diff --git a/UPDATING b/UPDATING index 607b16ff6d35..07e4e2153c58 100644 --- a/UPDATING +++ b/UPDATING @@ -31,6 +31,13 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 12.x IS SLOW: disable the most expensive debugging functionality run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) +20181006: + The legacy DRM modules and drivers have now been added to the loader's + module blacklist, in favor of loading them with kld_list in rc.conf(5). + The module blacklist may be overridden with the loader.conf(5) + 'module_blacklist' variable, but loading them via rc.conf(5) is strongly + encouraged. + 20181002: The cam(4) based nda(4) driver will be used over nvd(4) by default on powerpc64. You may set 'options NVME_USE_NVD=1' in your kernel conf or diff --git a/crypto/openssh/auth2.c b/crypto/openssh/auth2.c index fe9b1f950198..588a8346c43e 100644 --- a/crypto/openssh/auth2.c +++ b/crypto/openssh/auth2.c @@ -316,7 +316,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) #ifdef HAVE_LOGIN_CAP if (authctxt->pw != NULL && - (lc = login_getpwclass(authctxt->pw)) != NULL) { + (lc = PRIVSEP(login_getpwclass(authctxt->pw))) != NULL) { logit("user %s login class %s", authctxt->pw->pw_name, authctxt->pw->pw_class); from_host = auth_get_canonical_hostname(ssh, options.use_dns); @@ -331,7 +331,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) authctxt->pw->pw_name, from_host); packet_disconnect("Logins not available right now."); } - login_close(lc); + PRIVSEP(login_close(lc)); } #endif /* HAVE_LOGIN_CAP */ diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c index 531b2993ab6b..3c0c23393945 100644 --- a/crypto/openssh/monitor.c +++ b/crypto/openssh/monitor.c @@ -114,6 +114,7 @@ static struct sshbuf *child_state; int mm_answer_moduli(int, struct sshbuf *); int mm_answer_sign(int, struct sshbuf *); +int mm_answer_login_getpwclass(int, struct sshbuf *); int mm_answer_pwnamallow(int, struct sshbuf *); int mm_answer_auth2_read_banner(int, struct sshbuf *); int mm_answer_authserv(int, struct sshbuf *); @@ -189,6 +190,7 @@ struct mon_table mon_dispatch_proto20[] = { {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, #endif {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, + {MONITOR_REQ_GETPWCLASS, MON_AUTH, mm_answer_login_getpwclass}, {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, @@ -707,6 +709,46 @@ mm_answer_sign(int sock, struct sshbuf *m) return (0); } +int +mm_answer_login_getpwclass(int sock, struct sshbuf *m) +{ + login_cap_t *lc; + struct passwd *pw; + int r; + u_int len; + + debug3("%s", __func__); + + pw = sshbuf_get_passwd(m); + if (pw == NULL) + fatal("%s: receive get struct passwd failed", __func__); + + lc = login_getpwclass(pw); + + sshbuf_reset(m); + + if (lc == NULL) { + if (r = sshbuf_put_u8(m, 0) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + goto out; + } + + if ((r = sshbuf_put_u8(m, 1)) != 0 || + (r = sshbuf_put_cstring(m, lc->lc_class)) != 0 || + (r = sshbuf_put_cstring(m, lc->lc_cap)) != 0 || + (r = sshbuf_put_cstring(m, lc->lc_style)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + + login_close(lc); + out: + debug3("%s: sending MONITOR_ANS_GETPWCLASS", __func__); + mm_request_send(sock, MONITOR_ANS_GETPWCLASS, m); + + sshbuf_free_passwd(pw); + + return (0); +} + /* Retrieves the password entry and also checks if the user is permitted */ int @@ -745,19 +787,8 @@ mm_answer_pwnamallow(int sock, struct sshbuf *m) authctxt->pw = pwent; authctxt->valid = 1; - /* XXX don't sent pwent to unpriv; send fake class/dir/shell too */ if ((r = sshbuf_put_u8(m, 1)) != 0 || - (r = sshbuf_put_string(m, pwent, sizeof(*pwent))) != 0 || - (r = sshbuf_put_cstring(m, pwent->pw_name)) != 0 || - (r = sshbuf_put_cstring(m, "*")) != 0 || -#ifdef HAVE_STRUCT_PASSWD_PW_GECOS - (r = sshbuf_put_cstring(m, pwent->pw_gecos)) != 0 || -#endif -#ifdef HAVE_STRUCT_PASSWD_PW_CLASS - (r = sshbuf_put_cstring(m, pwent->pw_class)) != 0 || -#endif - (r = sshbuf_put_cstring(m, pwent->pw_dir)) != 0 || - (r = sshbuf_put_cstring(m, pwent->pw_shell)) != 0) + (r = sshbuf_put_passwd(m, pwent)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); out: diff --git a/crypto/openssh/monitor.h b/crypto/openssh/monitor.h index 16047299f882..abf2ca4018b4 100644 --- a/crypto/openssh/monitor.h +++ b/crypto/openssh/monitor.h @@ -53,7 +53,8 @@ enum monitor_reqtype { MONITOR_REQ_GSSSTEP = 44, MONITOR_ANS_GSSSTEP = 45, MONITOR_REQ_GSSUSEROK = 46, MONITOR_ANS_GSSUSEROK = 47, MONITOR_REQ_GSSCHECKMIC = 48, MONITOR_ANS_GSSCHECKMIC = 49, - MONITOR_REQ_TERM = 50, + MONITOR_REQ_GETPWCLASS = 50, MONITOR_ANS_GETPWCLASS = 51, + MONITOR_REQ_TERM = 52, MONITOR_REQ_PAM_START = 100, MONITOR_REQ_PAM_ACCOUNT = 102, MONITOR_ANS_PAM_ACCOUNT = 103, diff --git a/crypto/openssh/monitor_wrap.c b/crypto/openssh/monitor_wrap.c index 732fb3476bf0..7cd20089d9ca 100644 --- a/crypto/openssh/monitor_wrap.c +++ b/crypto/openssh/monitor_wrap.c @@ -247,6 +247,57 @@ mm_sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp, return (0); } +login_cap_t * +mm_login_getpwclass(const struct passwd *pwent) +{ + int r; + struct sshbuf *m; + char rc; + login_cap_t *lc; + + debug3("%s entering", __func__); + + if ((m = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); + if ((r = sshbuf_put_passwd(m, pwent)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GETPWCLASS, m); + + debug3("%s: waiting for MONITOR_ANS_GETPWCLASS", __func__); + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GETPWCLASS, m); + + if ((r = sshbuf_get_u8(m, &rc)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + + if (rc == 0) { + lc = NULL; + goto out; + } + + lc = xmalloc(sizeof(*lc)); + if ((r = sshbuf_get_cstring(m, &lc->lc_class, NULL)) != 0 || + (r = sshbuf_get_cstring(m, &lc->lc_cap, NULL)) != 0 || + (r = sshbuf_get_cstring(m, &lc->lc_style, NULL)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + + out: + sshbuf_free(m); + + return (lc); +} + +void +mm_login_close(login_cap_t *lc) +{ + if (lc == NULL) + return; + free(lc->lc_style); + free(lc->lc_class); + free(lc->lc_cap); + free(lc); +} + struct passwd * mm_getpwnamallow(const char *username) { @@ -279,25 +330,9 @@ mm_getpwnamallow(const char *username) goto out; } - /* XXX don't like passing struct passwd like this */ - pw = xcalloc(sizeof(*pw), 1); - if ((r = sshbuf_get_string_direct(m, &p, &len)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (len != sizeof(*pw)) - fatal("%s: struct passwd size mismatch", __func__); - memcpy(pw, p, sizeof(*pw)); - - if ((r = sshbuf_get_cstring(m, &pw->pw_name, NULL)) != 0 || - (r = sshbuf_get_cstring(m, &pw->pw_passwd, NULL)) != 0 || -#ifdef HAVE_STRUCT_PASSWD_PW_GECOS - (r = sshbuf_get_cstring(m, &pw->pw_gecos, NULL)) != 0 || -#endif -#ifdef HAVE_STRUCT_PASSWD_PW_CLASS - (r = sshbuf_get_cstring(m, &pw->pw_class, NULL)) != 0 || -#endif - (r = sshbuf_get_cstring(m, &pw->pw_dir, NULL)) != 0 || - (r = sshbuf_get_cstring(m, &pw->pw_shell, NULL)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + pw = sshbuf_get_passwd(m); + if (pw == NULL) + fatal("%s: receive get struct passwd failed", __func__); out: /* copy options block as a Match directive may have changed some */ diff --git a/crypto/openssh/monitor_wrap.h b/crypto/openssh/monitor_wrap.h index 644da081db8d..248dac5c3bb8 100644 --- a/crypto/openssh/monitor_wrap.h +++ b/crypto/openssh/monitor_wrap.h @@ -28,6 +28,8 @@ #ifndef _MM_WRAP_H_ #define _MM_WRAP_H_ +#include + extern int use_privsep; #define PRIVSEP(x) (use_privsep ? mm_##x : x) @@ -45,6 +47,8 @@ int mm_sshkey_sign(struct sshkey *, u_char **, size_t *, const u_char *, size_t, const char *, u_int compat); void mm_inform_authserv(char *, char *); struct passwd *mm_getpwnamallow(const char *); +login_cap_t *mm_login_getpwclass(const struct passwd *pwd); +void mm_login_close(login_cap_t *lc); char *mm_auth2_read_banner(void); int mm_auth_password(struct ssh *, char *); int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *, diff --git a/crypto/openssh/sandbox-capsicum.c b/crypto/openssh/sandbox-capsicum.c index 5f41d526292b..f728abd18250 100644 --- a/crypto/openssh/sandbox-capsicum.c +++ b/crypto/openssh/sandbox-capsicum.c @@ -31,6 +31,7 @@ __RCSID("$FreeBSD$"); #include #include #include +#include #include "log.h" #include "monitor.h" @@ -71,6 +72,8 @@ ssh_sandbox_child(struct ssh_sandbox *box) struct rlimit rl_zero; cap_rights_t rights; + caph_cache_tzdata(); + rl_zero.rlim_cur = rl_zero.rlim_max = 0; if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1) diff --git a/crypto/openssh/sshbuf-getput-basic.c b/crypto/openssh/sshbuf-getput-basic.c index 50648258f48d..ef56931d522e 100644 --- a/crypto/openssh/sshbuf-getput-basic.c +++ b/crypto/openssh/sshbuf-getput-basic.c @@ -25,6 +25,7 @@ #include #include +#include "xmalloc.h" #include "ssherr.h" #include "sshbuf.h" @@ -462,3 +463,95 @@ sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf, } return 0; } + +/* + * store struct pwd + */ +int +sshbuf_put_passwd(struct sshbuf *buf, const struct passwd *pwent) +{ + int r; + + /* + * We never send pointer values of struct passwd. + * It is safe from wild pointer even if a new pointer member is added. + */ + + if ((r = sshbuf_put_u64(buf, sizeof(*pwent)) != 0) || + (r = sshbuf_put_cstring(buf, pwent->pw_name)) != 0 || + (r = sshbuf_put_cstring(buf, "*")) != 0 || + (r = sshbuf_put_u32(buf, pwent->pw_uid)) != 0 || + (r = sshbuf_put_u32(buf, pwent->pw_gid)) != 0 || + (r = sshbuf_put_u64(buf, pwent->pw_change)) != 0 || +#ifdef HAVE_STRUCT_PASSWD_PW_GECOS + (r = sshbuf_put_cstring(buf, pwent->pw_gecos)) != 0 || +#endif +#ifdef HAVE_STRUCT_PASSWD_PW_CLASS + (r = sshbuf_put_cstring(buf, pwent->pw_class)) != 0 || +#endif + (r = sshbuf_put_cstring(buf, pwent->pw_dir)) != 0 || + (r = sshbuf_put_cstring(buf, pwent->pw_shell)) != 0 || + (r = sshbuf_put_u64(buf, pwent->pw_expire)) != 0 || + (r = sshbuf_put_u32(buf, pwent->pw_fields)) != 0) { + return r; + } + return 0; +} + +/* + * extract struct pwd + */ +struct passwd * +sshbuf_get_passwd(struct sshbuf *buf) +{ + struct passwd *pw; + int r; + size_t len; + + /* check if size of struct passwd is as same as sender's size */ + r = sshbuf_get_u64(buf, &len); + if (r != 0 || len != sizeof(*pw)) + return NULL; + + pw = xcalloc(1, sizeof(*pw)); + if (sshbuf_get_cstring(buf, &pw->pw_name, NULL) != 0 || + sshbuf_get_cstring(buf, &pw->pw_passwd, NULL) != 0 || + sshbuf_get_u32(buf, &pw->pw_uid) != 0 || + sshbuf_get_u32(buf, &pw->pw_gid) != 0 || + sshbuf_get_u64(buf, &pw->pw_change) != 0 || +#ifdef HAVE_STRUCT_PASSWD_PW_GECOS + sshbuf_get_cstring(buf, &pw->pw_gecos, NULL) != 0 || +#endif +#ifdef HAVE_STRUCT_PASSWD_PW_CLASS + sshbuf_get_cstring(buf, &pw->pw_class, NULL) != 0 || +#endif + sshbuf_get_cstring(buf, &pw->pw_dir, NULL) != 0 || + sshbuf_get_cstring(buf, &pw->pw_shell, NULL) != 0 || + sshbuf_get_u64(buf, &pw->pw_expire) != 0 || + sshbuf_get_u32(buf, &pw->pw_fields) != 0) { + sshbuf_free_passwd(pw); + return NULL; + } + return pw; +} + +/* + * free struct passwd obtained from sshbuf_get_passwd. + */ +void +sshbuf_free_passwd(struct passwd *pwent) +{ + if (pwent == NULL) + return; + free(pwent->pw_shell); + free(pwent->pw_dir); +#ifdef HAVE_STRUCT_PASSWD_PW_CLASS + free(pwent->pw_class); +#endif +#ifdef HAVE_STRUCT_PASSWD_PW_GECOS + free(pwent->pw_gecos); +#endif + free(pwent->pw_passwd); + free(pwent->pw_name); + free(pwent); +} diff --git a/crypto/openssh/sshbuf.h b/crypto/openssh/sshbuf.h index a43598cac4de..1f6f5ead213f 100644 --- a/crypto/openssh/sshbuf.h +++ b/crypto/openssh/sshbuf.h @@ -21,6 +21,7 @@ #include #include #include +#include #ifdef WITH_OPENSSL # include # ifdef OPENSSL_HAS_ECC @@ -246,6 +247,21 @@ int sshbuf_b64tod(struct sshbuf *buf, const char *b64); */ char *sshbuf_dup_string(struct sshbuf *buf); +/* + * store struct pwd + */ +int sshbuf_put_passwd(struct sshbuf *buf, const struct passwd *pwent); + +/* + * extract struct pwd + */ +struct passwd *sshbuf_get_passwd(struct sshbuf *buf); + +/* + * free struct passwd obtained from sshbuf_get_passwd. + */ +void sshbuf_free_passwd(struct passwd *pwent); + /* Macros for decoding/encoding integers */ #define PEEK_U64(p) \ (((u_int64_t)(((const u_char *)(p))[0]) << 56) | \ diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index 8c23b1c92e90..04f875f092a2 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -2143,6 +2143,11 @@ main(int ac, char **av) */ remote_ip = ssh_remote_ipaddr(ssh); +#ifdef HAVE_LOGIN_CAP + /* Also caches remote hostname for sandboxed child. */ + auth_get_canonical_hostname(ssh, options.use_dns); +#endif + #ifdef SSH_AUDIT_EVENTS audit_connection_from(remote_ip, remote_port); #endif diff --git a/lib/libc/amd64/string/memset.S b/lib/libc/amd64/string/memset.S index 06c9869c2d6c..b2a871b0038e 100644 --- a/lib/libc/amd64/string/memset.S +++ b/lib/libc/amd64/string/memset.S @@ -31,7 +31,7 @@ #include __FBSDID("$FreeBSD$"); -.macro MEMSET bzero +.macro MEMSET bzero erms .if \bzero == 1 movq %rsi,%rcx movq %rsi,%rdx @@ -43,21 +43,75 @@ __FBSDID("$FreeBSD$"); movabs $0x0101010101010101,%rax imulq %r8,%rax .endif - cmpq $15,%rcx - jbe 1f - shrq $3,%rcx - rep - stosq - movq %rdx,%rcx - andq $7,%rcx - jne 1f + + cmpq $32,%rcx + jb 1016f + + cmpq $256,%rcx + ja 1256f + +1032: + movq %rax,(%rdi) + movq %rax,8(%rdi) + movq %rax,16(%rdi) + movq %rax,24(%rdi) + leaq 32(%rdi),%rdi + subq $32,%rcx + cmpq $32,%rcx + jae 1032b + cmpb $0,%cl + je 1000f +1016: + cmpb $16,%cl + jl 1008f + movq %rax,(%rdi) + movq %rax,8(%rdi) + subb $16,%cl + jz 1000f + leaq 16(%rdi),%rdi +1008: + cmpb $8,%cl + jl 1004f + movq %rax,(%rdi) + subb $8,%cl + jz 1000f + leaq 8(%rdi),%rdi +1004: + cmpb $4,%cl + jl 1002f + movl %eax,(%rdi) + subb $4,%cl + jz 1000f + leaq 4(%rdi),%rdi +1002: + cmpb $2,%cl + jl 1001f + movw %ax,(%rdi) + subb $2,%cl + jz 1000f + leaq 2(%rdi),%rdi +1001: + cmpb $1,%cl + jl 1000f + movb %al,(%rdi) +1000: .if \bzero == 0 movq %r9,%rax .endif ret -1: + +1256: +.if \erms == 1 rep stosb +.else + shrq $3,%rcx + rep + stosq + movq %rdx,%rcx + andb $7,%cl + jne 1004b +.endif .if \bzero == 0 movq %r9,%rax .endif @@ -66,11 +120,11 @@ __FBSDID("$FreeBSD$"); #ifndef BZERO ENTRY(memset) - MEMSET bzero=0 + MEMSET bzero=0 erms=0 END(memset) #else ENTRY(bzero) - MEMSET bzero=1 + MEMSET bzero=1 erms=0 END(bzero) #endif diff --git a/sbin/init/rc.conf b/sbin/init/rc.conf index ff69cc04f67d..3acc6743ec5a 100644 --- a/sbin/init/rc.conf +++ b/sbin/init/rc.conf @@ -163,7 +163,7 @@ firewall_simple_onet="192.0.2.0/28" # Outside network address for "simple" # firewall. #firewall_simple_onet_ipv6="2001:db8:2:0::/56" # Outside IPv6 network prefix # for "simple" firewall. -firewall_myservices="" # List of TCP ports on which this host +firewall_myservices="" # List of ports/protocols on which this host # offers services for "workstation" firewall. firewall_allowservices="" # List of IPs which have access to # $firewall_myservices for "workstation" diff --git a/stand/defaults/loader.conf b/stand/defaults/loader.conf index 9fe7ecbf1a93..89a86075f3dc 100644 --- a/stand/defaults/loader.conf +++ b/stand/defaults/loader.conf @@ -97,6 +97,7 @@ efi_max_resolution="1x1" # Set the max resolution for EFI loader to use: #console="vidconsole" # A comma separated list of console(s) #currdev="disk1s1a" # Set the current device module_path="/boot/modules;/boot/dtb;/boot/dtb/overlays" # Set the module search path +module_blacklist="drm drm2 radeonkms i915kms amdgpu" # Loader module blacklist #prompt="\\${interpret}" # Set the command prompt #root_disk_unit="0" # Force the root disk unit number #rootdev="disk1s1a" # Set the root filesystem diff --git a/stand/defaults/loader.conf.5 b/stand/defaults/loader.conf.5 index d46736223e1c..cd504cb48851 100644 --- a/stand/defaults/loader.conf.5 +++ b/stand/defaults/loader.conf.5 @@ -23,7 +23,7 @@ .\" SUCH DAMAGE. .\" .\" $FreeBSD$ -.Dd August 28, 2018 +.Dd October 6, 2018 .Dt LOADER.CONF 5 .Os .Sh NAME @@ -147,6 +147,15 @@ If a password is set, the user must provide specified password to boot. If set to .Dq YES , module names will be displayed as they are loaded. +.It Ar module_blacklist +Blacklist of modules. +Modules specified in the blacklist may not be loaded automatically with a +.Ar *_load +directive, but they may be loaded directly at the +.Xr loader 8 +prompt. +Blacklisted modules may still be loaded indirectly as dependencies of other +moduled. .It Ar *_load If set to .Dq YES , diff --git a/stand/lua/config.lua b/stand/lua/config.lua index b3cce8b4acfc..49d4cbea185c 100644 --- a/stand/lua/config.lua +++ b/stand/lua/config.lua @@ -54,6 +54,7 @@ local MSG_XENKERNFAIL = "Failed to load Xen kernel '%s'" local MSG_XENKERNLOADING = "Loading Xen kernel..." local MSG_KERNLOADING = "Loading kernel..." local MSG_MODLOADING = "Loading configured modules..." +local MSG_MODBLACKLIST = "Not loading blacklisted module '%s'" local MSG_MODLOADFAIL = "Could not load one or more modules!" local MODULEEXPR = '([%w-_]+)' @@ -265,20 +266,37 @@ local function isValidComment(line) return true end +local function getBlacklist() + local blacklist_str = loader.getenv('module_blacklist') + if blacklist_str == nil then + return nil + end + + local blacklist = {} + for mod in blacklist_str:gmatch("[;, ]?([%w-_]+)[;, ]?") do + blacklist[mod] = true + end + return blacklist +end + local function loadModule(mod, silent) local status = true + local blacklist = getBlacklist() local pstatus for k, v in pairs(mod) do if v.load ~= nil and v.load:lower() == "yes" then + local module_name = v.name or k + if blacklist[module_name] ~= nil then + if not silent then + print(MSG_MODBLACKLIST:format(module_name)) + end + goto continue + end local str = "load " if v.type ~= nil then str = str .. "-t " .. v.type .. " " end - if v.name ~= nil then - str = str .. v.name - else - str = str .. k - end + str = str .. module_name if v.flags ~= nil then str = str .. " " .. v.flags end @@ -309,6 +327,7 @@ local function loadModule(mod, silent) end end + ::continue:: end return status diff --git a/stand/lua/core.lua b/stand/lua/core.lua index 3c4fece1e226..ca7cd5f253dd 100644 --- a/stand/lua/core.lua +++ b/stand/lua/core.lua @@ -34,6 +34,10 @@ local hook = require("hook") local core = {} +local default_safe_mode = false +local default_single_user = false +local default_verbose = false + local function composeLoaderCmd(cmd_name, argstr) if argstr ~= nil then cmd_name = cmd_name .. " " .. argstr @@ -41,6 +45,26 @@ local function composeLoaderCmd(cmd_name, argstr) return cmd_name end +local function recordDefaults() + -- On i386, hint.acpi.0.rsdp will be set before we're loaded. On !i386, + -- it will generally be set upon execution of the kernel. Because of + -- this, we can't (or don't really want to) detect/disable ACPI on !i386 + -- reliably. Just set it enabled if we detect it and leave well enough + -- alone if we don't. + local boot_acpi = core.isSystem386() and core.getACPIPresent(false) + local boot_single = loader.getenv("boot_single") or "no" + local boot_verbose = loader.getenv("boot_verbose") or "no" + default_single_user = boot_single:lower() ~= "no" + default_verbose = boot_verbose:lower() ~= "no" + + if boot_acpi then + core.setACPI(true) + end + core.setSingleUser(default_single_user) + core.setVerbose(default_verbose) +end + + -- Globals -- try_include will return the loaded module on success, or nil on failure. -- A message will also be printed on failure, with one exception: non-verbose @@ -268,9 +292,9 @@ end function core.setDefaults() core.setACPI(core.getACPIPresent(true)) - core.setSafeMode(false) - core.setSingleUser(false) - core.setVerbose(false) + core.setSafeMode(default_safe_mode) + core.setSingleUser(default_single_user) + core.setVerbose(default_verbose) end function core.autoboot(argstr) @@ -367,13 +391,6 @@ function core.popFrontTable(tbl) return first_value, new_tbl end --- On i386, hint.acpi.0.rsdp will be set before we're loaded. On !i386, it will --- generally be set upon execution of the kernel. Because of this, we can't (or --- don't really want to) detect/disable ACPI on !i386 reliably. Just set it --- enabled if we detect it and leave well enough alone if we don't. -if core.isSystem386() and core.getACPIPresent(false) then - core.setACPI(true) -end - +recordDefaults() hook.register("config.reloaded", core.clearCachedKernels) return core diff --git a/sys/amd64/conf/GENERIC b/sys/amd64/conf/GENERIC index f2d4d0d37222..da3d200fcec7 100644 --- a/sys/amd64/conf/GENERIC +++ b/sys/amd64/conf/GENERIC @@ -52,7 +52,6 @@ options MSDOSFS # MSDOS Filesystem options CD9660 # ISO 9660 Filesystem options PROCFS # Process filesystem (requires PSEUDOFS) options PSEUDOFS # Pseudo-filesystem framework -options GEOM_PART_GPT # GUID Partition Tables. options GEOM_RAID # Soft RAID functionality. options GEOM_LABEL # Provides labelization options EFIRT # EFI Runtime Services support diff --git a/sys/amd64/conf/GENERIC-MMCCAM b/sys/amd64/conf/GENERIC-MMCCAM index 09343ade072a..19dc27b95e3d 100644 --- a/sys/amd64/conf/GENERIC-MMCCAM +++ b/sys/amd64/conf/GENERIC-MMCCAM @@ -7,7 +7,6 @@ include MINIMAL ident GENERIC-MMCCAM # Access GPT-formatted and labeled root volume -options GEOM_PART_GPT options GEOM_LABEL # UART -- for bhyve console diff --git a/sys/arm64/conf/GENERIC b/sys/arm64/conf/GENERIC index f753f8d1f9c3..92e7c9347ac2 100644 --- a/sys/arm64/conf/GENERIC +++ b/sys/arm64/conf/GENERIC @@ -50,7 +50,6 @@ options MSDOSFS # MSDOS Filesystem options CD9660 # ISO 9660 Filesystem options PROCFS # Process filesystem (requires PSEUDOFS) options PSEUDOFS # Pseudo-filesystem framework -options GEOM_PART_GPT # GUID Partition Tables. options GEOM_RAID # Soft RAID functionality. options GEOM_LABEL # Provides labelization options COMPAT_FREEBSD32 # Incomplete, but used by cloudabi32.ko. diff --git a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dsl_scan.c b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dsl_scan.c index 542cfe7b465c..a32df14e7507 100644 --- a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dsl_scan.c +++ b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dsl_scan.c @@ -2964,6 +2964,8 @@ dsl_scan_need_resilver(spa_t *spa, const dva_t *dva, size_t psize, { vdev_t *vd; + vd = vdev_lookup_top(spa, DVA_GET_VDEV(dva)); + if (vd->vdev_ops == &vdev_indirect_ops) { /* * The indirect vdev can point to multiple @@ -2974,6 +2976,7 @@ dsl_scan_need_resilver(spa_t *spa, const dva_t *dva, size_t psize, */ return (B_TRUE); } + if (DVA_GET_GANG(dva)) { /* * Gang members may be spread across multiple @@ -2986,8 +2989,6 @@ dsl_scan_need_resilver(spa_t *spa, const dva_t *dva, size_t psize, return (B_TRUE); } - vd = vdev_lookup_top(spa, DVA_GET_VDEV(dva)); - /* * Check if the txg falls within the range which must be * resilvered. DVAs outside this range can always be skipped. diff --git a/sys/dev/e1000/if_em.c b/sys/dev/e1000/if_em.c index 93714cd10710..5ebc3cad4ca3 100644 --- a/sys/dev/e1000/if_em.c +++ b/sys/dev/e1000/if_em.c @@ -1804,13 +1804,11 @@ em_if_update_admin_status(if_ctx_t ctx) } iflib_link_state_change(ctx, LINK_STATE_UP, IF_Mbps(adapter->link_speed)); - printf("Link state changed to up\n"); } else if (!link_check && (adapter->link_active == 1)) { adapter->link_speed = 0; adapter->link_duplex = 0; adapter->link_active = 0; iflib_link_state_change(ctx, LINK_STATE_DOWN, 0); - printf("Link state changed to down\n"); } em_update_stats_counters(adapter); diff --git a/sys/dev/e1000/igb_txrx.c b/sys/dev/e1000/igb_txrx.c index c9a87ece0229..802bd114c878 100644 --- a/sys/dev/e1000/igb_txrx.c +++ b/sys/dev/e1000/igb_txrx.c @@ -152,7 +152,6 @@ igb_tx_ctx_setup(struct tx_ring *txr, if_pkt_info_t pi, u32 *cmd_type_len, u32 * u32 vlan_macip_lens, type_tucmd_mlhl; u32 mss_l4len_idx; mss_l4len_idx = vlan_macip_lens = type_tucmd_mlhl = 0; - int offload = TRUE; /* First check if TSO is to be used */ if (pi->ipi_csum_flags & CSUM_TSO) @@ -186,7 +185,6 @@ igb_tx_ctx_setup(struct tx_ring *txr, if_pkt_info_t pi, u32 *cmd_type_len, u32 * type_tucmd_mlhl |= E1000_ADVTXD_TUCMD_IPV6; break; default: - offload = FALSE; break; } @@ -195,25 +193,27 @@ igb_tx_ctx_setup(struct tx_ring *txr, if_pkt_info_t pi, u32 *cmd_type_len, u32 * switch (pi->ipi_ipproto) { case IPPROTO_TCP: - if (pi->ipi_csum_flags & (CSUM_IP_TCP | CSUM_IP6_TCP)) + if (pi->ipi_csum_flags & (CSUM_IP_TCP | CSUM_IP6_TCP)) { type_tucmd_mlhl |= E1000_ADVTXD_TUCMD_L4T_TCP; + *olinfo_status |= E1000_TXD_POPTS_TXSM << 8; + } break; case IPPROTO_UDP: - if (pi->ipi_csum_flags & (CSUM_IP_UDP | CSUM_IP6_UDP)) + if (pi->ipi_csum_flags & (CSUM_IP_UDP | CSUM_IP6_UDP)) { type_tucmd_mlhl |= E1000_ADVTXD_TUCMD_L4T_UDP; + *olinfo_status |= E1000_TXD_POPTS_TXSM << 8; + } break; case IPPROTO_SCTP: - if (pi->ipi_csum_flags & (CSUM_IP_SCTP | CSUM_IP6_SCTP)) + if (pi->ipi_csum_flags & (CSUM_IP_SCTP | CSUM_IP6_SCTP)) { type_tucmd_mlhl |= E1000_ADVTXD_TUCMD_L4T_SCTP; + *olinfo_status |= E1000_TXD_POPTS_TXSM << 8; + } break; default: - offload = FALSE; break; } - if (offload) /* For the TX descriptor setup */ - *olinfo_status |= E1000_TXD_POPTS_TXSM << 8; - /* 82575 needs the queue index added */ if (adapter->hw.mac.type == e1000_82575) mss_l4len_idx = txr->me << 4; diff --git a/sys/dev/mlx4/mlx4_en/mlx4_en_netdev.c b/sys/dev/mlx4/mlx4_en/mlx4_en_netdev.c index b378f5d9febf..ca7e0d74e59f 100644 --- a/sys/dev/mlx4/mlx4_en/mlx4_en_netdev.c +++ b/sys/dev/mlx4/mlx4_en/mlx4_en_netdev.c @@ -905,28 +905,6 @@ static void mlx4_en_do_multicast(struct mlx4_en_priv *priv, priv->flags &= ~MLX4_EN_FLAG_MC_PROMISC; } - /* Update unicast list */ - mlx4_en_cache_uclist(dev); - - update_addr_list_flags(priv, &priv->curr_uc_list, &priv->uc_list); - - list_for_each_entry_safe(addr_list, tmp, &priv->curr_uc_list, list) { - if (addr_list->action == MLX4_ADDR_LIST_REM) { - mlx4_en_uc_steer_release(priv, addr_list->addr, - priv->rss_map.indir_qp.qpn, - addr_list->reg_id); - /* remove from list */ - list_del(&addr_list->list); - kfree(addr_list); - } else if (addr_list->action == MLX4_ADDR_LIST_ADD) { - err = mlx4_en_uc_steer_add(priv, addr_list->addr, - &priv->rss_map.indir_qp.qpn, - &addr_list->reg_id); - if (err) - en_err(priv, "Fail to add unicast address\n"); - } - } - err = mlx4_SET_MCAST_FLTR(mdev->dev, priv->port, 0, 0, MLX4_MCAST_DISABLE); if (err) @@ -996,6 +974,36 @@ static void mlx4_en_do_multicast(struct mlx4_en_priv *priv, } } +static void mlx4_en_do_unicast(struct mlx4_en_priv *priv, + struct net_device *dev, + struct mlx4_en_dev *mdev) +{ + struct mlx4_en_addr_list *addr_list, *tmp; + int err; + + /* Update unicast list */ + mlx4_en_cache_uclist(dev); + + update_addr_list_flags(priv, &priv->curr_uc_list, &priv->uc_list); + + list_for_each_entry_safe(addr_list, tmp, &priv->curr_uc_list, list) { + if (addr_list->action == MLX4_ADDR_LIST_REM) { + mlx4_en_uc_steer_release(priv, addr_list->addr, + priv->rss_map.indir_qp.qpn, + addr_list->reg_id); + /* remove from list */ + list_del(&addr_list->list); + kfree(addr_list); + } else if (addr_list->action == MLX4_ADDR_LIST_ADD) { + err = mlx4_en_uc_steer_add(priv, addr_list->addr, + &priv->rss_map.indir_qp.qpn, + &addr_list->reg_id); + if (err) + en_err(priv, "Fail to add unicast address\n"); + } + } +} + static void mlx4_en_do_set_rx_mode(struct work_struct *work) { struct mlx4_en_priv *priv = container_of(work, struct mlx4_en_priv, @@ -1026,17 +1034,19 @@ static void mlx4_en_do_set_rx_mode(struct work_struct *work) } } + /* Set unicast rules */ + mlx4_en_do_unicast(priv, dev, mdev); + /* Promsicuous mode: disable all filters */ if ((dev->if_flags & IFF_PROMISC) || (priv->flags & MLX4_EN_FLAG_FORCE_PROMISC)) { mlx4_en_set_promisc_mode(priv, mdev); - goto out; + } else if (priv->flags & MLX4_EN_FLAG_PROMISC) { + /* Not in promiscuous mode */ + mlx4_en_clear_promisc_mode(priv, mdev); } - /* Not in promiscuous mode */ - if (priv->flags & MLX4_EN_FLAG_PROMISC) - mlx4_en_clear_promisc_mode(priv, mdev); - + /* Set multicast rules */ mlx4_en_do_multicast(priv, dev, mdev); out: mutex_unlock(&mdev->state_lock); diff --git a/sys/i386/conf/GENERIC b/sys/i386/conf/GENERIC index 16e68d26ec0b..a33fc2d690c9 100644 --- a/sys/i386/conf/GENERIC +++ b/sys/i386/conf/GENERIC @@ -51,7 +51,6 @@ options MSDOSFS # MSDOS Filesystem options CD9660 # ISO 9660 Filesystem options PROCFS # Process filesystem (requires PSEUDOFS) options PSEUDOFS # Pseudo-filesystem framework -options GEOM_PART_GPT # GUID Partition Tables. options GEOM_RAID # Soft RAID functionality. options GEOM_LABEL # Provides labelization options COMPAT_FREEBSD4 # Compatible with FreeBSD4 diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index bd72c90f4a49..7181fdfba189 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -1393,11 +1393,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, int flags) * there is a duplicate on a jail with more than one * IP stop checking and return error. */ - tppr = ppr; #ifdef VIMAGE - for (; tppr != &prison0; tppr = tppr->pr_parent) + for (tppr = ppr; tppr != &prison0; tppr = tppr->pr_parent) if (tppr->pr_flags & PR_VNET) break; +#else + tppr = &prison0; #endif FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) { if (tpr == pr || @@ -1460,11 +1461,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, int flags) } } /* Check for conflicting IP addresses. */ - tppr = ppr; #ifdef VIMAGE - for (; tppr != &prison0; tppr = tppr->pr_parent) + for (tppr = ppr; tppr != &prison0; tppr = tppr->pr_parent) if (tppr->pr_flags & PR_VNET) break; +#else + tppr = &prison0; #endif FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) { if (tpr == pr || diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index a08806a686bd..18c942a5165e 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -262,11 +262,12 @@ ip_output(struct mbuf *m, struct mbuf *opt, struct route *ro, int flags, ip->ip_v = IPVERSION; ip->ip_hl = hlen >> 2; ip_fillid(ip); - IPSTAT_INC(ips_localout); } else { /* Header already set, fetch hlen from there */ hlen = ip->ip_hl << 2; } + if ((flags & IP_FORWARDING) == 0) + IPSTAT_INC(ips_localout); /* * dst/gw handling: diff --git a/sys/netinet/sctp_output.c b/sys/netinet/sctp_output.c index 34e91d8b0af6..ddf5a4ddfd27 100644 --- a/sys/netinet/sctp_output.c +++ b/sys/netinet/sctp_output.c @@ -4983,7 +4983,6 @@ sctp_arethere_unrecognized_parameters(struct mbuf *in_initpkt, struct sctp_paramhdr *phdr, params; struct mbuf *mat, *op_err; - char tempbuf[SCTP_PARAM_BUFFER_SIZE]; int at, limit, pad_needed; uint16_t ptype, plen, padded_size; int err_at; @@ -5123,15 +5122,13 @@ sctp_arethere_unrecognized_parameters(struct mbuf *in_initpkt, l_len = SCTP_MIN_V4_OVERHEAD; #endif l_len += sizeof(struct sctp_chunkhdr); - l_len += plen; - l_len += sizeof(struct sctp_paramhdr); + l_len += sizeof(struct sctp_gen_error_cause); op_err = sctp_get_mbuf_for_msg(l_len, 0, M_NOWAIT, 1, MT_DATA); if (op_err) { SCTP_BUF_LEN(op_err) = 0; /* - * pre-reserve space for ip - * and sctp header and - * chunk hdr + * Pre-reserve space for IP, + * SCTP, and chunk header. */ #ifdef INET6 SCTP_BUF_RESV_UF(op_err, sizeof(struct ip6_hdr)); @@ -5144,7 +5141,7 @@ sctp_arethere_unrecognized_parameters(struct mbuf *in_initpkt, } if (op_err) { /* If we have space */ - struct sctp_paramhdr s; + struct sctp_gen_error_cause cause; if (err_at % 4) { uint32_t cpthis = 0; @@ -5153,26 +5150,15 @@ sctp_arethere_unrecognized_parameters(struct mbuf *in_initpkt, m_copyback(op_err, err_at, pad_needed, (caddr_t)&cpthis); err_at += pad_needed; } - s.param_type = htons(SCTP_CAUSE_UNRESOLVABLE_ADDR); - s.param_length = htons(sizeof(s) + plen); - m_copyback(op_err, err_at, sizeof(s), (caddr_t)&s); - err_at += sizeof(s); - if (plen > sizeof(tempbuf)) { - plen = sizeof(tempbuf); - } - phdr = sctp_get_next_param(mat, at, (struct sctp_paramhdr *)tempbuf, plen); - if (phdr == NULL) { + cause.code = htons(SCTP_CAUSE_UNRESOLVABLE_ADDR); + cause.length = htons((uint16_t)(sizeof(struct sctp_gen_error_cause) + plen)); + m_copyback(op_err, err_at, sizeof(struct sctp_gen_error_cause), (caddr_t)&cause); + err_at += sizeof(struct sctp_gen_error_cause); + SCTP_BUF_NEXT(op_err) = SCTP_M_COPYM(mat, at, plen, M_NOWAIT); + if (SCTP_BUF_NEXT(op_err) == NULL) { sctp_m_freem(op_err); - /* - * we are out of memory but - * we still need to have a - * look at what to do (the - * system is in trouble - * though). - */ return (NULL); } - m_copyback(op_err, err_at, plen, (caddr_t)phdr); } return (op_err); break; @@ -5196,7 +5182,6 @@ sctp_arethere_unrecognized_parameters(struct mbuf *in_initpkt, l_len = SCTP_MIN_V4_OVERHEAD; #endif l_len += sizeof(struct sctp_chunkhdr); - l_len += plen; l_len += sizeof(struct sctp_paramhdr); op_err = sctp_get_mbuf_for_msg(l_len, 0, M_NOWAIT, 1, MT_DATA); if (op_err) { @@ -5222,14 +5207,11 @@ sctp_arethere_unrecognized_parameters(struct mbuf *in_initpkt, err_at += pad_needed; } s.param_type = htons(SCTP_UNRECOG_PARAM); - s.param_length = htons(sizeof(s) + plen); - m_copyback(op_err, err_at, sizeof(s), (caddr_t)&s); - err_at += sizeof(s); - if (plen > sizeof(tempbuf)) { - plen = sizeof(tempbuf); - } - phdr = sctp_get_next_param(mat, at, (struct sctp_paramhdr *)tempbuf, plen); - if (phdr == NULL) { + s.param_length = htons((uint16_t)sizeof(struct sctp_paramhdr) + plen); + m_copyback(op_err, err_at, sizeof(struct sctp_paramhdr), (caddr_t)&s); + err_at += sizeof(struct sctp_paramhdr); + SCTP_BUF_NEXT(op_err) = SCTP_M_COPYM(mat, at, plen, M_NOWAIT); + if (SCTP_BUF_NEXT(op_err) == NULL) { sctp_m_freem(op_err); /* * we are out of memory but @@ -5241,7 +5223,6 @@ sctp_arethere_unrecognized_parameters(struct mbuf *in_initpkt, op_err = NULL; goto more_processing; } - m_copyback(op_err, err_at, plen, (caddr_t)phdr); err_at += plen; } } diff --git a/sys/powerpc/conf/GENERIC b/sys/powerpc/conf/GENERIC index e651b00d7080..820bee6c32ee 100644 --- a/sys/powerpc/conf/GENERIC +++ b/sys/powerpc/conf/GENERIC @@ -41,6 +41,7 @@ options INET6 #IPv6 communications protocols options IPSEC # IP (v4/v6) security options IPSEC_SUPPORT # Allow kldload of ipsec and tcpmd5 options TCP_HHOOK # hhook(9) framework for TCP +options TCP_RFC7413 # TCP Fast Open options SCTP #Stream Control Transmission Protocol options FFS #Berkeley Fast Filesystem options SOFTUPDATES #Enable FFS soft updates support diff --git a/sys/powerpc/conf/GENERIC64 b/sys/powerpc/conf/GENERIC64 index 5913100d037a..5411ac9acc1e 100644 --- a/sys/powerpc/conf/GENERIC64 +++ b/sys/powerpc/conf/GENERIC64 @@ -40,6 +40,7 @@ options VIMAGE # Subsystem virtualization, e.g. VNET options INET #InterNETworking options INET6 #IPv6 communications protocols options TCP_HHOOK # hhook(9) framework for TCP +options TCP_RFC7413 # TCP Fast Open options SCTP #Stream Control Transmission Protocol options FFS #Berkeley Fast Filesystem options SOFTUPDATES #Enable FFS soft updates support diff --git a/sys/powerpc/powernv/opal_pci.c b/sys/powerpc/powernv/opal_pci.c index bd8a98612adf..19a6905c396e 100644 --- a/sys/powerpc/powernv/opal_pci.c +++ b/sys/powerpc/powernv/opal_pci.c @@ -95,8 +95,6 @@ static int opalpci_route_interrupt(device_t bus, device_t dev, int pin); */ static void opalpic_pic_enable(device_t dev, u_int irq, u_int vector); static void opalpic_pic_eoi(device_t dev, u_int irq); -static void opalpic_pic_mask(device_t dev, u_int irq); -static void opalpic_pic_unmask(device_t dev, u_int irq); /* * Commands @@ -143,8 +141,6 @@ static device_method_t opalpci_methods[] = { /* PIC interface for MSIs */ DEVMETHOD(pic_enable, opalpic_pic_enable), DEVMETHOD(pic_eoi, opalpic_pic_eoi), - DEVMETHOD(pic_mask, opalpic_pic_mask), - DEVMETHOD(pic_unmask, opalpic_pic_unmask), DEVMETHOD_END }; @@ -650,7 +646,10 @@ opalpci_map_msi(device_t dev, device_t child, int irq, uint64_t *addr, static void opalpic_pic_enable(device_t dev, u_int irq, u_int vector) { + struct opalpci_softc *sc = device_get_softc(dev); + PIC_ENABLE(root_pic, irq, vector); + opal_call(OPAL_PCI_MSI_EOI, sc->phb_id, irq); } static void opalpic_pic_eoi(device_t dev, u_int irq) @@ -662,21 +661,3 @@ static void opalpic_pic_eoi(device_t dev, u_int irq) PIC_EOI(root_pic, irq); } - -static void opalpic_pic_mask(device_t dev, u_int irq) -{ - PIC_MASK(root_pic, irq); -} - -static void opalpic_pic_unmask(device_t dev, u_int irq) -{ - struct opalpci_softc *sc; - - sc = device_get_softc(dev); - - PIC_UNMASK(root_pic, irq); - - opal_call(OPAL_PCI_MSI_EOI, sc->phb_id, irq); -} - - diff --git a/sys/powerpc/pseries/xics.c b/sys/powerpc/pseries/xics.c index 802f0e8e4b6a..f8d24854fe80 100644 --- a/sys/powerpc/pseries/xics.c +++ b/sys/powerpc/pseries/xics.c @@ -381,17 +381,9 @@ xicp_dispatch(device_t dev, struct trapframe *tf) } xirr &= 0x00ffffff; - if (xirr == 0) { /* No more pending interrupts? */ - if (regs) - bus_write_1(regs, 4, 0xff); -#ifdef POWERNV - else if (sc->xics_emu) - opal_call(OPAL_INT_SET_CPPR, 0xff); -#endif - else - phyp_hcall(H_CPPR, (uint64_t)0xff); + if (xirr == 0) /* No more pending interrupts? */ break; - } + if (xirr == XICP_IPI) { /* Magic number for IPIs */ xirr = MAX_XICP_IRQS; /* Map to FreeBSD magic */ @@ -471,7 +463,7 @@ xicp_eoi(device_t dev, u_int irq) if (irq == MAX_XICP_IRQS) /* Remap IPI interrupt to internal value */ irq = XICP_IPI; - xirr = irq | (XICP_PRIORITY << 24); + xirr = irq | (0xff << 24); #ifdef POWERNV if (mfmsr() & PSL_HV) { diff --git a/usr.bin/truss/syscalls.c b/usr.bin/truss/syscalls.c index 1df36775abbe..d69aefd8316f 100644 --- a/usr.bin/truss/syscalls.c +++ b/usr.bin/truss/syscalls.c @@ -461,6 +461,10 @@ static struct syscall decoded_syscalls[] = { { .name = "setsockopt", .ret_type = 1, .nargs = 5, .args = { { Int, 0 }, { Sockoptlevel, 1 }, { Sockoptname, 2 }, { Ptr | IN, 3 }, { Socklent, 4 } } }, + { .name = "shm_open", .ret_type = 1, .nargs = 3, + .args = { { Name | IN, 0 }, { Open, 1 }, { Octal, 2 } } }, + { .name = "shm_unlink", .ret_type = 1, .nargs = 1, + .args = { { Name | IN, 0 } } }, { .name = "shutdown", .ret_type = 1, .nargs = 2, .args = { { Int, 0 }, { Shutdown, 1 } } }, { .name = "sigaction", .ret_type = 1, .nargs = 3,