From owner-svn-src-stable-8@FreeBSD.ORG Tue Apr 7 18:10:59 2015 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 816FF3F4; Tue, 7 Apr 2015 18:10:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6B9BCC8C; Tue, 7 Apr 2015 18:10:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t37IAxaC067647; Tue, 7 Apr 2015 18:10:59 GMT (envelope-from davidcs@FreeBSD.org) Received: (from davidcs@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t37IAxvp067646; Tue, 7 Apr 2015 18:10:59 GMT (envelope-from davidcs@FreeBSD.org) Message-Id: <201504071810.t37IAxvp067646@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: davidcs set sender to davidcs@FreeBSD.org using -f From: David C Somayajulu Date: Tue, 7 Apr 2015 18:10:59 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r281218 - stable/8/sys/dev/bxe X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Apr 2015 18:10:59 -0000 Author: davidcs Date: Tue Apr 7 18:10:58 2015 New Revision: 281218 URL: https://svnweb.freebsd.org/changeset/base/281218 Log: MFC r281006 When an mbuf allocation fails in the receive path, the mbuf containing the received packet is not sent to the host network stack and is reused again on the receive ring. Remaining received packets in the ring are not processed in that invocation of bxe_rxeof() and defered to the task thread Modified: stable/8/sys/dev/bxe/bxe.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/dev/ (props changed) Modified: stable/8/sys/dev/bxe/bxe.c ============================================================================== --- stable/8/sys/dev/bxe/bxe.c Tue Apr 7 18:07:16 2015 (r281217) +++ stable/8/sys/dev/bxe/bxe.c Tue Apr 7 18:10:58 2015 (r281218) @@ -3257,7 +3257,7 @@ bxe_rxeof(struct bxe_softc *sc, uint16_t bd_cons, bd_prod, bd_prod_fw, comp_ring_cons; uint16_t hw_cq_cons, sw_cq_cons, sw_cq_prod; int rx_pkts = 0; - int rc; + int rc = 0; BXE_FP_RX_LOCK(fp); @@ -3399,6 +3399,10 @@ bxe_rxeof(struct bxe_softc *sc, (sc->max_rx_bufs != RX_BD_USABLE) ? bd_prod : bd_cons); if (rc != 0) { + + /* we simply reuse the received mbuf and don't post it to the stack */ + m = NULL; + BLOGE(sc, "mbuf alloc fail for fp[%02d] rx chain (%d)\n", fp->index, rc); fp->eth_q_stats.rx_soft_errors++; @@ -3487,6 +3491,9 @@ next_cqe: sw_cq_cons = RCQ_NEXT(sw_cq_cons); /* limit spinning on the queue */ + if (rc != 0) + break; + if (rx_pkts == sc->rx_budget) { fp->eth_q_stats.rx_budget_reached++; break; From owner-svn-src-stable-8@FreeBSD.ORG Tue Apr 7 20:20:48 2015 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 94A21407; Tue, 7 Apr 2015 20:20:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7CE77E04; Tue, 7 Apr 2015 20:20:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t37KKmk1032144; Tue, 7 Apr 2015 20:20:48 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t37KKl5Q032136; Tue, 7 Apr 2015 20:20:47 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201504072020.t37KKl5Q032136@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Tue, 7 Apr 2015 20:20:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r281231 - in stable: 8/contrib/ntp/ntpd 8/sys/netinet 8/sys/netinet6 9/contrib/ntp/ntpd 9/sys/netinet 9/sys/netinet6 X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Apr 2015 20:20:48 -0000 Author: delphij Date: Tue Apr 7 20:20:44 2015 New Revision: 281231 URL: https://svnweb.freebsd.org/changeset/base/281231 Log: Improve patch for SA-15:04.igmp to solve a potential buffer overflow. Fix multiple vulnerabilities of ntp. [SA-15:07] Fix Denial of Service with IPv6 Router Advertisements. [SA-15:09] Modified: stable/8/contrib/ntp/ntpd/ntp_crypto.c stable/8/contrib/ntp/ntpd/ntp_proto.c stable/8/sys/netinet/igmp.c stable/8/sys/netinet6/nd6_rtr.c Changes in other areas also in this revision: Modified: stable/9/contrib/ntp/ntpd/ntp_crypto.c stable/9/contrib/ntp/ntpd/ntp_proto.c stable/9/sys/netinet/igmp.c stable/9/sys/netinet6/nd6_rtr.c Modified: stable/8/contrib/ntp/ntpd/ntp_crypto.c ============================================================================== --- stable/8/contrib/ntp/ntpd/ntp_crypto.c Tue Apr 7 20:20:24 2015 (r281230) +++ stable/8/contrib/ntp/ntpd/ntp_crypto.c Tue Apr 7 20:20:44 2015 (r281231) @@ -93,6 +93,7 @@ #define TAI_1972 10 /* initial TAI offset (s) */ #define MAX_LEAP 100 /* max UTC leapseconds (s) */ #define VALUE_LEN (6 * 4) /* min response field length */ +#define MAX_VALLEN (65535 - VALUE_LEN) #define YEAR (60 * 60 * 24 * 365) /* seconds in year */ /* @@ -137,8 +138,8 @@ static u_int ident_scheme = 0; /* server */ static int crypto_verify P((struct exten *, struct value *, struct peer *)); -static int crypto_encrypt P((struct exten *, struct value *, - keyid_t *)); +static int crypto_encrypt P((const u_char *, u_int, keyid_t *, + struct value *)); static int crypto_alice P((struct peer *, struct value *)); static int crypto_alice2 P((struct peer *, struct value *)); static int crypto_alice3 P((struct peer *, struct value *)); @@ -446,6 +447,12 @@ crypto_recv( tstamp = ntohl(ep->tstamp); fstamp = ntohl(ep->fstamp); vallen = ntohl(ep->vallen); + /* + * Bug 2761: I hope this isn't too early... + */ + if ( vallen == 0 + || len - VALUE_LEN < vallen) + return XEVNT_LEN; } switch (code) { @@ -488,7 +495,7 @@ crypto_recv( break; if (vallen == 0 || vallen > MAXHOSTNAME || - len < VALUE_LEN + vallen) { + len - VALUE_LEN < vallen) { rval = XEVNT_LEN; break; } @@ -1250,7 +1257,8 @@ crypto_xmit( vallen = ntohl(ep->vallen); if (vallen == 8) { strcpy(certname, sys_hostname); - } else if (vallen == 0 || vallen > MAXHOSTNAME) { + } else if (vallen == 0 || vallen > MAXHOSTNAME || + len - VALUE_LEN < vallen) { rval = XEVNT_LEN; break; @@ -1407,7 +1415,10 @@ crypto_xmit( * anything goes wrong. */ case CRYPTO_COOK | CRYPTO_RESP: - if ((opcode & 0xffff) < VALUE_LEN) { + vallen = ntohl(ep->vallen); /* Must be <64k */ + if ( vallen == 0 + || (vallen >= MAX_VALLEN) + || (opcode & 0x0000ffff) < VALUE_LEN + vallen) { rval = XEVNT_LEN; break; } @@ -1420,10 +1431,11 @@ crypto_xmit( } tcookie = peer->pcookie; } - if ((rval = crypto_encrypt(ep, &vtemp, &tcookie)) == - XEVNT_OK) + if ((rval = crypto_encrypt((const u_char *)ep->pkt, vallen, &tcookie, &vtemp)) + == XEVNT_OK) { len += crypto_send(fp, &vtemp); - value_free(&vtemp); + value_free(&vtemp); + } break; /* @@ -1558,10 +1570,15 @@ crypto_verify( * are rounded up to the next word. */ vallen = ntohl(ep->vallen); + if ( vallen == 0 + || vallen > MAX_VALLEN) + return (XEVNT_LEN); i = (vallen + 3) / 4; siglen = ntohl(ep->pkt[i++]); - if (len < VALUE_LEN + ((vallen + 3) / 4) * 4 + ((siglen + 3) / - 4) * 4) + if ( siglen > MAX_VALLEN + || len - VALUE_LEN < ((vallen + 3) / 4) * 4 + || len - VALUE_LEN - ((vallen + 3) / 4) * 4 + < ((siglen + 3) / 4) * 4) return (XEVNT_LEN); /* @@ -1627,6 +1644,7 @@ crypto_verify( * avoid doing the sign exchange. */ EVP_VerifyInit(&ctx, peer->digest); + /* XXX: the "+ 12" needs to be at least documented... */ EVP_VerifyUpdate(&ctx, (u_char *)&ep->tstamp, vallen + 12); if (EVP_VerifyFinal(&ctx, (u_char *)&ep->pkt[i], siglen, pkey) <= 0) return (XEVNT_SIG); @@ -1641,10 +1659,10 @@ crypto_verify( /* - * crypto_encrypt - construct encrypted cookie and signature from - * extension field and cookie + * crypto_encrypt - construct vp (encrypted cookie and signature) from + * the public key and cookie. * - * Returns + * Returns: * XEVNT_OK success * XEVNT_PUB bad or missing public key * XEVNT_CKY bad or missing cookie @@ -1652,24 +1670,21 @@ crypto_verify( */ static int crypto_encrypt( - struct exten *ep, /* extension pointer */ - struct value *vp, /* value pointer */ - keyid_t *cookie /* server cookie */ + const u_char *ptr, /* Public Key */ + u_int vallen, /* Length of Public Key */ + keyid_t *cookie, /* server cookie */ + struct value *vp /* value pointer */ ) { EVP_PKEY *pkey; /* public key */ EVP_MD_CTX ctx; /* signature context */ tstamp_t tstamp; /* NTP timestamp */ u_int32 temp32; - u_int len; - u_char *ptr; /* * Extract the public key from the request. */ - len = ntohl(ep->vallen); - ptr = (u_char *)ep->pkt; - pkey = d2i_PublicKey(EVP_PKEY_RSA, NULL, &ptr, len); + pkey = d2i_PublicKey(EVP_PKEY_RSA, NULL, &ptr, vallen); if (pkey == NULL) { msyslog(LOG_ERR, "crypto_encrypt %s\n", ERR_error_string(ERR_get_error(), NULL)); @@ -1683,9 +1698,9 @@ crypto_encrypt( memset(vp, 0, sizeof(struct value)); vp->tstamp = htonl(tstamp); vp->fstamp = hostval.tstamp; - len = EVP_PKEY_size(pkey); - vp->vallen = htonl(len); - vp->ptr = emalloc(len); + vallen = EVP_PKEY_size(pkey); + vp->vallen = htonl(vallen); + vp->ptr = emalloc(vallen); temp32 = htonl(*cookie); if (!RSA_public_encrypt(4, (u_char *)&temp32, vp->ptr, pkey->pkey.rsa, RSA_PKCS1_OAEP_PADDING)) { @@ -1705,9 +1720,9 @@ crypto_encrypt( vp->sig = emalloc(sign_siglen); EVP_SignInit(&ctx, sign_digest); EVP_SignUpdate(&ctx, (u_char *)&vp->tstamp, 12); - EVP_SignUpdate(&ctx, vp->ptr, len); - if (EVP_SignFinal(&ctx, vp->sig, &len, sign_pkey)) - vp->siglen = htonl(len); + EVP_SignUpdate(&ctx, vp->ptr, vallen); + if (EVP_SignFinal(&ctx, vp->sig, &vallen, sign_pkey)) + vp->siglen = htonl(sign_siglen); return (XEVNT_OK); } @@ -1794,6 +1809,9 @@ crypto_ident( * call in the protocol module. * * Returns extension field pointer (no errors). + * + * XXX: opcode and len should really be 32-bit quantities and + * we should make sure that str is not too big. */ struct exten * crypto_args( @@ -1805,11 +1823,14 @@ crypto_args( tstamp_t tstamp; /* NTP timestamp */ struct exten *ep; /* extension field pointer */ u_int len; /* extension field length */ + size_t slen; tstamp = crypto_time(); len = sizeof(struct exten); - if (str != NULL) - len += strlen(str); + if (str != NULL) { + slen = strlen(str); + len += slen; + } ep = emalloc(len); memset(ep, 0, len); if (opcode == 0) @@ -1829,8 +1850,8 @@ crypto_args( ep->fstamp = hostval.tstamp; ep->vallen = 0; if (str != NULL) { - ep->vallen = htonl(strlen(str)); - memcpy((char *)ep->pkt, str, strlen(str)); + ep->vallen = htonl(slen); + memcpy((char *)ep->pkt, str, slen); } else { ep->pkt[0] = peer->associd; } @@ -1844,6 +1865,8 @@ crypto_args( * Returns extension field length. Note: it is not polite to send a * nonempty signature with zero timestamp or a nonzero timestamp with * empty signature, but these rules are not enforced here. + * + * XXX This code won't work on a box with 16-bit ints. */ u_int crypto_send( @@ -2212,7 +2235,8 @@ crypto_bob( tstamp_t tstamp; /* NTP timestamp */ BIGNUM *bn, *bk, *r; u_char *ptr; - u_int len; + u_int len; /* extension field length */ + u_int vallen = 0; /* value length */ /* * If the IFF parameters are not valid, something awful @@ -2227,8 +2251,11 @@ crypto_bob( /* * Extract r from the challenge. */ - len = ntohl(ep->vallen); - if ((r = BN_bin2bn((u_char *)ep->pkt, len, NULL)) == NULL) { + vallen = ntohl(ep->vallen); + len = ntohl(ep->opcode) & 0x0000ffff; + if (vallen == 0 || len < VALUE_LEN || len - VALUE_LEN < vallen) + return XEVNT_LEN; + if ((r = BN_bin2bn((u_char *)ep->pkt, vallen, NULL)) == NULL) { msyslog(LOG_ERR, "crypto_bob %s\n", ERR_error_string(ERR_get_error(), NULL)); return (XEVNT_ERR); @@ -2240,7 +2267,7 @@ crypto_bob( */ bctx = BN_CTX_new(); bk = BN_new(); bn = BN_new(); sdsa = DSA_SIG_new(); - BN_rand(bk, len * 8, -1, 1); /* k */ + BN_rand(bk, vallen * 8, -1, 1); /* k */ BN_mod_mul(bn, dsa->priv_key, r, dsa->q, bctx); /* b r mod q */ BN_add(bn, bn, bk); BN_mod(bn, bn, dsa->q, bctx); /* k + b r mod q */ @@ -2254,19 +2281,25 @@ crypto_bob( /* * Encode the values in ASN.1 and sign. */ - tstamp = crypto_time(); - memset(vp, 0, sizeof(struct value)); - vp->tstamp = htonl(tstamp); - vp->fstamp = htonl(if_fstamp); - len = i2d_DSA_SIG(sdsa, NULL); - if (len <= 0) { + vallen = i2d_DSA_SIG(sdsa, NULL); + if (vallen == 0) { msyslog(LOG_ERR, "crypto_bob %s\n", ERR_error_string(ERR_get_error(), NULL)); DSA_SIG_free(sdsa); return (XEVNT_ERR); } - vp->vallen = htonl(len); - ptr = emalloc(len); + if (vallen > MAX_VALLEN) { + msyslog(LOG_ERR, "crypto_bob: signature is too big: %d", + vallen); + DSA_SIG_free(sdsa); + return (XEVNT_LEN); + } + memset(vp, 0, sizeof(struct value)); + tstamp = crypto_time(); + vp->tstamp = htonl(tstamp); + vp->fstamp = htonl(if_fstamp); + vp->vallen = htonl(vallen); + ptr = emalloc(vallen); vp->ptr = ptr; i2d_DSA_SIG(sdsa, &ptr); DSA_SIG_free(sdsa); @@ -2277,11 +2310,12 @@ crypto_bob( if (tstamp < cinfo->first || tstamp > cinfo->last) return (XEVNT_PER); + /* XXX: more validation to make sure the sign fits... */ vp->sig = emalloc(sign_siglen); EVP_SignInit(&ctx, sign_digest); EVP_SignUpdate(&ctx, (u_char *)&vp->tstamp, 12); - EVP_SignUpdate(&ctx, vp->ptr, len); - if (EVP_SignFinal(&ctx, vp->sig, &len, sign_pkey)) + EVP_SignUpdate(&ctx, vp->ptr, vallen); + if (EVP_SignFinal(&ctx, vp->sig, &vallen, sign_pkey)) vp->siglen = htonl(len); return (XEVNT_OK); } Modified: stable/8/contrib/ntp/ntpd/ntp_proto.c ============================================================================== --- stable/8/contrib/ntp/ntpd/ntp_proto.c Tue Apr 7 20:20:24 2015 (r281230) +++ stable/8/contrib/ntp/ntpd/ntp_proto.c Tue Apr 7 20:20:44 2015 (r281231) @@ -459,7 +459,7 @@ receive( while (has_mac > 0) { int temp; - if (has_mac % 4 != 0 || has_mac < 0) { + if (has_mac % 4 != 0 || has_mac < MIN_MAC_LEN) { sys_badlength++; return; /* bad MAC length */ } @@ -483,6 +483,13 @@ receive( return; /* bad MAC length */ } } + /* + * If has_mac is < 0 we had a malformed packet. + */ + if (has_mac < 0) { + sys_badlength++; + return; /* bad length */ + } #ifdef OPENSSL pkeyid = tkeyid = 0; #endif /* OPENSSL */ @@ -942,12 +949,9 @@ receive( } /* - * Update the origin and destination timestamps. If - * unsynchronized or bogus abandon ship. If the crypto machine + * If unsynchronized or bogus abandon ship. If the crypto machine * breaks, light the crypto bit and plaint the log. */ - peer->org = p_xmt; - peer->rec = rbufp->recv_time; if (peer->flash & PKT_TEST_MASK) { #ifdef OPENSSL if (crypto_flags && (peer->flags & FLAG_SKEY)) { @@ -978,10 +982,11 @@ receive( * versions. If symmetric modes, return a crypto-NAK. The peer * should restart the protocol. */ - } else if (!AUTH(peer->keyid || (restrict_mask & RES_DONTTRUST), - is_authentic)) { + } else if (!AUTH(peer->keyid || has_mac || + (restrict_mask & RES_DONTTRUST), is_authentic)) { peer->flash |= TEST5; - if (hismode == MODE_ACTIVE || hismode == MODE_PASSIVE) + if (has_mac && + (hismode == MODE_ACTIVE || hismode == MODE_PASSIVE)) fast_xmit(rbufp, MODE_ACTIVE, 0, restrict_mask); return; /* bad auth */ } @@ -989,7 +994,12 @@ receive( /* * That was hard and I am sweaty, but the packet is squeaky * clean. Get on with real work. + * + * Update the origin and destination timestamps. */ + peer->org = p_xmt; + peer->rec = rbufp->recv_time; + peer->received++; peer->timereceived = current_time; if (is_authentic == AUTH_OK) Modified: stable/8/sys/netinet/igmp.c ============================================================================== --- stable/8/sys/netinet/igmp.c Tue Apr 7 20:20:24 2015 (r281230) +++ stable/8/sys/netinet/igmp.c Tue Apr 7 20:20:44 2015 (r281231) @@ -1533,7 +1533,6 @@ igmp_input(struct mbuf *m, int off) struct igmpv3 *igmpv3; uint16_t igmpv3len; uint16_t nsrc; - int srclen; IGMPSTAT_INC(igps_rcv_v3_queries); igmpv3 = (struct igmpv3 *)igmp; @@ -1541,8 +1540,8 @@ igmp_input(struct mbuf *m, int off) * Validate length based on source count. */ nsrc = ntohs(igmpv3->igmp_numsrc); - srclen = sizeof(struct in_addr) * nsrc; - if (nsrc * sizeof(in_addr_t) > srclen) { + if (nsrc * sizeof(in_addr_t) > + UINT16_MAX - iphlen - IGMP_V3_QUERY_MINLEN) { IGMPSTAT_INC(igps_rcv_tooshort); return; } @@ -1551,7 +1550,7 @@ igmp_input(struct mbuf *m, int off) * this scope. */ igmpv3len = iphlen + IGMP_V3_QUERY_MINLEN + - srclen; + sizeof(struct in_addr) * nsrc; if ((m->m_flags & M_EXT || m->m_len < igmpv3len) && (m = m_pullup(m, igmpv3len)) == NULL) { Modified: stable/8/sys/netinet6/nd6_rtr.c ============================================================================== --- stable/8/sys/netinet6/nd6_rtr.c Tue Apr 7 20:20:24 2015 (r281230) +++ stable/8/sys/netinet6/nd6_rtr.c Tue Apr 7 20:20:44 2015 (r281231) @@ -286,8 +286,16 @@ nd6_ra_input(struct mbuf *m, int off, in } if (nd_ra->nd_ra_retransmit) ndi->retrans = ntohl(nd_ra->nd_ra_retransmit); - if (nd_ra->nd_ra_curhoplimit) - ndi->chlim = nd_ra->nd_ra_curhoplimit; + if (nd_ra->nd_ra_curhoplimit) { + if (ndi->chlim < nd_ra->nd_ra_curhoplimit) + ndi->chlim = nd_ra->nd_ra_curhoplimit; + else if (ndi->chlim != nd_ra->nd_ra_curhoplimit) { + log(LOG_ERR, "RA with a lower CurHopLimit sent from " + "%s on %s (current = %d, received = %d). " + "Ignored.\n", ip6_sprintf(ip6bufs, &ip6->ip6_src), + if_name(ifp), ndi->chlim, nd_ra->nd_ra_curhoplimit); + } + } dr = defrtrlist_update(&dr0); } From owner-svn-src-stable-8@FreeBSD.ORG Fri Apr 10 00:44:44 2015 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7DE7DB73; Fri, 10 Apr 2015 00:44:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 68CB5750; Fri, 10 Apr 2015 00:44:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t3A0iib4034670; Fri, 10 Apr 2015 00:44:44 GMT (envelope-from mav@FreeBSD.org) Received: (from mav@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t3A0ihq6034667; Fri, 10 Apr 2015 00:44:43 GMT (envelope-from mav@FreeBSD.org) Message-Id: <201504100044.t3A0ihq6034667@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: mav set sender to mav@FreeBSD.org using -f From: Alexander Motin Date: Fri, 10 Apr 2015 00:44:43 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r281347 - in stable/8/sys/geom: mirror raid X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Apr 2015 00:44:44 -0000 Author: mav Date: Fri Apr 10 00:44:43 2015 New Revision: 281347 URL: https://svnweb.freebsd.org/changeset/base/281347 Log: MFC r280757: Remove request sorting from GEOM_MIRROR and GEOM_RAID. When CPU is not busy, those queues are typically empty. When CPU is busy, then one more extra sorting is the last thing it needs. If specific device (HDD) really needs sorting, then it will be done later by CAM. This supposed to fix livelock reported for mirror of two SSDs, when UFS fires zillion of BIO_DELETE requests, that totally blocks I/O subsystem by pointless sorting of requests and responses under single mutex lock. Modified: stable/8/sys/geom/mirror/g_mirror.c stable/8/sys/geom/raid/g_raid.c Directory Properties: stable/8/ (props changed) stable/8/sys/ (props changed) stable/8/sys/geom/ (props changed) Modified: stable/8/sys/geom/mirror/g_mirror.c ============================================================================== --- stable/8/sys/geom/mirror/g_mirror.c Fri Apr 10 00:43:24 2015 (r281346) +++ stable/8/sys/geom/mirror/g_mirror.c Fri Apr 10 00:44:43 2015 (r281347) @@ -853,7 +853,7 @@ g_mirror_done(struct bio *bp) sc = bp->bio_from->geom->softc; bp->bio_cflags = G_MIRROR_BIO_FLAG_REGULAR; mtx_lock(&sc->sc_queue_mtx); - bioq_disksort(&sc->sc_queue, bp); + bioq_insert_tail(&sc->sc_queue, bp); mtx_unlock(&sc->sc_queue_mtx); wakeup(sc); } @@ -939,7 +939,7 @@ g_mirror_regular_request(struct bio *bp) else { pbp->bio_error = 0; mtx_lock(&sc->sc_queue_mtx); - bioq_disksort(&sc->sc_queue, pbp); + bioq_insert_tail(&sc->sc_queue, pbp); mtx_unlock(&sc->sc_queue_mtx); G_MIRROR_DEBUG(4, "%s: Waking up %p.", __func__, sc); wakeup(sc); @@ -979,7 +979,7 @@ g_mirror_sync_done(struct bio *bp) sc = bp->bio_from->geom->softc; bp->bio_cflags = G_MIRROR_BIO_FLAG_SYNC; mtx_lock(&sc->sc_queue_mtx); - bioq_disksort(&sc->sc_queue, bp); + bioq_insert_tail(&sc->sc_queue, bp); mtx_unlock(&sc->sc_queue_mtx); wakeup(sc); } @@ -1092,7 +1092,7 @@ g_mirror_start(struct bio *bp) return; } mtx_lock(&sc->sc_queue_mtx); - bioq_disksort(&sc->sc_queue, bp); + bioq_insert_tail(&sc->sc_queue, bp); mtx_unlock(&sc->sc_queue_mtx); G_MIRROR_DEBUG(4, "%s: Waking up %p.", __func__, sc); wakeup(sc); Modified: stable/8/sys/geom/raid/g_raid.c ============================================================================== --- stable/8/sys/geom/raid/g_raid.c Fri Apr 10 00:43:24 2015 (r281346) +++ stable/8/sys/geom/raid/g_raid.c Fri Apr 10 00:44:43 2015 (r281347) @@ -1141,7 +1141,7 @@ g_raid_start(struct bio *bp) return; } mtx_lock(&sc->sc_queue_mtx); - bioq_disksort(&sc->sc_queue, bp); + bioq_insert_tail(&sc->sc_queue, bp); mtx_unlock(&sc->sc_queue_mtx); if (!dumping) { G_RAID_DEBUG1(4, sc, "Waking up %p.", sc); @@ -1353,7 +1353,7 @@ g_raid_unlock_range(struct g_raid_volume (intmax_t)(lp->l_offset+lp->l_length)); mtx_lock(&sc->sc_queue_mtx); while ((bp = bioq_takefirst(&vol->v_locked)) != NULL) - bioq_disksort(&sc->sc_queue, bp); + bioq_insert_tail(&sc->sc_queue, bp); mtx_unlock(&sc->sc_queue_mtx); free(lp, M_RAID); return (0); @@ -1447,7 +1447,7 @@ g_raid_disk_done(struct bio *bp) sd = bp->bio_caller1; sc = sd->sd_softc; mtx_lock(&sc->sc_queue_mtx); - bioq_disksort(&sc->sc_queue, bp); + bioq_insert_tail(&sc->sc_queue, bp); mtx_unlock(&sc->sc_queue_mtx); if (!dumping) wakeup(sc); From owner-svn-src-stable-8@FreeBSD.ORG Sat Apr 11 01:17:21 2015 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7D55F5A1; Sat, 11 Apr 2015 01:17:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4E19B1A3; Sat, 11 Apr 2015 01:17:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t3B1HLAa068506; Sat, 11 Apr 2015 01:17:21 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t3B1HL0q068505; Sat, 11 Apr 2015 01:17:21 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201504110117.t3B1HL0q068505@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Sat, 11 Apr 2015 01:17:21 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r281389 - in stable: 10/usr.sbin/acpi/acpiconf 8/usr.sbin/acpi/acpiconf 9/usr.sbin/acpi/acpiconf X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Apr 2015 01:17:21 -0000 Author: jkim Date: Sat Apr 11 01:17:19 2015 New Revision: 281389 URL: https://svnweb.freebsd.org/changeset/base/281389 Log: MFC: r281171 Tidy up battery status information. Remove a trailing white space. PR: 193671 Modified: stable/8/usr.sbin/acpi/acpiconf/acpiconf.c Directory Properties: stable/8/usr.sbin/acpi/acpiconf/ (props changed) Changes in other areas also in this revision: Modified: stable/10/usr.sbin/acpi/acpiconf/acpiconf.c stable/9/usr.sbin/acpi/acpiconf/acpiconf.c Directory Properties: stable/10/ (props changed) stable/9/usr.sbin/acpi/acpiconf/ (props changed) Modified: stable/8/usr.sbin/acpi/acpiconf/acpiconf.c ============================================================================== --- stable/8/usr.sbin/acpi/acpiconf/acpiconf.c Sat Apr 11 01:06:59 2015 (r281388) +++ stable/8/usr.sbin/acpi/acpiconf/acpiconf.c Sat Apr 11 01:17:19 2015 (r281389) @@ -136,16 +136,30 @@ acpi_battinfo(int num) if (ioctl(acpifd, ACPIIO_BATT_GET_BATTINFO, &battio) == -1) err(EX_IOERR, "get battery user info (%d) failed", num); if (battio.battinfo.state != ACPI_BATT_STAT_NOT_PRESENT) { - printf("State:\t\t\t"); - if (battio.battinfo.state == 0) - printf("high "); - if (battio.battinfo.state & ACPI_BATT_STAT_CRITICAL) - printf("critical "); - if (battio.battinfo.state & ACPI_BATT_STAT_DISCHARG) - printf("discharging "); - if (battio.battinfo.state & ACPI_BATT_STAT_CHARGING) - printf("charging "); - printf("\n"); + const char *state; + switch (battio.battinfo.state & ACPI_BATT_STAT_BST_MASK) { + case 0: + state = "high"; + break; + case ACPI_BATT_STAT_DISCHARG: + state = "discharging"; + break; + case ACPI_BATT_STAT_CHARGING: + state = "charging"; + break; + case ACPI_BATT_STAT_CRITICAL: + state = "critical"; + break; + case ACPI_BATT_STAT_DISCHARG | ACPI_BATT_STAT_CRITICAL: + state = "critical discharging"; + break; + case ACPI_BATT_STAT_CHARGING | ACPI_BATT_STAT_CRITICAL: + state = "critical charging"; + break; + default: + state = "invalid"; + } + printf("State:\t\t\t%s\n", state); if (battio.battinfo.cap == -1) printf("Remaining capacity:\tunknown\n"); else