jtl (Jonathan T. Looney)Administrator
User

Projects

User Details

User Since
Oct 29 2015, 5:25 PM (115 w, 6 d)
Roles
Administrator

Recent Activity

Wed, Jan 10

jtl accepted D8562: Verified execution (veriexec) library interface to MAC/veriexec per-policy syscall.

I think this should be committed after addressing @wblock's comments.

Wed, Jan 10, 12:30 AM
jtl accepted D8561: Verified execution (veriexec) device interface to MAC/veriexec.

I think this should be committed basically "as is", unless someone raises serious objections in the next week or so.

Wed, Jan 10, 12:28 AM
jtl accepted D8554: Verified execution (veriexec) as a MAC module..

After addressing @ian's commands, I think this should be committed "as is", unless someone raises serious objections in the next week or so.

Wed, Jan 10, 12:25 AM
jtl accepted D8575: Verified execution (veriexec) fingerprint loader.

I think this should be committed basically "as is" (perhaps with the few tweaks suggested in the review), unless someone raises serious objections in the next week or so.

Wed, Jan 10, 12:20 AM
jtl closed D13814: Fix backwards MD_VERIFY logic for md devices.
Wed, Jan 10, 12:09 AM
jtl committed rS327754: Fix backwards MD_VERIFY logic for md devices..
Fix backwards MD_VERIFY logic for md devices.
Wed, Jan 10, 12:09 AM

Tue, Jan 9

jtl added inline comments to D8575: Verified execution (veriexec) fingerprint loader.
Tue, Jan 9, 8:09 PM
jtl added inline comments to D8575: Verified execution (veriexec) fingerprint loader.
Tue, Jan 9, 8:07 PM
jtl added inline comments to D8561: Verified execution (veriexec) device interface to MAC/veriexec.
Tue, Jan 9, 7:47 PM
jtl created D13814: Fix backwards MD_VERIFY logic for md devices.
Tue, Jan 9, 7:24 PM
jtl added a comment to D8554: Verified execution (veriexec) as a MAC module..

I think one of the few weaknesses I see is the way the hash result is cached.

Tue, Jan 9, 7:05 PM
jtl added a comment to D8554: Verified execution (veriexec) as a MAC module..

It seems like this could use a man page to describe the mechanism. There are some subtleties that are not immediately obvious, such as the way that shared libraries are protected. In addition, the O_VERIFY flag should probably be documented in the open() man page with a pointer to the verified exec man page.

Tue, Jan 9, 6:34 PM

Mon, Jan 8

jtl added inline comments to D13797: PTI for amd64..
Mon, Jan 8, 7:29 PM
jtl added inline comments to D13797: PTI for amd64..
Mon, Jan 8, 6:40 PM

Nov 3 2017

jtl added a comment to D12920: Avoid a double-panic caused by KASSERTs.
In D12920#268423, @kib wrote:

At least I saw the re-entry several times. I do believe that the control would be not a waste of time to add it.

Nov 3 2017, 3:02 PM
jtl updated the diff for D12920: Avoid a double-panic caused by KASSERTs.

Added a sysctl to control whether KASSERTs are suppressed after a panic.

Nov 3 2017, 3:01 PM
jtl added a comment to D12920: Avoid a double-panic caused by KASSERTs.
In D12920#268350, @kib wrote:

Generally, code is not prepared to continue execution after the panic call.

Nov 3 2017, 12:19 PM
jtl created D12920: Avoid a double-panic caused by KASSERTs.
Nov 3 2017, 12:15 AM

Nov 2 2017

jtl updated subscribers of D12911: Streamline the operations when acquiring the lock on an INP after a lookup.
Nov 2 2017, 4:18 PM
jtl created D12914: Send a final ACK to local connections.
Nov 2 2017, 4:15 PM
jtl created D12911: Streamline the operations when acquiring the lock on an INP after a lookup.
Nov 2 2017, 2:42 PM
jtl abandoned D12909: Small optimization for critical_enter().

I ended up posting this for review, since I didn't want to lose the diff. However, while thinking about this more, I realized that there is probably a better way to do this.

Nov 2 2017, 2:14 PM
jtl created D12909: Small optimization for critical_enter().
Nov 2 2017, 2:04 PM

Oct 24 2017

jtl accepted D12777: Implenent power cycle option to reboot.
Oct 24 2017, 11:37 PM
jtl accepted D12777: Implenent power cycle option to reboot.
Oct 24 2017, 11:17 PM
jtl added a comment to D12777: Implenent power cycle option to reboot.

Seems like a good idea! See in-line comments.

Oct 24 2017, 6:09 PM
jtl edited reviewers for D12777: Implenent power cycle option to reboot, added: jtl; removed: jonlooney_gmail.com.
Oct 24 2017, 5:46 PM

Oct 19 2017

jtl added a comment to D12639: Enable VIMAGE by default.

For what its worth, here is my 2c on this.

Oct 19 2017, 5:10 PM

Oct 11 2017

jtl added a comment to D12639: Enable VIMAGE by default.

I remain concerned about the performance overhead of activating this where not needed. However, I have no performance information to either alleviate or confirm my fears. Has someone done the work to gather performance information to compare a non-VIMAGE kernel to a VIMAGE kernel with a single VNET?

Oct 11 2017, 11:32 PM

Sep 26 2017

jtl added a comment to D12501: count bytes in vn_sendfile when pru_send returns EAGAIN.

If m_uiotombuf() copied at least some of the data to mbufs, then ERESTART, EINTR, and EAGAIN/EWOULDBLOCK are masked, no matter where the errors came from. Which would include pru_send.

In the vn_sendfile case, the equivalent of "masking" is to make sure that sbytes is updated. We don't actually have to hide the error from userspace, unlike the write* and send* cases, because sendfile can describe bytes moved and an error at the same time.

I don't think pru_send can return EINTR or ERESTART, which just leaves EAGAIN.

This is the inspiration of this patch, which I assert is not an implied change to the pru_send API.

Sep 26 2017, 4:32 PM
jtl added a comment to D12501: count bytes in vn_sendfile when pru_send returns EAGAIN.

I'm not sure what I think of this change. It seems like an API change again: now EAGAIN always means that pru_send added the bytes instead of freeing them, while other errors are either fatal or mean that the bytes were lost.

Sep 26 2017, 12:56 PM
jtl added a comment to D12492: Ensure strict error handling of tcp_usr_send.

The primary goal is to ensure that userspace and the kernel are in lock step as far as how many bytes were actually added to the socket, as long as sendfile returns no error or an error that is not fatal to the connection.

Sep 26 2017, 12:30 PM

Sep 25 2017

jtl requested changes to D12492: Ensure strict error handling of tcp_usr_send.

I'm not sure I understand the problem this patch is trying to solve. Can you explain the problem in sufficient detail so we can understand how this patch addresses it? Thanks!

Sep 25 2017, 11:29 PM
jtl added a comment to D12492: Ensure strict error handling of tcp_usr_send.

Can you explain how these are different? Both functionally set error to so->so_error, and then set so->so_error to 0. If (so) is properly locked, it looks like these should be equivalent. If (so) is not properly locked, then the new formulation is not guaranteed to overcome this deficiency.

Sep 25 2017, 5:22 PM

Sep 8 2017

jtl created D12278: Provide an option to send non-fatal machine-check errors to syslog (instead of the console).
Sep 8 2017, 3:34 PM
jtl created D12277: Allow the user more control over MCA throttling.
Sep 8 2017, 3:28 PM
jtl created D12276: Make sure we set up the MCA task queue before cold is changed to 0.
Sep 8 2017, 3:20 PM
jtl created D12275: Defer non-fatal MCA message output from the hardware interrupt context.
Sep 8 2017, 3:14 PM

Aug 14 2017

jtl accepted D12003: Use counter(9) for PLPMTUD counters.

Looks good (with one minor nit inline).

Aug 14 2017, 1:08 PM · transport

Aug 12 2017

jtl added a comment to D11969: refactoring in support of *future* change to cope with slow configuration path on INTC and BRCM drivers.

Please review the FreeBSD locking hierarchy. SX locks can't be acquired after default mutexes.

Aug 12 2017, 10:15 AM

Aug 11 2017

jtl added a comment to D11969: refactoring in support of *future* change to cope with slow configuration path on INTC and BRCM drivers.

At a high level...

Aug 11 2017, 4:03 AM

Aug 9 2017

jtl created D11929: Limit the rate at which we will send ACKs in response to out-of-window ACKs.
Aug 9 2017, 1:10 AM

Jul 5 2017

jtl committed rS320682: Don't overpromote values when calculating len in tcp_output()..
Don't overpromote values when calculating len in tcp_output().
Jul 5 2017, 4:10 PM

Jul 3 2017

jtl accepted D11461: Don't request CTLTYPE_OPAQUE if we can't print them..
Jul 3 2017, 6:27 PM

Jun 10 2017

jtl added a comment to D4227: Implement per-thread counters for PMC sampling.
In D4227#229888, @sjg wrote:

jtl does this need further work?

Jun 10 2017, 12:22 AM
jtl added a comment to D11105: Compile the default TCP stack as a module.

Should tcp_default.c move under tcp_stacks/default.c?

Jun 10 2017, 12:15 AM

Jun 8 2017

jtl created D11105: Compile the default TCP stack as a module.
Jun 8 2017, 9:40 PM
jtl committed rS319720: With EARLY_AP_STARTUP enabled, we are seeing crashes in softclock_call_cc().
With EARLY_AP_STARTUP enabled, we are seeing crashes in softclock_call_cc()
Jun 8 2017, 8:47 PM
jtl closed D9828: Fix a panic during boot while executing the vt_timer() callout by committing rS319720: With EARLY_AP_STARTUP enabled, we are seeing crashes in softclock_call_cc().
Jun 8 2017, 8:47 PM
jtl added inline comments to D9828: Fix a panic during boot while executing the vt_timer() callout.
Jun 8 2017, 8:43 PM
jtl committed rS319719: Add the infrastructure to support loading multiple versions of TCP.
Add the infrastructure to support loading multiple versions of TCP
Jun 8 2017, 8:41 PM
jtl closed D11086: Enable the ability to load multiple versions of the same TCP stack by committing rS319719: Add the infrastructure to support loading multiple versions of TCP.
Jun 8 2017, 8:41 PM

Jun 7 2017

jtl updated the summary of D11086: Enable the ability to load multiple versions of the same TCP stack.
Jun 7 2017, 11:17 PM
jtl created D11086: Enable the ability to load multiple versions of the same TCP stack.
Jun 7 2017, 11:15 PM
jtl created D11085: TCP Blackbox Recorder.
Jun 7 2017, 10:28 PM

May 31 2017

jtl added a comment to D10944: Static analysis: Condition the tcp_output() ipov variable on TCP_DEBUG.

This is so trivial that I plan to commit it within 24 hours unless someone complains.

May 31 2017, 8:41 PM
jtl added a comment to D9828: Fix a panic during boot while executing the vt_timer() callout.

I had a long discussion with @ed in the bug. You can see that for context. I think the summary is that I still think we should commit this code, even if @ed thinks a more robust fix requires a larger change. I would like to do that, but do also support @ed making a further bug fix in the future.

May 31 2017, 8:40 PM
jtl added a reviewer for D9828: Fix a panic during boot while executing the vt_timer() callout: glebius.
May 31 2017, 8:37 PM

May 30 2017

jtl closed D10942: Static analysis: Remove unnecessary check in IPv6 PKTOPT_EXTHDRCPY() macro by committing rS319216: Fix an unnecessary/incorrect check in the PKTOPT_EXTHDRCPY macro..
May 30 2017, 2:51 PM
jtl committed rS319216: Fix an unnecessary/incorrect check in the PKTOPT_EXTHDRCPY macro..
Fix an unnecessary/incorrect check in the PKTOPT_EXTHDRCPY macro.
May 30 2017, 2:51 PM
jtl closed D10941: Static analysis: Fix potential NULL dereference in ICMP6 code by committing rS319215: Fix two places in the ICMP6 code where we could dereference a NULL pointer.
May 30 2017, 2:42 PM
jtl committed rS319215: Fix two places in the ICMP6 code where we could dereference a NULL pointer.
Fix two places in the ICMP6 code where we could dereference a NULL pointer
May 30 2017, 2:41 PM
jtl committed rS319214: Enforce the limit on ICMP messages before doing work to formulate the.
Enforce the limit on ICMP messages before doing work to formulate the
May 30 2017, 2:32 PM
jtl closed D10387: ICMP rate-limit enhancements by committing rS319214: Enforce the limit on ICMP messages before doing work to formulate the.
May 30 2017, 2:32 PM

May 26 2017

jtl created D10944: Static analysis: Condition the tcp_output() ipov variable on TCP_DEBUG.
May 26 2017, 5:51 PM
jtl abandoned D10936: Fix static analysis errors in IPv6 code.

At @bz's request, I opened D10940, D10941, D10942, and D10943 for the component parts of this revision.

May 26 2017, 5:08 PM
jtl created D10943: Static analysis: Improve DAD deletion code.
May 26 2017, 5:06 PM
jtl created D10942: Static analysis: Remove unnecessary check in IPv6 PKTOPT_EXTHDRCPY() macro.
May 26 2017, 5:02 PM
jtl created D10941: Static analysis: Fix potential NULL dereference in ICMP6 code.
May 26 2017, 4:54 PM
jtl created D10940: Static analysis: Remove unused variables in IPv6 code.
May 26 2017, 4:43 PM
jtl created D10936: Fix static analysis errors in IPv6 code.
May 26 2017, 3:07 PM

May 25 2017

jtl added a comment to D10894: Hystart.

In general, I think the code would benefit from more comments.

May 25 2017, 8:23 PM
jtl added a reviewer for D10894: Hystart: transport.
May 25 2017, 8:23 PM

Apr 13 2017

jtl created D10390: Add an option to create XZ-compressed cores.
Apr 13 2017, 6:02 PM
jtl added a reviewer for D10388: ICMP6 rate-limit enhancements: network.
Apr 13 2017, 5:32 PM
jtl added a reviewer for D10387: ICMP rate-limit enhancements: network.
Apr 13 2017, 5:32 PM
jtl created D10388: ICMP6 rate-limit enhancements.
Apr 13 2017, 4:59 PM
jtl created D10387: ICMP rate-limit enhancements.
Apr 13 2017, 4:54 PM

Feb 28 2017

jtl updated the diff for D9828: Fix a panic during boot while executing the vt_timer() callout.

Enhance the comment. Move an atomic operation to non-atomic.

Feb 28 2017, 12:53 AM
jtl added inline comments to D9828: Fix a panic during boot while executing the vt_timer() callout.
Feb 28 2017, 12:18 AM
jtl added a comment to D9828: Fix a panic during boot while executing the vt_timer() callout.
In D9828#202716, @ed wrote:

By the time I see multiple atomics operations stacked like this, I start to wonder: isn't there a way to guarantee this by simply using locking APIs? We already call VT_LOCK()/VT_UNLOCK(), it seems. Maybe this is just missing in one of the other places?

Feb 28 2017, 12:17 AM

Feb 27 2017

jtl retitled D9828: Fix a panic during boot while executing the vt_timer() callout from to Fix a panic during boot while executing the vt_timer() callout.
Feb 27 2017, 7:02 PM

Feb 26 2017

jtl committed rS314286: Do some minimal work to better conform to the 802.3ad (LACP) standard..
Do some minimal work to better conform to the 802.3ad (LACP) standard.
Feb 26 2017, 12:19 AM
jtl closed D9485: Make LACP behavior more closely conform to the standard by committing rS314286: Do some minimal work to better conform to the 802.3ad (LACP) standard..
Feb 26 2017, 12:19 AM

Feb 24 2017

jtl closed D9786: Fix "smp_targeted_tlb_shootdown: interrupts disabled" panics by committing rS314216: We have seen several cases recently where we appear to get a double-fault:.
Feb 24 2017, 6:56 PM
jtl committed rS314216: We have seen several cases recently where we appear to get a double-fault:.
We have seen several cases recently where we appear to get a double-fault:
Feb 24 2017, 6:56 PM
jtl added a comment to D9786: Fix "smp_targeted_tlb_shootdown: interrupts disabled" panics.
In D9786#201995, @kib wrote:

I think that it might be unsafe to return from ddb into normal operations with this patch, if ddb activity caused any change in the mappings. Some ddb commands might allocate memory, e.g. coredumping.

You need to flush TLB somewhere in cpustop_handler_post(), most likely, to fix this.

Feb 24 2017, 5:55 PM
jtl updated the diff for D9786: Fix "smp_targeted_tlb_shootdown: interrupts disabled" panics.

Invalidate TLB when restarting other CPUs.

Feb 24 2017, 5:53 PM
jtl retitled D9786: Fix "smp_targeted_tlb_shootdown: interrupts disabled" panics from to Fix "smp_targeted_tlb_shootdown: interrupts disabled" panics.
Feb 24 2017, 5:25 PM

Feb 23 2017

jtl added a comment to D9485: Make LACP behavior more closely conform to the standard.

This has been lingering for a while. Any comments before I commit it?

Feb 23 2017, 2:03 PM
jtl committed rS314116: Fix a panic during boot caused by inadequate locking of some vt(4) driver.
Fix a panic during boot caused by inadequate locking of some vt(4) driver
Feb 23 2017, 1:19 AM
jtl closed D9709: Fix locking on the vt driver's data structures. by committing rS314116: Fix a panic during boot caused by inadequate locking of some vt(4) driver.
Feb 23 2017, 1:19 AM

Feb 22 2017

jtl retitled D9709: Fix locking on the vt driver's data structures. from to Fix locking on the vt driver's data structures..
Feb 22 2017, 12:09 AM

Feb 8 2017

jtl committed rS313447: Ensure the idle thread's loop services interrupts in a timely way when.
Ensure the idle thread's loop services interrupts in a timely way when
Feb 8 2017, 4:47 PM
jtl retitled D9485: Make LACP behavior more closely conform to the standard from to Make LACP behavior more closely conform to the standard.
Feb 8 2017, 1:31 PM

Jan 26 2017

jtl added a comment to D8231: Include ALL_MODULES in MKMODULESENV.

bump

Jan 26 2017, 9:38 PM

Nov 17 2016

jtl accepted D8552: Ignore ACKs with tsecr 0 during 3whs in syncache code..

Thanks for finding this bug and proposing a solution! Your solution looks fine in the sense that it mimics the rest of the behavior of this function when validation fails.

Nov 17 2016, 10:21 PM

Oct 20 2016

jtl accepted D8303: Fix ip_output() on point-to-point links.
Oct 20 2016, 6:53 PM
jtl added a comment to D8225: Let congestion control algorithms decide congestion window..

Summary of verbal feedback today:

  1. If it can be done without major surgery, please consider changing (u_)long to (u)int32_t.
  2. Because this changes the assumption about who sets snd_cwnd, please verify that all the congestion control modules follow the new assumption.
Oct 20 2016, 4:43 PM

Oct 15 2016

jtl committed rS307336: r307082 added the TCP_HHOOK kernel option and made some existing code only.
r307082 added the TCP_HHOOK kernel option and made some existing code only
Oct 15 2016, 12:29 AM