By adding missing ifdefs for INET and INET6 when building LINT-NOIP .
Differential Revision: https://reviews.freebsd.org/D36731
Sponsored by: NVIDIA Networking
By updating function arguments for ipsec_kmod_ctlinput() which is used
when loading IPSEC support via kernel modules.
Differential Revision: https://reviews.freebsd.org/D36731
Sponsored by: NVIDIA Networking
When converting times to and from units which have many leading zeros,
it pays off to compute the greatest common divisor first, and then do the
scaling product. This way all time unit conversion comes down to scaling a
signed or unsigned 64-bit value by a fraction represented by two signed
or unsigned 32-bit integers.
SBT_1S is defined as 2^32 . When scaling using powers of 10 above 1,
the gcd of SBT_1S and 10^N is always greater than or equal to 4,
when N is greater or equal to 2.
Scaling a sbt value to milliseconds is then done by multiplying by
(1000 / 8) and dividing by (2^32 / 8).
This trick allows for higher precision at very little additional CPU cost.
It shall also be noted that the Xtosbt() functions prior to this patch,
sometimes were off-by-one:
For example when converting 1 / 8 of a second to sbt as 125ms the old sbt
conversion function would compute 0x20000001 while the new function computes
0x20000000 which multiplied by 8 becomes SBT_1S, which is the correct value.
Reviewed by: kib@
Differential Revision: https://reviews.freebsd.org/D36857
MFC after: 1 week
Sponsored by: NVIDIA Networking
Division by zero triggers an arithmetic exception and should not be very
common. Predict this.
No functional change intended.
MFC after: 1 week
Sponsored by: NVIDIA Networking
TCP has an idle-reduce feature that allows a connection to reduce its
cwnd after it has been idle more than an RTT. This feature only works
for a sending side connection. It does this by at output checking the
idle time (t_rcvtime vs ticks) to see if its more than the RTO timeout.
The problem comes if you are a web server. You get a request and
then send out all the data.. then go idle. The next time you would
send is in response to a request from the peer asking for more data.
But the thing is you updated t_rcvtime when the request came in so
you never reduce.
The fix is to do the idle reduce check also on inbound.
Reviewed by: tuexen, rscheff
Sponsored by: Netflix Inc
Differential Revision: https://reviews.freebsd.org/D36721
Two functions to call tcp_drop() and tcp_close() from a callout context.
Garbage collect tcp_inpinfo_lock_del(), it has a single use now.
Differential revision: https://reviews.freebsd.org/D36397
In the original design of the network stack from the protocol control
input method pr_ctlinput was used notify the protocols about two very
different kinds of events: internal system events and receival of an
ICMP messages from outside. These events were coded with PRC_ codes.
Today these methods are removed from the protosw(9) and are isolated
to IPv4 and IPv6 stacks and are called only from icmp*_input(). The
PRC_ codes now just create a shim layer between ICMP codes and errors
or actions taken by protocols.
- Change ipproto_ctlinput_t to pass just pointer to ICMP header. This
allows protocols to not deduct it from the internal IP header.
- Change ip6proto_ctlinput_t to pass just struct ip6ctlparam pointer.
It has all the information needed to the protocols. In the structure,
change ip6c_finaldst fields to sockaddr_in6. The reason is that
icmp6_input() already has this address wrapped in sockaddr, and the
protocols want this address as sockaddr.
- For UDP tunneling control input, as well as for IPSEC control input,
change the prototypes to accept a transparent union of either ICMP
header pointer or struct ip6ctlparam pointer.
- In icmp_input() and icmp6_input() do only validation of ICMP header and
count bad packets. The translation of ICMP codes to errors/actions is
done by protocols.
- Provide icmp_errmap() and icmp6_errmap() as substitute to inetctlerrmap,
inet6ctlerrmap arrays.
- In protocol ctlinput methods either trust what icmp_errmap() recommend,
or do our own logic based on the ICMP header.
Differential revision: https://reviews.freebsd.org/D36731
where struct ipsec_methods is defined. Not a functional change.
Allows further modification of method prototypes without breaking
compilation of other ipsec compilation units.
Differential revision: https://reviews.freebsd.org/D36730
Now these functions are called only from icmp*_input(). The pointer
to the ICMP data is never NULL and cmd has a limited set of values.
In the past the functions were demultiplexing control messages from
ICMP layer, as well as internally generated events. In the latter
case the the pointer to IP would be NULL.
Differential revision: https://reviews.freebsd.org/D36729
and mark those PRC_* codes, that are used. The rest are dead code.
This is not a functional change, but illustrative to make easier
review of following changes.
After decoupling of protosw(9) and IP wire protocols in 78b1fc05b2 for
IPv4 we got vector ip_ctlprotox[] that is executed only and only from
icmp_input() and respectively for IPv6 we got ip6_ctlprotox[] executed
only and only from icmp6_input(). This allows to use protocol specific
argument types in these methods instead of struct sockaddr and void.
Reviewed by: melifaro
Differential revision: https://reviews.freebsd.org/D36727
The netinet/ipprotosw.h and netinet6/ip6protosw.h were KAME relics, with
the former removed in f0ffb944d2 in 2001 and the latter survived until
today. It has been reduced down to only one useful declaration that
moves to ip6_var.h
Reviewed by: melifaro
Differential revision: https://reviews.freebsd.org/D36726
With this change one can make a forward declaration of a function
that is of UDP tunneling type.
Reviewed by: melifaro
Differential revision: https://reviews.freebsd.org/D36724
The Adler32 digest consists of two 16-bit words whose values are
calculated modulo 65521 (largest prime < 2^16). To avoid two division
instructions per byte, this version copies an optimization found in
zlib which defers the modulus until close to the point that the
intermediate sums can overflow 2^32. (zlib uses NMAX == 5552 for
this, this version uses 5000)
The bug is that in the deferred modulus case, the modulus was
only applied to the high word (and twice at that) but not to
the low word. The fix is to apply it to both words.
Reviewed by: jhibbits
Reported by: Miod Vallat <miod@openbsd.org>
Differential Revision: https://reviews.freebsd.org/D36798
GCC warns about the mismatched sizes on i386 where vm_paddr_t is 64
bits.
Reviewed by: imp, markj
Differential Revision: https://reviews.freebsd.org/D36750
r325506 (3cf8254f1e) extended struct pkthdr to add packet timestamp in
mbuf(9) chain. For example, cxgbe(4) and mlx5en(4) support this feature.
Use the timestamp for bpf(4) if it is available.
Reviewed by: hselasky, kib, np
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D36868
Ensure that an RFC3168 ECN reaction only occurs on non-SYN
segments.
Reviewed By: tuexen, #transport
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D36867
Flags should be M_WAITOK | M_ZERO instead of just M_ZERO
Reviewed by: markj
MFC after: 2 days
Sponsored by: Instituto de Pesquisas Eldorado (eldorado.org.br)
Differential Revision: https://reviews.freebsd.org/D36865
Simple change to allow for the individual toggling of
RFC7323 window scaling and timestamp option.
Reviewed By: rrs, tuexen, glebius, guest-ccui, #transport
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D36863
This presents the existing information in a slightly more readable way.
Reviewed by: jrtc27, markj, jhb
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D36565
Only i386 and amd64 print the decoded syscall name in the backtrace.
This de-duplication facilitates further changes and adoption by other
platforms.
Reviewed by: jrtc27, markj, jhb
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D36565
In non-periodic mode absolute timers fire at exactly the time given.
When specifying a fast clock, align the firing time so that less
timer interrupt events are needed.
Reviewed by: rrs @
Differential Revision: https://reviews.freebsd.org/D36858
MFC after: 1 week
Sponsored by: NVIDIA Networking
When doing small reads and writes use an intermediate buffer to store the
data to save locking the remote process to access data.
Reviewed by: imp @
Differential Revision: https://reviews.freebsd.org/D36633
MFC after: 1 week
Sponsored by: NVIDIA Networking
Only consider segments with the SYN bit set and the ACK bit cleared
as "new connection attempts", which result in re-using a connection
being in TIMEWAIT state. This results in consistent handling of
SYN-ACK segments.
Reviewed by: rscheff@
MFC after: 1 week
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D36864
Further updates based on ways Peter Holm found to corrupt UFS
superblocks in ways that could cause kernel hangs or crashes.
No legitimate superblocks should fail as a result of these changes.
Reported by: Peter Holm
Tested by: Peter Holm
Sponsored by: The FreeBSD Foundation
Add local functions to workaround an instruction segment trap (panic)
when the indirect functions copyin and copyout are called by an external
loadable kernel module (i.e. pfsync, zfs and linuxulator). The crash
was triggered by change 47a57144af, but
kernel binary linked with LLD 9 works fine. LLVM bisect points that LLD
behavior chaged after dc06b0bc9ad055d06535462d91bfc2a744b2f589.
This is know to affect powerpc targets only and the final fix is still
being discussed with the LLVM community.
PR: 266730
Reviewed by: luporl, jhibbits (on IRC, previous version)
MFC after: 2 days
Sponsored by: Instituto de Pesquisas Eldorado (eldorado.org.br)
Differential Revision: https://reviews.freebsd.org/D36234
When the node to insert in the rb_tree is known to precede or follow a
particular node, new methods RB_INSERT_PREV and RB_INSERT_NEXT,
defined here, allow the search for where to insert the new node begin
with that particular node, rather than at the root, to save a bit of
time.
Using those methods, instead of RB_INSERT, in managing a tree in
iommu_gas.c, saves a little time.
Reviewed by: kib
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D35516
Commit ab17854f97 fixed access to v_mount when the
vnode is unlocked for nfs_copy_file_range().
This patch does the same for nfs_advlockasync().
MFC after: 1 week
Modify db_show_sysctl_all so that it does not copy more than once the
data of the input oid, and so that what it passes to db_show_oid does
not alarm coverity.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D36847
Commit ab17854f97 fixed access to v_mount when the
vnode is unlocked for nfs_copy_file_range().
This patch does the same for nfs_ioctl().
Reviewed by: kib, markj
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D36846