-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Release/10.2.0 #66
Closed
Closed
Release/10.2.0 #66
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sponsored by: The FreeBSD Foundation
FreeBSD-EN-15:08.sendmail, FreeBSD-SA-15:10.openssl. Sponsored by: The FreeBSD Foundation
sfxge: skip VPD info population if access is denied The patch allows to run on unprivileged PF (PFIOV) passed to a virtual machine. Reviewed by: gnn Sponsored by: Solarflare Communications, Inc.
Restore the td_cookie value upon detach.
This limit was in a previous version of the driver, but it is being re- added to match the behavior of previous versions of 10. It prevents the driver from using too many MSI-X vectors on systems with a large number of logical CPU cores. Thanks to <jwd@slowblink.com> for bringing up this issue. Approved by: jfv (mentor)
Update vendor driver to 1.2.7. This update improves driver reliability and adds support of 4Kn drives and report LUNs command. Many thanks to HighPoint for providing this driver update.
Rename __weak to __weak_symbol to avoid language conflict with objective-C. PR: 200972 (exp-run) Suggested by: theraven@
The barriers, provided by _acq and _rel atomics, are acquire and release barriers, not read and write barriers.
Replace bhyve's minimal RTC emulation with a fully featured one in vmm.ko. MFC r276432: Initialize all fields of 'struct vm_exception exception' before passing it to vm_inject_exception(). MFC r276763: Clear blocking due to STI or MOV SS in the hypervisor when an instruction is emulated or when the vcpu incurs an exception. MFC r277149: Clean up usage of 'struct vm_exception' to only to communicate information from userspace to vmm.ko when injecting an exception. MFC r277168: Fix typo (missing comma). MFC r277309: Make the error message explicit instead of just printing the usage if the virtual machine name is not specified. MFC r277310: Simplify instruction restart logic in bhyve. MFC r277359: Fix a bug in libvmmapi 'vm_copy_setup()' where it would return success even if the 'gpa' was in the guest MMIO region. MFC r277360: MOVS instruction emulation. MFC r277626: Add macro to identify AVIC capability (advanced virtual interrupt controller) in AMD processors. MFC r279220: Don't close a block context if it couldn't be opened avoiding a null deref. MFC r279225: Add "-u" option to bhyve(8) to indicate that the RTC should maintain UTC time. MFC r279227: Emulate MSR 0xC0011024 when running on AMD processors. MFC r279228: Always emulate MSR_PAT on Intel processors and don't rely on PAT save/restore capability of VT-x. This lets bhyve run nested in older VMware versions that don't support the PAT save/restore capability. MFC r279540: Fix warnings/errors when building vmm.ko with gcc.
Allow passthrough devices to be hinted. MFC r279683: When ICW1 is issued the edge sense circuit is reset which means that following an initialization a low-to-high transistion is necesary to generate an interrupt. MFC r279925: Add -p parameter to list PCI device to pass through to the guest. MFC r281559: Fix handling of BUS_PROBE_NOWILDCARD in 'device_probe_child()'. MFC r280447: When fetching an instruction in non-64bit mode, consider the value of the code segment base address. MFC r280725: Move legacy interrupt allocation for virtio devices to common code. MFC r280775: Fix the RTC device model to operate correctly in 12-hour mode. MFC r280929: Fix "MOVS" instruction memory to MMIO emulation. MFC r280968: Display instruction bytes and %rip prior to aborting due to an instruction emulation error. MFC r281145: Enhance the support for Group 1 Extended opcodes for CMP, AND, OR instructions. MFC r281542: Initialize 'error' before use (Coverity IDs 1249748, 1249747, 1249751, 1249749) MFC r281561: Prior to aborting due to an ioport error, it is always interesting to see what the guest's %rip is. MFC r281611: If the number of guest vcpus is less than '1' then flag it as an error. MFC r281612: Prefer 'vcpu_should_yield()' over checking 'curthread->td_flags' directly. MFC r281630: Relax the check on which vectors can be delivered through the APIC. According to the Intel SDM vectors 16 through 255 are allowed to be delivered via the local APIC. MFC r281879: Missing break in switch case (Coverity ID 1292499) MFC r281946: Don't allow guest to modify readonly bits in the PCI config 'status' register. MFC r281987: STOS/STOSB/STOSW/STOSD/STOSQ instruction emulation. MFC r282206: Implement the century byte in the RTC.
Emulate the 'bit test' instruction. MFC r282259: Re-implement RTC current time calculation to eliminate the possibility of losing time. MFC r282281: Advertise the MTRR feature via CPUID and emulate the minimal set of MTRR MSRs. MFC r282284: When an instruction cannot be decoded just return to userspace so bhyve(8) can dump the instruction bytes. MFC r282287: Don't require <sys/cpuset.h> to be always included before <machine/vmm.h>. MFC r282296: Emulate MSR_SYSCFG which is accessed by Linux on AMD cpus when MTRRs are enabled. MFC r282301: Relax limits when transitioning a vector from the IRR to the ISR and also when extinguishing it from the ISR in response to an EOI. MFC r282335: Advertise an additional memory BAR in the "dummy" device emulation. MFC r282336: Emulate machine check related MSRs to allow guest OSes like Windows to boot. MFC r282351: Don't advertise the Intel SMX capability to the guest. MFC r282407: Emulate the 'CMP r/m8, imm8' instruction. MFC r282519: Add macros for AMD-specific bits in MSR_EFER: LMSLE, FFXSR and TCE. MFC r282520: Emulate guest writes to EFER_MSR properly. MFC r282558: Deprecate the 3-way return values from vm_gla2gpa() and vm_copy_setup(). MFC r282571: Check 'td_owepreempt' and yield the vcpu thread if it is set. MFC r282595: Allow byte reads of AHCI registers. MFC r282784: Handling indirect descriptors is a capability of the host and not one that needs to be negotiated. Use the host capabilities field and not the negotiated field when verifying that indirect descriptors are supported. MFC r282788: Allow configuration of the sector size advertised to the guest. MFC r282865: Set the subvendor field in config space to the vendor ID. This is required by the Windows virtio drivers to correctly match a device. MFC r282922: Bump the size of the blockif scatter-gather list to 67. MFC r283075: Fix off-by-one in array index bounds check. bhyveload would allow you to create 33 entries on an array that only has 32 slots MFC r283168: Temporarily revert r282922 which bumped the max descriptors. MFC r283255: Emulate the "CMP r/m, reg" instruction (opcode 39H). MFC r283256: Add an option "--get-vmcs-exit-inst-length" to display the instruction length of the instruction that caused the VM-exit. MFC r283264: Change the header type of the emulated host-bridge from type 1 to type 0. MFC r283293: Don't rely on the 'VM-exit instruction length' field in the VMCS to always have an accurate length on an EPT violation. MFC r283299: Remove bogus verification of instruction length after instruction decode. MFC r283308: Exceptions don't deliver an error code in real mode. MFC r283657: Fix non-deterministic delays when accessing a vcpu that was in "running" or "sleeping" state. MFC r283973: Use tunable 'hw.vmm.svm.features' to disable specific SVM features even though they might be available in hardware. Use tunable 'hw.vmm.svm.num_asids' to limit the number of ASIDs used by the hypervisor. MFC r284046: Fix regression in 'verify_gla()' with the RIP-relative addressing mode. MFC r284174: Support guest writes to the TSC by enabling the "use TSC offsetting" execution control.
Previous implementation was too fragile to initiator parameters changes. In case of port role change it could not survive different handle assigned to the same initiator by firmware, even though initiator was logged out. The new implementation should be more resillient to this kind of problems, trying to work in any situation and only warn user about suspisious events.
It (mostly) allows to enable/disable initiator mode in run time. Target mode control is blocked here to force coordination with CTL. While there, add separate tunables/sysctls for virtual channels.
This makes driver better track reported CAM_SEL_TIMEOUTs to properly report device reappearance later. This fixes target 0 not reappearing after initiator mode disabled and then reenabled.
It is odd that driver first tries to generate synthetic WWNN based on WWPN starting from 2, but then refuses to use it. If we don't trust generated WWNN, we should probably not generate it. Same time this limitation prevents potentially valid WWNN setting by user.
Teach ctld about CTL's physical_port and virtual_port fields. This allows ctld to work with isp(4) virtual ports, specifying them as isp0/1, isp0/2, etc. There are still problems on isp(4) layer with disabling those ports after enabling, but hopefully they can be fixed.
Merge changes from vendor driver 1.1.4: v1.1.4 2015-06-09 * Fix a bug that FailLED was not initialized properly. v1.1.3 2015-05-19 * Support Report Luns command. v1.1.2 2015-05-05 * Fix a bug that report wrong physical sector size for 512e HDD. Many thanks to HighPoint for continued support of FreeBSD! This driver update is intended for 10.2-RELEASE. Submitted by: Steve Chang
Skip src component if /usr/src is empty. Submitted by: kczekirda Reviewed by: cperciva, delphij, nwhitehorn, allanjude
Use "RCS tag" instead of "$FreeBSD$ tag", since svn will obediently expand the latter.
Add logic for detecting non-persistent filesystems being utilized by workdir which would break the upgrade process upon reboot. Currently we check for tmpfs and md.
Speed up `freebsd-update IDS` by using IFS to split fields instead of forking lots of processes to run echo|cut. In one test this reduced the CPU time from 980s to 134s and the wallclock time from 806s to 132s. Submitted by: Oleg Ginzburg
- Include commas in valid file-name chars freebsd-update will support
r284882: Add initial support for automatically uploading GCE virtual machine images to the Google Compute Engine platform. Remove gce-package.sh. r284884: Fix a vi-invoked typo. Sponsored by: The FreeBSD Foundation
Only take previous buffer queue lock (olock) when needed for REMFREE in binsfree().
Enable the use of __builtin_va_* for ICC. PR: 198822 Submitted by: Sergey Melnikov <sergey.melnikov@intel.com>
Spelling, grammar and mdoc cleanup.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
serial devices. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Document a few interesting package versions for 10.2-RELEASE. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Only match devices that belong to this driver. Approved by: re@ (gjb@)
Revert r173708's modifications to vm_object_page_remove(). This fixes inconsistencies encountered by vm_object_unwire() or by the buffer cache when the file is truncated. Approved by: re (gjb)
MFC r286285: Ensure the local MANIFEST is always used when verifying remote distribution sets. Approved by: re (glebius) Sponsored by: The FreeBSD Foundation
- Reword a few entries for consistency throughout the document. - Remove the 'role="arm"' from the arm-specific section, as it is redundant. - s/&man.geom.4;/GEOM/ in a title, because it looks ridiculous. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Make the kern.racct.enable tunable actually work. This is a direct commit to 10-STABLE - 11-CURRENT is not affected, because tunables are automatically fetched there. Approved by: re (gjb) Sponsored by: The FreeBSD Foundation
to populate dvd1.iso. This is a direct commit to releng/10.2. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Fix routed remote denial of service vulnerability. [SA-15:19] Approved by: re (so blanket)
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Fix segfault in pw(8) when modifying the UID of a user. PR: 202111 Approved by: re (delphij) Sponsored by: The FreeBSD Foundation
Submitted by: pkelsey Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Now that stable/8 is EOL, stop building INDEX-8. Approved by: re (gjb)
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
10.2-RELEASE builds. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
hardenedbsd-services
referenced
this pull request
in HardenedBSD/hardenedBSD
Oct 10, 2021
The sanity check for ensuring which symbols to remove (when llvm-objcopy is running as the strip command) is a bit too aggressive. Relax the rules, at least temporarily, to address at least some of the ports build failures[0]. There's more work to be done, and ideally, we'd re-enable the sanity check. [0]: http://ci-08.md.hardenedbsd.org/data/hardenedbsd-current_amd64-local/2021-10-08_15h25m44s/logs/errors/postgresql12-client-12.8.log Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org> issue: #66
hardenedbsd-services
referenced
this pull request
in HardenedBSD/hardenedBSD
Dec 12, 2021
The sanity check for ensuring which symbols to remove (when llvm-objcopy is running as the strip command) is a bit too aggressive. Relax the rules, at least temporarily, to address at least some of the ports build failures[0]. There's more work to be done, and ideally, we'd re-enable the sanity check. [0]: http://ci-08.md.hardenedbsd.org/data/hardenedbsd-current_amd64-local/2021-10-08_15h25m44s/logs/errors/postgresql12-client-12.8.log Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org> issue: #66 (cherry picked from commit 9692b5d) Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
hardenedbsd-services
referenced
this pull request
in HardenedBSD/hardenedBSD
Dec 29, 2021
The sanity check for ensuring which symbols to remove (when llvm-objcopy is running as the strip command) is a bit too aggressive. Relax the rules, at least temporarily, to address at least some of the ports build failures[0]. There's more work to be done, and ideally, we'd re-enable the sanity check. [0]: http://ci-08.md.hardenedbsd.org/data/hardenedbsd-current_amd64-local/2021-10-08_15h25m44s/logs/errors/postgresql12-client-12.8.log Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org> issue: #66 (cherry picked from commit 9692b5d) Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.