Highlights:
* Security fix for apache server plugin that we don't build or use
* sqlite performance improvements.
* bug fixes for edge cases and some other less common operations.
Document r261498 - ping uses the Capsicum framework to drop privileges
Document r261344 - mdocml have been upgraded to version 1.12.3
Documetn r261991 - llvm/clang have been upgraded to version 3.4
Approved by: hrs (mentor)
While here, don't overwrite the error message on interactive use and add
the missing '\n' at end of error message for the non interactive use.
Tested by: ian, myself
Approved by: adrian (mentor, implicit)
simplify the implementation of the x2APIC virtualization assist in VT-x.
Prior to this change the vlapic allowed the guest to change its mode from
xAPIC to x2APIC. We don't allow that any more and the vlapic mode is locked
when the virtual machine is created. This is not very constraining because
operating systems already have to deal with BIOS setting up the APIC in
x2APIC mode at boot.
Fix a bug in the CPUID emulation where the x2APIC capability was leaking
from the host to the guest.
Ignore MMIO reads and writes to the vlapic in x2APIC mode. Similarly, ignore
MSR accesses to the vlapic when it is in xAPIC mode.
The default configuration of the vlapic is xAPIC. The "-x" option to bhyve(8)
can be used to change the mode to x2APIC instead.
Discussed with: grehan@
levels. The root of the problem was that make was attempting to run up
to three concurrent asn1_compile commands to produce the three outputs
that it was declared to produce. The failure was caused when the
asn1_compiles were started out of sync and a later one was truncating
the files that another thread was trying to copy. In reality it is
supposed to be run exactly once and all three outputs are produced in
one pass.
Use the same hack as for the parent's Makefile.inc for the compile_et
multi-output rule.
HAL methods.
This allows the AR8327 code to override it as appropriate.
Tested:
* DB120 - AR8327 and AR9340 on-board switch; only running 'etherswitchcfg'
to check configs. The actual VLAN programming wasn't tested.
The registers (and perhaps the flags) are different for the AR8327, so
I'll stub those out until they're written.
Tested:
* DB120 - both on-chip AR9340 and AR8327 switches.
a single port to setup.
This may end up later being used as part of some logic to program
the PHY for a single port, rather than having to reinitialise them
all at once.
Tested:
* DB120
license, although the former is pretty safe, it wasn't intended to be
used in the version of MIPS boot2/loader upstreamed to FreeBSD.
MFC after: 3 weeks
Sponsored by: DARPA, AFRL
particular interest in (and support for) SRI International and the
University of Cambridge's BERI FPGA soft-core processor. This includes
micro device drivers for the Altera JTAG UART console, memory-mapped
flash, and the Altera SD Card IP core in both boot2 and loader. boot2
can be written to the on-board Intel StrataFlash on the DE4 board, and
loader can be placed in StrataFlash or the SD Card.
Plenty of XXX comments, but works quite well locally in practice and I
am using it daily. Although I had originally ported the ARM version
of boot2, the current version is x86-derived as that proved more
feature-complete. As we don't currently use partitions on our flash
disks, support for that has been commented out relative to x86, but
would be easy to add back. FDT support has not yet been hooked up,
although some skeleton parts have been put in place for that.
This may well be a useful starting point for ports to other 32-bit and
64-bit MIPS-ISA systems.
This merge is synchronised to CheriBSD github commit
e41d74fd719525d4dd7a7ee499114679165eeaf6, but with some additions of
$FreeBSD.
MFC after: 3 weeks
Sponsored by: DARPA, AFRAL
capability.h currently only wraps some of its declarations in __BEGIN_DECLS/__END_DECLS, so cap_enter(), cap_sandboxed(), etc. are usable from C++ code but cap_rights_init(), cap_rights_is_valid() etc. are not. This commit fixes this distinction.
Approved by: rwatson (mentor)
MFC after: 1 week
Sponsored by: DARPA, AFRL
- intercept FIONBIO and FIOASYNC ioctls on netmap file descriptors.
libpcap calls them to set non blocking I/O on the file descriptor,
for netmap this is a no-op because there is no read/write,
but not intercepting would cause fcntl() to return -1
- rate limit and put under netmap.verbose some messages that occur
when threads use concurrently the same file descriptor.
emulated instructions.
- Add helper routines to inject interrupt information for a hardware
exception from the VM exit callback routines.
- Use the new routines to inject GP and UD exceptions for invalid
operations when emulating the xsetbv instruction.
- Don't directly manipulate the entry interrupt info when a user event
is injected. Instead, store the event info in the vmx state and
only apply it during a VM entry if a hardware exception or NMI is
not already pending.
- While here, use HANDLED/UNHANDLED instead of 1/0 in a couple of
routines.
Reviewed by: neel
the non-standard zero capability list terminator. Instead, track
the start and end of the most recently added capability and use that
to adjust the previous capability's next pointer when a capability is
added and to determine the range of config registers belonging to
PCI capability registers.
Reviewed by: neel
Before this patch, curvnet was NULL.
When the VIMAGE kernel option is enabled, this eliminates
kernel panics when USB ethernet devices are plugged in.
PR: 183835
Submitted by: Hiroo Oono <hiroo.ono at gmail dot com>
in x2apic mode. Reads to this MSR are currently ignored but should cause a
general proctection exception to be injected into the vcpu.
All accesses to the corresponding offset in xAPIC mode are ignored.
Also, do not panic the host if there is mismatch between the trigger mode
programmed in the TMR and the actual interrupt being delivered. Instead the
anomaly is logged to aid debugging and to prevent a misbehaving guest from
panicking the host.
This is necessary because if the vlapic is configured in x2apic mode the
vioapic_process_eoi() function is called inside the critical section
established by vm_run().
blocking sockets. The error was not exposed as long as the kernel
suffered from PR kern/185812. Now corrected, these tests pass on
DragonFlyBSD 3.6.0.
PR: kern/185812
Sponsored by: Spectra Logic Corporation
MFC after: 2 weeks