FreeBSD source tree https://cgit-dev.freebsd.org/src-test2/atom?h=release%2F11.3.0 2018-03-29T02:50:57Z 2018-03-29T02:50:57Z Eitan Adler eadler@FreeBSD.org 2018-03-29T02:50:57Z urn:sha1:4ab2e064d7950be84256d671a7ae93f87cc6aa36 This was intended to be a non-functional change. It wasn't. The commit message was thus wrong. In addition it broke arm, and merged crypto related code. Revert with prejudice. This revert skips files touched in r316370 since that commit was since MFCed. This revert also skips files that require $FreeBSD$ property changes. Thank you to those who helped me get out of this mess including but not limited to gonzo, kevans, rgrimes. Requested by: gjb (re) 2018-03-14T03:19:51Z Eitan Adler eadler@FreeBSD.org 2018-03-14T03:19:51Z urn:sha1:be5d0b9566b13fdf8cabebb63334cbec12bfc409 These changes are incomplete but are making it difficult to determine what other changes can/should be merged. No objections from: pfg 2016-03-22T06:24:52Z Alexander Motin mav@FreeBSD.org 2016-03-22T06:24:52Z urn:sha1:ea2ef9931c822e8c52dbf3ee16f54a24693667a1 Set watchdog timer parameters only when they really need to be changed. In other cases just restart the timer with single Reset command instead of two (Set and Reset). From one side this visually reduces amount of CPU time burned in tight loop waiting while some slow BMC configures its watchdog hardware, that seems to be much more complicated task then just resetting the timer. From another side on some BMCs those slow Set commands sometimes tend to timeout, that leads to noisy log messages and even more CPU time burned, so avoiding them can provide even bigger bonuses. MFC after: 2 weeks 2015-08-30T08:48:31Z Xin LI delphij@FreeBSD.org 2015-08-30T08:48:31Z urn:sha1:42404113e6a606514cea5c1365415c497d2a5772 2015-04-24T16:56:23Z John Baldwin jhb@FreeBSD.org 2015-04-24T16:56:23Z urn:sha1:9662eef57a2ac9b6d29f440e426e0965df1bb4c9 are not permitted to sleep. Only use the IPMI watchdog with backends which poll driver-initiated requests to meet this requirement. In practice this means that watchdogs will no longer be used on systems that use the SSIF backend. Differential Revision: https://reviews.freebsd.org/D2062 MFC after: 2 weeks 2015-02-06T16:45:10Z John Baldwin jhb@FreeBSD.org 2015-02-06T16:45:10Z urn:sha1:c869aa71f056ba8078a9db78290c295a644cad84 particular, updates to the watchdog should no longer sleep. - Add a new IPMI_IO_LOCK for low-level I/O access. Use this for kcs_polled_request() and smic_polled_request(). - Add a new backend callback "ipmi_driver_request" to handle a driver request. The new callback performs the request sychronously for KCS and SMIC. SSIF still defers the work to the worker thread since the worker thread sleeps during request processing anyway. - Allocate driver requests on the stack rather than using malloc(). Differential Revision: https://reviews.freebsd.org/D1723 Tested by: scottl MFC after: 2 weeks 2014-12-22T16:53:04Z John Baldwin jhb@FreeBSD.org 2014-12-22T16:53:04Z urn:sha1:51f2504057c8a39b3ea244b777d66ea00a391701 error. This fixes occasional hangs in the IPMI kcs thread when using ipmitool locally. MFC after: 1 week 2014-03-16T10:55:57Z Robert Watson rwatson@FreeBSD.org 2014-03-16T10:55:57Z urn:sha1:4a14441044e0bdb55c81010ea92b24d87c25ee56 further refinement is required as some device drivers intended to be portable over FreeBSD versions rely on __FreeBSD_version to decide whether to include capability.h. MFC after: 3 weeks 2013-10-31T05:13:53Z Gleb Smirnoff glebius@FreeBSD.org 2013-10-31T05:13:53Z urn:sha1:a9b3c1bf054feefcb29a4e22125315e742ffb71f on a box with IPMI enabled. Okay from: jhb Sponsored by: Netflix Sponsored by: Nginx, Inc. 2013-09-05T00:09:56Z Pawel Jakub Dawidek pjd@FreeBSD.org 2013-09-05T00:09:56Z urn:sha1:7008be5bd7341259037f383434a72960413cfeb8 in the future in a backward compatible (API and ABI) way. The cap_rights_t represents capability rights. We used to use one bit to represent one right, but we are running out of spare bits. Currently the new structure provides place for 114 rights (so 50 more than the previous cap_rights_t), but it is possible to grow the structure to hold at least 285 rights, although we can make it even larger if 285 rights won't be enough. The structure definition looks like this: struct cap_rights { uint64_t cr_rights[CAP_RIGHTS_VERSION + 2]; }; The initial CAP_RIGHTS_VERSION is 0. The top two bits in the first element of the cr_rights[] array contain total number of elements in the array - 2. This means if those two bits are equal to 0, we have 2 array elements. The top two bits in all remaining array elements should be 0. The next five bits in all array elements contain array index. Only one bit is used and bit position in this five-bits range defines array index. This means there can be at most five array elements in the future. To define new right the CAPRIGHT() macro must be used. The macro takes two arguments - an array index and a bit to set, eg. #define CAP_PDKILL CAPRIGHT(1, 0x0000000000000800ULL) We still support aliases that combine few rights, but the rights have to belong to the same array element, eg: #define CAP_LOOKUP CAPRIGHT(0, 0x0000000000000400ULL) #define CAP_FCHMOD CAPRIGHT(0, 0x0000000000002000ULL) #define CAP_FCHMODAT (CAP_FCHMOD | CAP_LOOKUP) There is new API to manage the new cap_rights_t structure: cap_rights_t *cap_rights_init(cap_rights_t *rights, ...); void cap_rights_set(cap_rights_t *rights, ...); void cap_rights_clear(cap_rights_t *rights, ...); bool cap_rights_is_set(const cap_rights_t *rights, ...); bool cap_rights_is_valid(const cap_rights_t *rights); void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src); void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src); bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little); Capability rights to the cap_rights_init(), cap_rights_set(), cap_rights_clear() and cap_rights_is_set() functions are provided by separating them with commas, eg: cap_rights_t rights; cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT); There is no need to terminate the list of rights, as those functions are actually macros that take care of the termination, eg: #define cap_rights_set(rights, ...) \ __cap_rights_set((rights), __VA_ARGS__, 0ULL) void __cap_rights_set(cap_rights_t *rights, ...); Thanks to using one bit as an array index we can assert in those functions that there are no two rights belonging to different array elements provided together. For example this is illegal and will be detected, because CAP_LOOKUP belongs to element 0 and CAP_PDKILL to element 1: cap_rights_init(&rights, CAP_LOOKUP | CAP_PDKILL); Providing several rights that belongs to the same array's element this way is correct, but is not advised. It should only be used for aliases definition. This commit also breaks compatibility with some existing Capsicum system calls, but I see no other way to do that. This should be fine as Capsicum is still experimental and this change is not going to 9.x. Sponsored by: The FreeBSD Foundation