diff options
author | Renato Botelho <renato@netgate.com> | 2016-08-01 12:53:16 -0300 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2016-08-01 12:53:16 -0300 |
commit | 80c20d0bef69a2c543d1bc2dddd2bc34198fec9b (patch) | |
tree | fc6009a2d49da5ab043d4c847a288f71ec6aa731 | |
parent | f235fecdc77c17505022bc5202d74f3d36b33359 (diff) | |
parent | eed7d9e93aec04a3f6a7d157c4cac7452a6c1727 (diff) | |
download | FreeBSD-src-80c20d0bef69a2c543d1bc2dddd2bc34198fec9b.zip FreeBSD-src-80c20d0bef69a2c543d1bc2dddd2bc34198fec9b.tar.gz |
Merge remote-tracking branch 'origin/stable/11' into devel-11
35 files changed, 449 insertions, 145 deletions
@@ -131,7 +131,8 @@ TGTS= all all-man buildenv buildenvvars buildkernel buildworld \ builddtb xdev xdev-build xdev-install \ xdev-links native-xtools stageworld stagekernel stage-packages \ create-world-packages create-kernel-packages create-packages \ - packages installconfig real-packages sign-packages package-pkg + packages installconfig real-packages sign-packages package-pkg \ + test-system-compiler # XXX: r156740: This can't work since bsd.subdir.mk is not included ever. # It will only work for SUBDIR_TARGETS in make.conf. @@ -151,7 +152,8 @@ TGTS+= ${BITGTS} META_TGT_WHITELIST+= \ _* build32 buildfiles buildincludes buildkernel buildsoft \ buildworld everything kernel-toolchain kernel-toolchains kernel \ - kernels libraries native-xtools showconfig tinderbox toolchain \ + kernels libraries native-xtools showconfig test-system-compiler \ + tinderbox toolchain \ toolchains universe world worlds xdev xdev-build .ORDER: buildworld installworld diff --git a/Makefile.inc1 b/Makefile.inc1 index f733032..f554d65 100644 --- a/Makefile.inc1 +++ b/Makefile.inc1 @@ -72,7 +72,8 @@ X${COMPILER}?= ${${COMPILER}} # If a full path to an external cross compiler is given, don't build # a cross compiler. .if ${XCC:N${CCACHE_BIN}:M/*} -MK_CROSS_COMPILER= no +MK_CLANG_BOOTSTRAP= no +MK_GCC_BOOTSTRAP= no .endif # Pull in COMPILER_TYPE and COMPILER_FREEBSD_VERSION early. @@ -80,50 +81,68 @@ MK_CROSS_COMPILER= no .include "share/mk/src.opts.mk" # Check if there is a local compiler that can satisfy as an external compiler. -.if ${MK_SYSTEM_COMPILER} == "yes" && ${MK_CROSS_COMPILER} == "yes" && \ - (${MK_CLANG_BOOTSTRAP} == "yes" || ${MK_GCC_BOOTSTRAP} == "yes") && \ - !make(showconfig) && !make(native-xtools) && !make(xdev*) # Which compiler is expected to be used? .if ${MK_CLANG_BOOTSTRAP} == "yes" -_expected_compiler_type= clang +WANT_COMPILER_TYPE= clang .elif ${MK_GCC_BOOTSTRAP} == "yes" -_expected_compiler_type= gcc +WANT_COMPILER_TYPE= gcc +.else +WANT_COMPILER_TYPE= .endif -# If the expected vs CC is different then we can't skip. -# GCC cannot be used for cross-arch yet. For clang we pass -target later if -# TARGET_ARCH!=MACHINE_ARCH. -.if ${_expected_compiler_type} == ${COMPILER_TYPE} && \ - (${COMPILER_TYPE} == "clang" || ${TARGET_ARCH} == ${MACHINE_ARCH}) -# It needs to be the same revision as we would build for the bootstrap. -.if !defined(CROSS_COMPILER_FREEBSD_VERSION) -.if ${_expected_compiler_type} == "clang" -CROSS_COMPILER_FREEBSD_VERSION!= \ +.if !defined(WANT_COMPILER_FREEBSD_VERSION) +.if ${WANT_COMPILER_TYPE} == "clang" +WANT_COMPILER_FREEBSD_VERSION_FILE= lib/clang/freebsd_cc_version.h +WANT_COMPILER_FREEBSD_VERSION!= \ awk '$$2 == "FREEBSD_CC_VERSION" {printf("%d\n", $$3)}' \ - ${SRCDIR}/lib/clang/freebsd_cc_version.h || echo unknown -CROSS_COMPILER_VERSION!= \ + ${SRCDIR}/${WANT_COMPILER_FREEBSD_VERSION_FILE} || echo unknown +WANT_COMPILER_VERSION_FILE= lib/clang/include/clang/Basic/Version.inc +WANT_COMPILER_VERSION!= \ awk '$$2 == "CLANG_VERSION" {split($$3, a, "."); print a[1] * 10000 + a[2] * 100 + a[3]}' \ - ${SRCDIR}/lib/clang/include/clang/Basic/Version.inc || echo unknown -.elif ${_expected_compiler_type} == "gcc" -CROSS_COMPILER_FREEBSD_VERSION!= \ + ${SRCDIR}/${WANT_COMPILER_VERSION_FILE} || echo unknown +.elif ${WANT_COMPILER_TYPE} == "gcc" +WANT_COMPILER_FREEBSD_VERSION_FILE= gnu/usr.bin/cc/cc_tools/freebsd-native.h +WANT_COMPILER_FREEBSD_VERSION!= \ awk '$$2 == "FBSD_CC_VER" {printf("%d\n", $$3)}' \ - ${SRCDIR}/gnu/usr.bin/cc/cc_tools/freebsd-native.h || echo unknown -CROSS_COMPILER_VERSION!= \ + ${SRCDIR}/${WANT_COMPILER_FREEBSD_VERSION_FILE} || echo unknown +WANT_COMPILER_VERSION_FILE= contrib/gcc/BASE-VER +WANT_COMPILER_VERSION!= \ awk -F. '{print $$1 * 10000 + $$2 * 100 + $$3}' \ - ${SRCDIR}/contrib/gcc/BASE-VER || echo unknown + ${SRCDIR}/${WANT_COMPILER_VERSION_FILE} || echo unknown .endif -.export CROSS_COMPILER_FREEBSD_VERSION CROSS_COMPILER_VERSION -.endif # !defined(CROSS_COMPILER_FREEBSD_VERSION) -.if ${COMPILER_VERSION} == ${CROSS_COMPILER_VERSION} && \ - ${COMPILER_FREEBSD_VERSION} == ${CROSS_COMPILER_FREEBSD_VERSION} +.export WANT_COMPILER_FREEBSD_VERSION WANT_COMPILER_VERSION +.endif # !defined(WANT_COMPILER_FREEBSD_VERSION) +# It needs to be the same revision as we would build for the bootstrap. +# If the expected vs CC is different then we can't skip. +# GCC cannot be used for cross-arch yet. For clang we pass -target later if +# TARGET_ARCH!=MACHINE_ARCH. +.if ${MK_SYSTEM_COMPILER} == "yes" && \ + (${MK_CLANG_BOOTSTRAP} == "yes" || ${MK_GCC_BOOTSTRAP} == "yes") && \ + !make(showconfig) && !make(native-xtools) && !make(xdev*) && \ + ${WANT_COMPILER_TYPE} == ${COMPILER_TYPE} && \ + (${COMPILER_TYPE} == "clang" || ${TARGET_ARCH} == ${MACHINE_ARCH}) && \ + ${COMPILER_VERSION} == ${WANT_COMPILER_VERSION} && \ + ${COMPILER_FREEBSD_VERSION} == ${WANT_COMPILER_FREEBSD_VERSION} # Everything matches, disable the bootstrap compiler. MK_CLANG_BOOTSTRAP= no MK_GCC_BOOTSTRAP= no -.if make(buildworld) +USING_SYSTEM_COMPILER= yes +.endif # ${WANT_COMPILER_TYPE} == ${COMPILER_TYPE} +USING_SYSTEM_COMPILER?= no +TEST_SYSTEM_COMPILER_VARS= \ + USING_SYSTEM_COMPILER MK_SYSTEM_COMPILER \ + MK_CROSS_COMPILER MK_CLANG_BOOTSTRAP MK_GCC_BOOTSTRAP \ + WANT_COMPILER_TYPE WANT_COMPILER_VERSION WANT_COMPILER_VERSION_FILE \ + WANT_COMPILER_FREEBSD_VERSION WANT_COMPILER_FREEBSD_VERSION_FILE \ + CC COMPILER_TYPE COMPILER_VERSION COMPILER_FREEBSD_VERSION +test-system-compiler: .PHONY +.for v in ${TEST_SYSTEM_COMPILER_VARS} + ${_+_}@printf "%-35s= %s\n" "${v}" "${${v}}" +.endfor +.if ${USING_SYSTEM_COMPILER} == "yes" && \ + (make(buildworld) || make(buildkernel) || make(kernel-toolchain) || \ + make(toolchain) || make(_cross-tools)) .info SYSTEM_COMPILER: Determined that CC=${CC} matches the source tree. Not bootstrapping a cross-compiler. .endif -.endif # ${COMPILER_VERSION} == ${CROSS_COMPILER_VERSION} -.endif # ${_expected_compiler_type} == ${COMPILER_TYPE} -.endif # ${XCC:N${CCACHE_BIN}:M/*} # For installworld need to ensure that the looked-up compiler metadata is # passed along rather than trying to run cc from the restricted @@ -530,8 +549,7 @@ BFLAGS+= -B${CROSS_BINUTILS_PREFIX} .endif # External compiler needs sysroot and target flags. -.if ${MK_CROSS_COMPILER} == "no" || \ - (${MK_CLANG_BOOTSTRAP} == "no" && ${MK_GCC_BOOTSTRAP} == "no") +.if ${MK_CLANG_BOOTSTRAP} == "no" && ${MK_GCC_BOOTSTRAP} == "no" .if !defined(CROSS_BINUTILS_PREFIX) || !exists(${CROSS_BINUTILS_PREFIX}) BFLAGS+= -B${WORLDTMP}/usr/bin .endif @@ -559,7 +577,7 @@ TARGET_TRIPLE?= ${TARGET_ARCH:C/amd64/x86_64/}-${TARGET_ABI}-freebsd11.0 XCFLAGS+= -target ${TARGET_TRIPLE} .endif XCFLAGS+= --sysroot=${WORLDTMP} -.endif # ${MK_CROSS_COMPILER} == "no" +.endif # ${MK_CLANG_BOOTSTRAP} == "no" && ${MK_GCC_BOOTSTRAP} == "no" .if !empty(BFLAGS) XCFLAGS+= ${BFLAGS} @@ -884,7 +902,7 @@ ITOOLS= [ awk cap_mkdb cat chflags chmod chown cmp cp \ ${LOCAL_ITOOLS} # Needed for share/man -.if ${MK_MAN} != "no" +.if ${MK_MAN_UTILS} != "no" ITOOLS+=makewhatis .endif @@ -1800,7 +1818,6 @@ _elftctools= lib/libelftc \ usr.bin/elfcopy .endif -.if ${MK_CROSS_COMPILER} != "no" .if ${MK_CLANG_BOOTSTRAP} != "no" _clang= usr.bin/clang _clang_libs= lib/clang @@ -1808,7 +1825,6 @@ _clang_libs= lib/clang .if ${MK_GCC_BOOTSTRAP} != "no" _cc= gnu/usr.bin/cc .endif -.endif .if ${MK_USB} != "no" _usb_tools= sys/boot/usb/tools .endif diff --git a/Makefile.libcompat b/Makefile.libcompat index 3182c8c..9fbfa07 100644 --- a/Makefile.libcompat +++ b/Makefile.libcompat @@ -81,8 +81,8 @@ LIBCOMPATCFLAGS+= -B${LIBCOMPATTMP}/usr/lib${libcompat} LIBCOMPATCFLAGS+= -isystem ${LIBCOMPATTMP}/usr/include # Force using libc++ for external GCC. # XXX: This should be checking MK_GNUCXX == no -.if ${X_COMPILER_VERSION} >= 40800 && (${MK_CROSS_COMPILER} == "no" || \ - (${MK_CLANG_BOOTSTRAP} == "no" && ${MK_GCC_BOOTSTRAP} == "no")) +.if ${X_COMPILER_VERSION} >= 40800 && \ + (${MK_CLANG_BOOTSTRAP} == "no" && ${MK_GCC_BOOTSTRAP} == "no") LIBCOMPATCXXFLAGS+= -isystem ${LIBCOMPATTMP}/usr/include/c++/v1 -std=c++11 \ -nostdinc++ -L${LIBCOMPAT_OBJTREE}${.CURDIR}/lib/libc++ .endif diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc index f9bf463..d5e71e9 100644 --- a/ObsoleteFiles.inc +++ b/ObsoleteFiles.inc @@ -229,6 +229,7 @@ OLD_LIBS+=usr/lib/libdevinfo.so.5 OLD_LIBS+=usr/lib32/libdevinfo.so.5 # 20160305: new clang import which bumps version from 3.7.1 to 3.8.0. OLD_FILES+=usr/bin/macho-dump +OLD_FILES+=usr/bin/tblgen OLD_FILES+=usr/lib/clang/3.7.1/include/sanitizer/allocator_interface.h OLD_FILES+=usr/lib/clang/3.7.1/include/sanitizer/asan_interface.h OLD_FILES+=usr/lib/clang/3.7.1/include/sanitizer/common_interface_defs.h @@ -460,13 +461,6 @@ OLD_FILES+=usr/share/locale/kk_KZ.PT154/LC_MONETARY OLD_FILES+=usr/share/locale/kk_KZ.PT154/LC_NUMERIC OLD_FILES+=usr/share/locale/kk_KZ.PT154/LC_TIME OLD_DIRS+=usr/share/locale/kk_KZ.PT154/ -OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_COLLATE -OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_CTYPE -OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_MESSAGES -OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_MONETARY -OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_NUMERIC -OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_TIME -OLD_DIRS+=usr/share/locale/kk_KZ.UTF-8 OLD_FILES+=usr/share/locale/la_LN.ISO8859-1/LC_COLLATE OLD_FILES+=usr/share/locale/la_LN.ISO8859-1/LC_CTYPE OLD_FILES+=usr/share/locale/la_LN.ISO8859-1/LC_TIME diff --git a/bin/ps/ps.c b/bin/ps/ps.c index 70b6db3..8db87c9 100644 --- a/bin/ps/ps.c +++ b/bin/ps/ps.c @@ -612,6 +612,7 @@ main(int argc, char *argv[]) if (nkept == 0) { printheader(); + xo_finish(); exit(1); } diff --git a/contrib/elftoolchain/libelftc/libelftc_dem_gnu3.c b/contrib/elftoolchain/libelftc/libelftc_dem_gnu3.c index 7409363..cb73ad3 100644 --- a/contrib/elftoolchain/libelftc/libelftc_dem_gnu3.c +++ b/contrib/elftoolchain/libelftc/libelftc_dem_gnu3.c @@ -2551,7 +2551,7 @@ again: case 'w': /* wchar_t */ - if (!cpp_demangle_push_str(ddata, "wchar_t", 6)) + if (!cpp_demangle_push_str(ddata, "wchar_t", 7)) goto clean; ++ddata->cur; goto rtn; diff --git a/etc/ntp/leap-seconds b/etc/ntp/leap-seconds index 4fab58f..c31d19a 100644 --- a/etc/ntp/leap-seconds +++ b/etc/ntp/leap-seconds @@ -130,7 +130,7 @@ # Washington, DC # jeffrey.prillaman@usno.navy.mil # -# Last Update of leap second values: 11 Jan 2016 +# Last Update of leap second values: 6 Jul 2016 # # The following line shows this last update date in NTP timestamp # format. This is the date on which the most recent change to @@ -138,7 +138,7 @@ # be identified by the unique pair of characters in the first two # columns as shown below. # -#$ 3661459200 +#$ 3676752000 # # The data in this file will be updated periodically as new leap # seconds are announced. In addition to being entered on the line @@ -170,10 +170,10 @@ # current -- the update time stamp, the data and the name of the file # will not change. # -# Updated through IERS Bulletin C 51 -# File expires on: 1 Dec 2016 +# Updated through IERS Bulletin C 52 +# File expires on: 1 Jun 2017 # -#@ 3689539200 +#@ 3705264000 # 2272060800 10 # 1 Jan 1972 2287785600 11 # 1 Jul 1972 @@ -202,6 +202,7 @@ 3439756800 34 # 1 Jan 2009 3550089600 35 # 1 Jul 2012 3644697600 36 # 1 Jul 2015 +3692217600 37 # 1 Jan 2017 # # the following special comment contains the # hash value of the data in this file computed @@ -217,5 +218,5 @@ # the hash line is also ignored in the # computation. # -#h 63b4df04 0907d94f 2dadb7a1 684f7767 2a372421 +#h 63f8fea8 587c099d abcf130a ad525eae 3e105052 # diff --git a/lib/libc/locale/mblocal.h b/lib/libc/locale/mblocal.h index 75eab96..c4724b5 100644 --- a/lib/libc/locale/mblocal.h +++ b/lib/libc/locale/mblocal.h @@ -65,18 +65,18 @@ extern struct xlocale_ctype __xlocale_global_ctype; /* * Rune initialization function prototypes. */ -int _none_init(struct xlocale_ctype *, _RuneLocale *); -int _UTF8_init(struct xlocale_ctype *, _RuneLocale *); -int _EUC_CN_init(struct xlocale_ctype *, _RuneLocale *); -int _EUC_JP_init(struct xlocale_ctype *, _RuneLocale *); -int _EUC_KR_init(struct xlocale_ctype *, _RuneLocale *); -int _EUC_TW_init(struct xlocale_ctype *, _RuneLocale *); -int _GB18030_init(struct xlocale_ctype *, _RuneLocale *); -int _GB2312_init(struct xlocale_ctype *, _RuneLocale *); -int _GBK_init(struct xlocale_ctype *, _RuneLocale *); -int _BIG5_init(struct xlocale_ctype *, _RuneLocale *); -int _MSKanji_init(struct xlocale_ctype *, _RuneLocale *); -int _ascii_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _none_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _ascii_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _UTF8_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _EUC_CN_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _EUC_JP_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _EUC_KR_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _EUC_TW_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _GB18030_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _GB2312_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _GBK_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _BIG5_init(struct xlocale_ctype *, _RuneLocale *); +__hidden int _MSKanji_init(struct xlocale_ctype *, _RuneLocale *); typedef size_t (*mbrtowc_pfn_t)(wchar_t * __restrict, const char * __restrict, size_t, mbstate_t * __restrict); diff --git a/lib/libc/sys/aio_fsync.2 b/lib/libc/sys/aio_fsync.2 index 7eb1a3b..52b47efb 100644 --- a/lib/libc/sys/aio_fsync.2 +++ b/lib/libc/sys/aio_fsync.2 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 15, 2016 +.Dd July 21, 2016 .Dt AIO_FSYNC 2 .Os .Sh NAME @@ -107,10 +107,10 @@ The request was not queued because of system resource limitations. The asynchronous notification method in .Fa iocb->aio_sigevent.sigev_notify is invalid or not supported. -.It Bq Er ENOSYS -The -.Fn aio_fsync -system call is not supported. +.It Bq Er EOPNOTSUPP +Asynchronous file synchronization operations on the file descriptor +.Fa iocb->aio_fildes +are unsafe and unsafe asynchronous I/O operations are disabled. .It Bq Er EINVAL A value of the .Fa op diff --git a/lib/libc/sys/aio_mlock.2 b/lib/libc/sys/aio_mlock.2 index c798a37..cc588b5 100644 --- a/lib/libc/sys/aio_mlock.2 +++ b/lib/libc/sys/aio_mlock.2 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 15, 2016 +.Dd July 21, 2016 .Dt AIO_MLOCK 2 .Os .Sh NAME @@ -102,10 +102,6 @@ The request was not queued because of system resource limitations. The asynchronous notification method in .Fa iocb->aio_sigevent.sigev_notify is invalid or not supported. -.It Bq Er ENOSYS -The -.Fn aio_mlock -system call is not supported. .El .Pp If the request is successfully enqueued, but subsequently cancelled diff --git a/lib/libc/sys/aio_read.2 b/lib/libc/sys/aio_read.2 index cc0133b..2f16809 100644 --- a/lib/libc/sys/aio_read.2 +++ b/lib/libc/sys/aio_read.2 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 15, 2016 +.Dd July 21, 2016 .Dt AIO_READ 2 .Os .Sh NAME @@ -125,10 +125,10 @@ The request was not queued because of system resource limitations. The asynchronous notification method in .Fa iocb->aio_sigevent.sigev_notify is invalid or not supported. -.It Bq Er ENOSYS -The -.Fn aio_read -system call is not supported. +.It Bq Er EOPNOTSUPP +Asynchronous read operations on the file descriptor +.Fa iocb->aio_fildes +are unsafe and unsafe asynchronous I/O operations are disabled. .El .Pp The following conditions may be synchronously detected when the diff --git a/lib/libc/sys/aio_write.2 b/lib/libc/sys/aio_write.2 index 6cbc2ab..414f98f 100644 --- a/lib/libc/sys/aio_write.2 +++ b/lib/libc/sys/aio_write.2 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 15, 2016 +.Dd July 21, 2016 .Dt AIO_WRITE 2 .Os .Sh NAME @@ -129,10 +129,10 @@ The request was not queued because of system resource limitations. The asynchronous notification method in .Fa iocb->aio_sigevent.sigev_notify is invalid or not supported. -.It Bq Er ENOSYS -The -.Fn aio_write -system call is not supported. +.It Bq Er EOPNOTSUPP +Asynchronous write operations on the file descriptor +.Fa iocb->aio_fildes +are unsafe and unsafe asynchronous I/O operations are disabled. .El .Pp The following conditions may be synchronously detected when the diff --git a/release/tools/ec2.conf b/release/tools/ec2.conf index d22c9b0..a273449 100644 --- a/release/tools/ec2.conf +++ b/release/tools/ec2.conf @@ -72,12 +72,6 @@ vm_extra_pre_umount() { # nodes, but apply the workaround just in case. echo 'hw.broken_txfifo="1"' >> ${DESTDIR}/boot/loader.conf - # Some EC2 instances run on a version of Xen which has a bug relating - # to the migration of MSI-X interrupts; this is visible as SR-IOV - # networking (aka. "EC2 Enhanced Networking") not being able to pass - # packets. Disable MSI-X interrupt migration to work around this bug. - echo 'machdep.disable_msix_migration="1"' >> ${DESTDIR}/boot/loader.conf - # The first time the AMI boots, the installed "first boot" scripts # should be allowed to run: # * ec2_configinit (download and process EC2 user-data) diff --git a/share/man/man4/aio.4 b/share/man/man4/aio.4 index 460b3c8..048561d 100644 --- a/share/man/man4/aio.4 +++ b/share/man/man4/aio.4 @@ -27,7 +27,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 15, 2016 +.Dd July 21, 2016 .Dt AIO 4 .Os .Sh NAME @@ -37,17 +37,27 @@ The .Nm facility provides system calls for asynchronous I/O. -However, asynchronous I/O operations are only enabled for certain file -types by default. -Asynchronous I/O operations for other file types may block an AIO daemon -indefinitely resulting in process and/or system hangs. -Asynchronous I/O operations can be enabled for all file types by setting +Asynchronous I/O operations are not completed synchronously by the +calling thread. +Instead, the calling thread invokes one system call to request an +asynchronous I/O operation. +The status of a completed request is retrieved later via a separate +system call. +.Pp +Asynchronous I/O operations on some file descriptor types may block an +AIO daemon indefinitely resulting in process and/or system hangs. +Operations on these file descriptor types are considered +.Dq unsafe +and disabled by default. +They can be enabled by setting the .Va vfs.aio.enable_unsafe sysctl node to a non-zero value. .Pp -Asynchronous I/O operations on sockets and raw disk devices do not block -indefinitely and are enabled by default. +Asynchronous I/O operations on sockets, +raw disk devices, +and regular files on local filesystems do not block +indefinitely and are always enabled. .Pp The .Nm diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile index 8617cba..f519e0f 100644 --- a/share/man/man9/Makefile +++ b/share/man/man9/Makefile @@ -1181,6 +1181,8 @@ MLINKS+=mutex.9 mtx_assert.9 \ mutex.9 MTX_SYSINIT.9 \ mutex.9 mtx_trylock.9 \ mutex.9 mtx_trylock_flags.9 \ + mutex.9 mtx_trylock_spin.9 \ + mutex.9 mtx_trylock_spin_flags.9 \ mutex.9 mtx_unlock.9 \ mutex.9 mtx_unlock_flags.9 \ mutex.9 mtx_unlock_spin.9 \ diff --git a/share/man/man9/mutex.9 b/share/man/man9/mutex.9 index 64ec426..f7d242c 100644 --- a/share/man/man9/mutex.9 +++ b/share/man/man9/mutex.9 @@ -28,7 +28,7 @@ .\" from BSDI $Id: mutex.4,v 1.1.2.3 1998/04/27 22:53:13 ewv Exp $ .\" $FreeBSD$ .\" -.Dd December 13, 2014 +.Dd July 18, 2016 .Dt MUTEX 9 .Os .Sh NAME @@ -41,6 +41,8 @@ .Nm mtx_lock_spin_flags , .Nm mtx_trylock , .Nm mtx_trylock_flags , +.Nm mtx_trylock_spin , +.Nm mtx_trylock_spin_flags , .Nm mtx_unlock , .Nm mtx_unlock_spin , .Nm mtx_unlock_flags , @@ -73,6 +75,10 @@ .Ft int .Fn mtx_trylock_flags "struct mtx *mutex" "int flags" .Ft void +.Fn mtx_trylock_spin "struct mtx *mutex" +.Ft int +.Fn mtx_trylock_spin_flags "struct mtx *mutex" "int flags" +.Ft void .Fn mtx_unlock "struct mtx *mutex" .Ft void .Fn mtx_unlock_spin "struct mtx *mutex" @@ -249,26 +255,33 @@ argument, then the mutex can be acquired recursively. .Pp The .Fn mtx_trylock -attempts to acquire the +and +.Fn mtx_trylock_spin +functions attempt to acquire a .Dv MTX_DEF -mutex pointed to by +or +.Dv MTX_SPIN +mutex, respectively, pointed to by .Fa mutex . -If the mutex cannot be immediately acquired -.Fn mtx_trylock -will return 0, -otherwise the mutex will be acquired -and a non-zero value will be returned. +If the mutex cannot be immediately acquired, the functions will return 0, +otherwise the mutex will be acquired and a non-zero value will be returned. .Pp The .Fn mtx_trylock_flags -function has the same behavior as +and +.Fn mtx_trylock_spin_flags +functions have the same behavior as .Fn mtx_trylock -but should be used when the caller desires to pass in a +and +.Fn mtx_trylock_spin +respectively, but should be used when the caller desires to pass in a .Fa flags value. Presently, the only valid value in the .Fn mtx_trylock -case is +and +.Fn mtx_trylock_spin +cases is .Dv MTX_QUIET , and its effects are identical to those described for .Fn mtx_lock @@ -447,6 +460,13 @@ while any spin lock is held. .It Dv MTX_RECURSE Specifies that the initialized mutex is allowed to recurse. This bit must be present if the mutex is permitted to recurse. +.Pp +Note that neither +.Fn mtx_trylock +nor +.Fn mtx_trylock_spin +support recursion; +that is, attempting to acquire an already-owned mutex fails. .It Dv MTX_QUIET Do not log any mutex operations for this lock. .It Dv MTX_NOWITNESS @@ -534,3 +554,7 @@ functions appeared in .Bsx 4.1 and .Fx 5.0 . +The +.Fn mtx_trylock_spin +function was added in +.Fx 12.0 . diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 84dde7a..c3662e2 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="11.0" -BRANCH="BETA2" +BRANCH="BETA3" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi diff --git a/sys/dev/pty/pty.c b/sys/dev/pty/pty.c index 5036cb2..ad34e11 100644 --- a/sys/dev/pty/pty.c +++ b/sys/dev/pty/pty.c @@ -52,10 +52,10 @@ __FBSDID("$FreeBSD$"); * binary emulation. */ -static unsigned int pty_warningcnt = 1; +static unsigned pty_warningcnt = 1; SYSCTL_UINT(_kern, OID_AUTO, tty_pty_warningcnt, CTLFLAG_RW, - &pty_warningcnt, 0, - "Warnings that will be triggered upon legacy PTY allocation"); + &pty_warningcnt, 0, + "Warnings that will be triggered upon legacy PTY allocation"); static int ptydev_fdopen(struct cdev *dev, int fflags, struct thread *td, struct file *fp) @@ -77,12 +77,7 @@ ptydev_fdopen(struct cdev *dev, int fflags, struct thread *td, struct file *fp) } /* Raise a warning when a legacy PTY has been allocated. */ - if (pty_warningcnt > 0) { - pty_warningcnt--; - log(LOG_INFO, "pid %d (%s) is using legacy pty devices%s\n", - td->td_proc->p_pid, td->td_name, - pty_warningcnt ? "" : " - not logging anymore"); - } + counted_warning(&pty_warningcnt, "is using legacy pty devices"); return (0); } diff --git a/sys/dev/urtwn/if_urtwn.c b/sys/dev/urtwn/if_urtwn.c index f5d3818..72f3e67 100644 --- a/sys/dev/urtwn/if_urtwn.c +++ b/sys/dev/urtwn/if_urtwn.c @@ -2318,6 +2318,10 @@ urtwn_key_set_cb(struct urtwn_softc *sc, union sec_param *data) k->wk_cipher->ic_cipher, algo, k->wk_flags, k->wk_keylen, ether_sprintf(k->wk_macaddr)); + /* Clear high bits. */ + urtwn_cam_write(sc, R92C_CAM_CTL6(k->wk_keyix), 0); + urtwn_cam_write(sc, R92C_CAM_CTL7(k->wk_keyix), 0); + /* Write key. */ for (i = 0; i < 4; i++) { error = urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), diff --git a/sys/dev/urtwn/if_urtwnreg.h b/sys/dev/urtwn/if_urtwnreg.h index e80fd07..aff9b13 100644 --- a/sys/dev/urtwn/if_urtwnreg.h +++ b/sys/dev/urtwn/if_urtwnreg.h @@ -871,6 +871,8 @@ #define R92C_CAM_CTL0(entry) ((entry) * 8 + 0) #define R92C_CAM_CTL1(entry) ((entry) * 8 + 1) #define R92C_CAM_KEY(entry, i) ((entry) * 8 + 2 + (i)) +#define R92C_CAM_CTL6(entry) ((entry) * 8 + 6) +#define R92C_CAM_CTL7(entry) ((entry) * 8 + 7) /* Bits for R92C_CAM_CTL0(i). */ #define R92C_CAM_KEYID_M 0x00000003 diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 844f1ed..6466a3e 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -759,6 +759,8 @@ interpret: if (p->p_flag & P_PPWAIT) { p->p_flag &= ~(P_PPWAIT | P_PPTRACE); cv_broadcast(&p->p_pwait); + /* STOPs are no longer ignored, arrange for AST */ + signotify(td); } /* diff --git a/sys/kern/kern_mutex.c b/sys/kern/kern_mutex.c index 012cf7c..453add4 100644 --- a/sys/kern/kern_mutex.c +++ b/sys/kern/kern_mutex.c @@ -281,6 +281,34 @@ __mtx_lock_spin_flags(volatile uintptr_t *c, int opts, const char *file, WITNESS_LOCK(&m->lock_object, opts | LOP_EXCLUSIVE, file, line); } +int +__mtx_trylock_spin_flags(volatile uintptr_t *c, int opts, const char *file, + int line) +{ + struct mtx *m; + + if (SCHEDULER_STOPPED()) + return (1); + + m = mtxlock2mtx(c); + + KASSERT(m->mtx_lock != MTX_DESTROYED, + ("mtx_trylock_spin() of destroyed mutex @ %s:%d", file, line)); + KASSERT(LOCK_CLASS(&m->lock_object) == &lock_class_mtx_spin, + ("mtx_trylock_spin() of sleep mutex %s @ %s:%d", + m->lock_object.lo_name, file, line)); + KASSERT((opts & MTX_RECURSE) == 0, + ("mtx_trylock_spin: unsupp. opt MTX_RECURSE on mutex %s @ %s:%d\n", + m->lock_object.lo_name, file, line)); + if (__mtx_trylock_spin(m, curthread, opts, file, line)) { + LOCK_LOG_TRY("LOCK", &m->lock_object, opts, 1, file, line); + WITNESS_LOCK(&m->lock_object, opts | LOP_EXCLUSIVE, file, line); + return (1); + } + LOCK_LOG_TRY("LOCK", &m->lock_object, opts, 0, file, line); + return (0); +} + void __mtx_unlock_spin_flags(volatile uintptr_t *c, int opts, const char *file, int line) diff --git a/sys/kern/subr_prf.c b/sys/kern/subr_prf.c index 5bcf39b..3784ffd 100644 --- a/sys/kern/subr_prf.c +++ b/sys/kern/subr_prf.c @@ -1196,3 +1196,24 @@ sbuf_hexdump(struct sbuf *sb, const void *ptr, int length, const char *hdr, } } +#ifdef _KERNEL +void +counted_warning(unsigned *counter, const char *msg) +{ + struct thread *td; + unsigned c; + + for (;;) { + c = *counter; + if (c == 0) + break; + if (atomic_cmpset_int(counter, c, c - 1)) { + td = curthread; + log(LOG_INFO, "pid %d (%s) %s%s\n", + td->td_proc->p_pid, td->td_name, msg, + c > 1 ? "" : " - not logging anymore"); + break; + } + } +} +#endif diff --git a/sys/kern/subr_trap.c b/sys/kern/subr_trap.c index eb44087..763ba0d 100644 --- a/sys/kern/subr_trap.c +++ b/sys/kern/subr_trap.c @@ -101,17 +101,29 @@ userret(struct thread *td, struct trapframe *frame) td->td_name); KASSERT((p->p_flag & P_WEXIT) == 0, ("Exiting process returns to usermode")); -#if 0 #ifdef DIAGNOSTIC - /* Check that we called signotify() enough. */ - PROC_LOCK(p); - thread_lock(td); - if (SIGPENDING(td) && ((td->td_flags & TDF_NEEDSIGCHK) == 0 || - (td->td_flags & TDF_ASTPENDING) == 0)) - printf("failed to set signal flags properly for ast()\n"); - thread_unlock(td); - PROC_UNLOCK(p); -#endif + /* + * Check that we called signotify() enough. For + * multi-threaded processes, where signal distribution might + * change due to other threads changing sigmask, the check is + * racy and cannot be performed reliably. + * If current process is vfork child, indicated by P_PPWAIT, then + * issignal() ignores stops, so we block the check to avoid + * classifying pending signals. + */ + if (p->p_numthreads == 1) { + PROC_LOCK(p); + thread_lock(td); + if ((p->p_flag & P_PPWAIT) == 0) { + KASSERT(!SIGPENDING(td) || (td->td_flags & + (TDF_NEEDSIGCHK | TDF_ASTPENDING)) == + (TDF_NEEDSIGCHK | TDF_ASTPENDING), + ("failed to set signal flags for ast p %p " + "td %p fl %x", p, td, td->td_flags)); + } + thread_unlock(td); + PROC_UNLOCK(p); + } #endif #ifdef KTRACE KTRUSERRET(td); @@ -265,6 +277,29 @@ ast(struct trapframe *framep) #endif } +#ifdef DIAGNOSTIC + if (p->p_numthreads == 1 && (flags & TDF_NEEDSIGCHK) == 0) { + PROC_LOCK(p); + thread_lock(td); + /* + * Note that TDF_NEEDSIGCHK should be re-read from + * td_flags, since signal might have been delivered + * after we cleared td_flags above. This is one of + * the reason for looping check for AST condition. + * See comment in userret() about P_PPWAIT. + */ + if ((p->p_flag & P_PPWAIT) == 0) { + KASSERT(!SIGPENDING(td) || (td->td_flags & + (TDF_NEEDSIGCHK | TDF_ASTPENDING)) == + (TDF_NEEDSIGCHK | TDF_ASTPENDING), + ("failed2 to set signal flags for ast p %p td %p " + "fl %x %x", p, td, flags, td->td_flags)); + } + thread_unlock(td); + PROC_UNLOCK(p); + } +#endif + /* * Check for signals. Unlocked reads of p_pendingcnt or * p_siglist might cause process-directed signal to be handled diff --git a/sys/kern/vfs_aio.c b/sys/kern/vfs_aio.c index 3c9aa44..ead5e7c 100644 --- a/sys/kern/vfs_aio.c +++ b/sys/kern/vfs_aio.c @@ -53,6 +53,7 @@ __FBSDID("$FreeBSD$"); #include <sys/syscall.h> #include <sys/sysent.h> #include <sys/sysctl.h> +#include <sys/syslog.h> #include <sys/sx.h> #include <sys/taskqueue.h> #include <sys/vnode.h> @@ -110,6 +111,11 @@ static int enable_aio_unsafe = 0; SYSCTL_INT(_vfs_aio, OID_AUTO, enable_unsafe, CTLFLAG_RW, &enable_aio_unsafe, 0, "Permit asynchronous IO on all file types, not just known-safe types"); +static unsigned int unsafe_warningcnt = 1; +SYSCTL_UINT(_vfs_aio, OID_AUTO, unsafe_warningcnt, CTLFLAG_RW, + &unsafe_warningcnt, 0, + "Warnings that will be triggered upon failed IO requests on unsafe files"); + static int max_aio_procs = MAX_AIO_PROCS; SYSCTL_INT(_vfs_aio, OID_AUTO, max_aio_procs, CTLFLAG_RW, &max_aio_procs, 0, "Maximum number of kernel processes to use for handling async IO "); @@ -1664,7 +1670,10 @@ aio_queue_file(struct file *fp, struct kaiocb *job) struct aioliojob *lj; struct kaioinfo *ki; struct kaiocb *job2; + struct vnode *vp; + struct mount *mp; int error, opcode; + bool safe; lj = job->lio; ki = job->userproc->p_aioinfo; @@ -1685,8 +1694,20 @@ aio_queue_file(struct file *fp, struct kaiocb *job) goto done; #endif queueit: - if (!enable_aio_unsafe) + safe = false; + if (fp->f_type == DTYPE_VNODE) { + vp = fp->f_vnode; + if (vp->v_type == VREG || vp->v_type == VDIR) { + mp = fp->f_vnode->v_mount; + if (mp == NULL || (mp->mnt_flag & MNT_LOCAL) != 0) + safe = true; + } + } + if (!(safe || enable_aio_unsafe)) { + counted_warning(&unsafe_warningcnt, + "is attempting to use unsafe AIO requests"); return (EOPNOTSUPP); + } if (opcode == LIO_SYNC) { AIO_LOCK(ki); diff --git a/sys/sys/mutex.h b/sys/sys/mutex.h index 0443922..374aaab 100644 --- a/sys/sys/mutex.h +++ b/sys/sys/mutex.h @@ -112,6 +112,8 @@ void __mtx_unlock_flags(volatile uintptr_t *c, int opts, const char *file, int line); void __mtx_lock_spin_flags(volatile uintptr_t *c, int opts, const char *file, int line); +int __mtx_trylock_spin_flags(volatile uintptr_t *c, int opts, + const char *file, int line); void __mtx_unlock_spin_flags(volatile uintptr_t *c, int opts, const char *file, int line); #if defined(INVARIANTS) || defined(INVARIANT_SUPPORT) @@ -152,6 +154,8 @@ void thread_lock_flags_(struct thread *, int, const char *, int); __mtx_unlock_flags(&(m)->mtx_lock, o, f, l) #define _mtx_lock_spin_flags(m, o, f, l) \ __mtx_lock_spin_flags(&(m)->mtx_lock, o, f, l) +#define _mtx_trylock_spin_flags(m, o, f, l) \ + __mtx_trylock_spin_flags(&(m)->mtx_lock, o, f, l) #define _mtx_unlock_spin_flags(m, o, f, l) \ __mtx_unlock_spin_flags(&(m)->mtx_lock, o, f, l) #if defined(INVARIANTS) || defined(INVARIANT_SUPPORT) @@ -212,6 +216,21 @@ void thread_lock_flags_(struct thread *, int, const char *, int); LOCKSTAT_PROFILE_OBTAIN_LOCK_SUCCESS(spin__acquire, \ mp, 0, 0, file, line); \ } while (0) +#define __mtx_trylock_spin(mp, tid, opts, file, line) __extension__ ({ \ + uintptr_t _tid = (uintptr_t)(tid); \ + int _ret; \ + \ + spinlock_enter(); \ + if (((mp)->mtx_lock != MTX_UNOWNED || !_mtx_obtain_lock((mp), _tid))) {\ + spinlock_exit(); \ + _ret = 0; \ + } else { \ + LOCKSTAT_PROFILE_OBTAIN_LOCK_SUCCESS(spin__acquire, \ + mp, 0, 0, file, line); \ + _ret = 1; \ + } \ + _ret; \ +}) #else /* SMP */ #define __mtx_lock_spin(mp, tid, opts, file, line) do { \ uintptr_t _tid = (uintptr_t)(tid); \ @@ -224,6 +243,20 @@ void thread_lock_flags_(struct thread *, int, const char *, int); (mp)->mtx_lock = _tid; \ } \ } while (0) +#define __mtx_trylock_spin(mp, tid, opts, file, line) __extension__ ({ \ + uintptr_t _tid = (uintptr_t)(tid); \ + int _ret; \ + \ + spinlock_enter(); \ + if ((mp)->mtx_lock != MTX_UNOWNED) { \ + spinlock_exit(); \ + _ret = 0; \ + } else { \ + (mp)->mtx_lock = _tid; \ + _ret = 1; \ + } \ + _ret; \ +}) #endif /* SMP */ /* Unlock a normal mutex. */ @@ -293,6 +326,10 @@ void thread_lock_flags_(struct thread *, int, const char *, int); * mtx_trylock_flags(m, opts) is used the same way as mtx_trylock() but accepts * relevant option flags `opts.' * + * mtx_trylock_spin(m) attempts to acquire MTX_SPIN mutex `m' but doesn't + * spin if it cannot. Rather, it returns 0 on failure and non-zero on + * success. It always returns failure for recursed lock attempts. + * * mtx_initialized(m) returns non-zero if the lock `m' has been initialized. * * mtx_owned(m) returns non-zero if the current thread owns the lock `m' @@ -302,6 +339,7 @@ void thread_lock_flags_(struct thread *, int, const char *, int); #define mtx_lock(m) mtx_lock_flags((m), 0) #define mtx_lock_spin(m) mtx_lock_spin_flags((m), 0) #define mtx_trylock(m) mtx_trylock_flags((m), 0) +#define mtx_trylock_spin(m) mtx_trylock_spin_flags((m), 0) #define mtx_unlock(m) mtx_unlock_flags((m), 0) #define mtx_unlock_spin(m) mtx_unlock_spin_flags((m), 0) @@ -335,6 +373,8 @@ extern struct mtx_pool *mtxpool_sleep; _mtx_unlock_flags((m), (opts), (file), (line)) #define mtx_lock_spin_flags_(m, opts, file, line) \ _mtx_lock_spin_flags((m), (opts), (file), (line)) +#define mtx_trylock_spin_flags_(m, opts, file, line) \ + _mtx_trylock_spin_flags((m), (opts), (file), (line)) #define mtx_unlock_spin_flags_(m, opts, file, line) \ _mtx_unlock_spin_flags((m), (opts), (file), (line)) #else /* LOCK_DEBUG == 0 && !MUTEX_NOINLINE */ @@ -344,6 +384,8 @@ extern struct mtx_pool *mtxpool_sleep; __mtx_unlock((m), curthread, (opts), (file), (line)) #define mtx_lock_spin_flags_(m, opts, file, line) \ __mtx_lock_spin((m), curthread, (opts), (file), (line)) +#define mtx_trylock_spin_flags_(m, opts, file, line) \ + __mtx_trylock_spin((m), curthread, (opts), (file), (line)) #define mtx_unlock_spin_flags_(m, opts, file, line) \ __mtx_unlock_spin((m)) #endif /* LOCK_DEBUG > 0 || MUTEX_NOINLINE */ @@ -369,6 +411,8 @@ extern struct mtx_pool *mtxpool_sleep; mtx_unlock_spin_flags_((m), (opts), LOCK_FILE, LOCK_LINE) #define mtx_trylock_flags(m, opts) \ mtx_trylock_flags_((m), (opts), LOCK_FILE, LOCK_LINE) +#define mtx_trylock_spin_flags(m, opts) \ + mtx_trylock_spin_flags_((m), (opts), LOCK_FILE, LOCK_LINE) #define mtx_assert(m, what) \ mtx_assert_((m), (what), __FILE__, __LINE__) diff --git a/sys/sys/proc.h b/sys/sys/proc.h index f533db6..1550742 100644 --- a/sys/sys/proc.h +++ b/sys/sys/proc.h @@ -739,7 +739,7 @@ struct proc { #define SW_TYPE_MASK 0xff /* First 8 bits are switch type */ #define SWT_NONE 0 /* Unspecified switch. */ #define SWT_PREEMPT 1 /* Switching due to preemption. */ -#define SWT_OWEPREEMPT 2 /* Switching due to opepreempt. */ +#define SWT_OWEPREEMPT 2 /* Switching due to owepreempt. */ #define SWT_TURNSTILE 3 /* Turnstile contention. */ #define SWT_SLEEPQ 4 /* Sleepq wait. */ #define SWT_SLEEPQTIMO 5 /* Sleepq timeout wait. */ diff --git a/sys/sys/systm.h b/sys/sys/systm.h index dae6adc..f47ba2d 100644 --- a/sys/sys/systm.h +++ b/sys/sys/systm.h @@ -447,4 +447,6 @@ void intr_prof_stack_use(struct thread *td, struct trapframe *frame); extern void (*softdep_ast_cleanup)(void); +void counted_warning(unsigned *counter, const char *msg); + #endif /* !_SYS_SYSTM_H_ */ diff --git a/sys/ufs/ufs/ufs_lookup.c b/sys/ufs/ufs/ufs_lookup.c index 53536ff..29d96a0 100644 --- a/sys/ufs/ufs/ufs_lookup.c +++ b/sys/ufs/ufs/ufs_lookup.c @@ -881,6 +881,7 @@ ufs_direnter(dvp, tvp, dirp, cnp, newdirbp, isrename) struct buf *bp; u_int dsize; struct direct *ep, *nep; + u_int64_t old_isize; int error, ret, blkoff, loc, spacefree, flags, namlen; char *dirbuf; @@ -909,16 +910,18 @@ ufs_direnter(dvp, tvp, dirp, cnp, newdirbp, isrename) return (error); } #endif + old_isize = dp->i_size; + vnode_pager_setsize(dvp, (u_long)dp->i_offset + DIRBLKSIZ); if ((error = UFS_BALLOC(dvp, (off_t)dp->i_offset, DIRBLKSIZ, cr, flags, &bp)) != 0) { if (DOINGSOFTDEP(dvp) && newdirbp != NULL) bdwrite(newdirbp); + vnode_pager_setsize(dvp, (u_long)old_isize); return (error); } dp->i_size = dp->i_offset + DIRBLKSIZ; DIP_SET(dp, i_size, dp->i_size); dp->i_flag |= IN_CHANGE | IN_UPDATE; - vnode_pager_setsize(dvp, (u_long)dp->i_size); dirp->d_reclen = DIRBLKSIZ; blkoff = dp->i_offset & (VFSTOUFS(dvp->v_mount)->um_mountp->mnt_stat.f_iosize - 1); diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c index 83df347..217ca90 100644 --- a/sys/ufs/ufs/ufs_vnops.c +++ b/sys/ufs/ufs/ufs_vnops.c @@ -1913,13 +1913,13 @@ ufs_mkdir(ap) dirtemplate = *dtp; dirtemplate.dot_ino = ip->i_number; dirtemplate.dotdot_ino = dp->i_number; + vnode_pager_setsize(tvp, DIRBLKSIZ); if ((error = UFS_BALLOC(tvp, (off_t)0, DIRBLKSIZ, cnp->cn_cred, BA_CLRBUF, &bp)) != 0) goto bad; ip->i_size = DIRBLKSIZ; DIP_SET(ip, i_size, DIRBLKSIZ); ip->i_flag |= IN_CHANGE | IN_UPDATE; - vnode_pager_setsize(tvp, (u_long)ip->i_size); bcopy((caddr_t)&dirtemplate, (caddr_t)bp->b_data, sizeof dirtemplate); if (DOINGSOFTDEP(tvp)) { /* diff --git a/usr.sbin/bsdinstall/scripts/Makefile b/usr.sbin/bsdinstall/scripts/Makefile index c0d6ac2..163929a 100644 --- a/usr.sbin/bsdinstall/scripts/Makefile +++ b/usr.sbin/bsdinstall/scripts/Makefile @@ -1,6 +1,6 @@ # $FreeBSD$ -SCRIPTS= auto adduser checksum config docsinstall entropy hostname jail \ +SCRIPTS= auto adduser checksum config docsinstall entropy hardening hostname jail \ keymap mirrorselect mount netconfig netconfig_ipv4 netconfig_ipv6 \ rootpass script services time umount wlanconfig zfsboot BINDIR= ${LIBEXECDIR}/bsdinstall diff --git a/usr.sbin/bsdinstall/scripts/auto b/usr.sbin/bsdinstall/scripts/auto index d8ecd62..ab016fc 100755 --- a/usr.sbin/bsdinstall/scripts/auto +++ b/usr.sbin/bsdinstall/scripts/auto @@ -387,6 +387,7 @@ if [ "$NETCONFIG_DONE" != yes ]; then fi #bsdinstall time #bsdinstall services +#bsdinstall hardening #dialog --backtitle "FreeBSD Installer" --title "Add User Accounts" --yesno \ # "Would you like to add users to the installed system now?" 0 0 && \ @@ -403,6 +404,7 @@ finalconfig() { "Hostname" "Set system hostname" \ "Network" "Networking configuration" \ "Services" "Set daemons to run on startup" \ + "System Hardening" "Set security options" \ "Time Zone" "Set system timezone" \ "Handbook" "Install FreeBSD Handbook (requires network)" 2>&1 1>&3) exec 3>&- @@ -428,6 +430,10 @@ finalconfig() { bsdinstall services finalconfig ;; + "System Hardening") + bsdinstall hardening + finalconfig + ;; "Time Zone") bsdinstall time finalconfig diff --git a/usr.sbin/bsdinstall/scripts/config b/usr.sbin/bsdinstall/scripts/config index ea9459f..c334b65 100755 --- a/usr.sbin/bsdinstall/scripts/config +++ b/usr.sbin/bsdinstall/scripts/config @@ -32,6 +32,9 @@ #cat $BSDINSTALL_TMPETC/rc.conf.* >> $BSDINSTALL_TMPETC/rc.conf #rm $BSDINSTALL_TMPETC/rc.conf.* +cat $BSDINSTALL_CHROOT/etc/sysctl.conf $BSDINSTALL_TMPETC/sysctl.conf.hardening >> $BSDINSTALL_TMPETC/sysctl.conf +rm $BSDINSTALL_TMPETC/sysctl.conf.* + #cp $BSDINSTALL_TMPETC/* $BSDINSTALL_CHROOT/etc cat $BSDINSTALL_TMPBOOT/loader.conf.* >> $BSDINSTALL_TMPBOOT/loader.conf diff --git a/usr.sbin/bsdinstall/scripts/hardening b/usr.sbin/bsdinstall/scripts/hardening new file mode 100755 index 0000000..7a3195e --- /dev/null +++ b/usr.sbin/bsdinstall/scripts/hardening @@ -0,0 +1,79 @@ +#!/bin/sh +#- +# Copyright (c) 2016 Bartek Rutkowski +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD$ + +: ${DIALOG_OK=0} + +echo -n > $BSDINSTALL_TMPETC/rc.conf.services + +exec 3>&1 +FEATURES=$( dialog --backtitle "FreeBSD Installer" \ + --title "System Hardening" --nocancel --notags --separate-output \ + --checklist "Choose system security hardening options:" \ + 0 0 0 \ + "hide_uids" "Hide processes running as other users" ${hide_uids:-off} \ + "hide_gids" "Hide processes running as other groups" ${hide_gids:-off} \ + "read_msgbuf" "Disable reading kernel message buffer for unprivileged users" ${read_msgbuf:-off} \ + "proc_debug" "Disable process debugging facilities for unprivileged users" ${proc_debug:-off} \ + "random_pid" "Randomize the PID of newly created processes" ${random_id:-off} \ + "stack_guard" "Insert stack guard page ahead of the growable segments" ${stack_guard:-off} \ + "clear_tmp" "Clean the /tmp filesystem on system startup" ${clear_tmp:-off} \ + "disable_syslogd" "Disable opening Syslogd network socket (disables remote logging)" ${disable_syslogd:-off} \ + "disable_sendmail" "Disable Sendmail service" ${disable_sendmail:-off} \ +2>&1 1>&3 ) +exec 3>&- + +for feature in $FEATURES; do + if [ "$feature" = "hide_uids" ]; then + echo security.bsd.see_other_uids=0 >> $BSDINSTALL_TMPETC/sysctl.conf.hardening + fi + if [ "$feature" = "hide_gids" ]; then + echo security.bsd.see_other_gids=0 >> $BSDINSTALL_TMPETC/sysctl.conf.hardening + fi + if [ "$feature" = "read_msgbuf" ]; then + echo security.bsd.unprivileged_read_msgbuf=0 >> $BSDINSTALL_TMPETC/sysctl.conf.hardening + fi + if [ "$feature" = "proc_debug" ]; then + echo security.bsd.unprivileged_proc_debug=0 >> $BSDINSTALL_TMPETC/sysctl.conf.hardening + fi + if [ "$feature" = "random_id" ]; then + echo kern.randompid=$(jot -r 1 9999) >> $BSDINSTALL_TMPETC/sysctl.conf.hardening + fi + if [ "$feature" = "stack_guard" ]; then + echo security.bsd.stack_guard_page=1 >> $BSDINSTALL_TMPETC/sysctl.conf.hardening + fi + if [ "$feature" = "clear_tmp" ]; then + echo 'clear_tmp_enable="YES"' >> $BSDINSTALL_TMPETC/rc.conf.hardening + fi + if [ "$feature" = "disable_syslogd" ]; then + echo 'syslogd_flags="-ss"' >> $BSDINSTALL_TMPETC/rc.conf.hardening + fi + if [ "$feature" = "disable_sendmail" ]; then + echo 'sendmail_enable="NONE"' >> $BSDINSTALL_TMPETC/rc.conf.hardening + fi +done + diff --git a/usr.sbin/crashinfo/crashinfo.sh b/usr.sbin/crashinfo/crashinfo.sh index 3a55e5d..24bd180 100755 --- a/usr.sbin/crashinfo/crashinfo.sh +++ b/usr.sbin/crashinfo/crashinfo.sh @@ -35,6 +35,22 @@ usage() exit 1 } +# Run a single gdb command against a kernel file in batch mode. +# The kernel file is specified as the first argument and the command +# is given in the remaining arguments. +gdb_command() +{ + local k + + k=$1 ; shift + + if [ -x /usr/local/bin/gdb ]; then + /usr/local/bin/gdb -batch -ex "$@" $k + else + echo -e "$@" | /usr/bin/gdb -x /dev/stdin -batch $k + fi +} + find_kernel() { local ivers k kvers @@ -55,8 +71,8 @@ find_kernel() # Look for a matching kernel version. for k in `sysctl -n kern.bootfile` $(ls -t /boot/*/kernel); do - kvers=$(echo 'printf " Version String: %s", version' | \ - gdb -x /dev/stdin -batch $k 2>/dev/null) + kvers=$(gdb_command $k 'printf " Version String: %s", version' \ + 2>/dev/null) if [ "$ivers" = "$kvers" ]; then KERNEL=$k break @@ -151,11 +167,10 @@ echo "Writing crash summary to $FILE." umask 077 # Simulate uname -ostype=$(echo -e printf '"%s", ostype' | gdb -x /dev/stdin -batch $KERNEL) -osrelease=$(echo -e printf '"%s", osrelease' | gdb -x /dev/stdin -batch $KERNEL) -version=$(echo -e printf '"%s", version' | gdb -x /dev/stdin -batch $KERNEL | \ - tr '\t\n' ' ') -machine=$(echo -e printf '"%s", machine' | gdb -x /dev/stdin -batch $KERNEL) +ostype=$(gdb_command $KERNEL 'printf "%s", ostype') +osrelease=$(gdb_command $KERNEL 'printf "%s", osrelease') +version=$(gdb_command $KERNEL 'printf "%s", version' | tr '\t\n' ' ') +machine=$(gdb_command $KERNEL 'printf "%s", machine') exec > $FILE 2>&1 @@ -174,7 +189,11 @@ file=`mktemp /tmp/crashinfo.XXXXXX` if [ $? -eq 0 ]; then echo "bt" >> $file echo "quit" >> $file - kgdb $KERNEL $VMCORE < $file + if [ -x /usr/local/bin/kgdb ]; then + /usr/local/bin/kgdb $KERNEL $VMCORE < $file + else + kgdb $KERNEL $VMCORE < $file + fi rm -f $file echo fi |