandboxing restrictions This update fixes the vulnerability #3 and vulnerability #4 as reported in "non-cryptanalytic attacks against FreeBSD update components". https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f Fix for vulnerability #2 has already been merged in r304989. MFC after: 1 week Security: http://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f (cherry picked from commit dfb2179) Signed-off-by: Oliver Pinter <[email protected]>
opntr
pushed a commit
that referenced
this issue
Oct 3, 2016
Sync libarchive with vendor including important security fixes. Issues fixed (FreeBSD): PR freebsd#778: ACL error handling Issue freebsd#745: Symlink check prefix optimization is too aggressive Issue freebsd#746: Hard links with data can evade sandboxing restrictions This update fixes the vulnerability #3 and vulnerability #4 as reported in "non-cryptanalytic attacks against FreeBSD update components". https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f Fix for vulnerability #2 has already been merged in r305192. Security: http://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
No description provided.
The text was updated successfully, but these errors were encountered: