Commit Graph

653 Commits

Author SHA1 Message Date
Luigi Rizzo
9758b77ff1 The new ipfw code.
This code makes use of variable-size kernel representation of rules
(exactly the same concept of BPF instructions, as used in the BSDI's
firewall), which makes firewall operation a lot faster, and the
code more readable and easier to extend and debug.

The interface with the rest of the system is unchanged, as witnessed
by this commit. The only extra kernel files that I am touching
are if_fw.h and ip_dummynet.c, which is quite tied to ipfw. In
userland I only had to touch those programs which manipulate the
internal representation of firewall rules).

The code is almost entirely new (and I believe I have written the
vast majority of those sections which were taken from the former
ip_fw.c), so rather than modifying the old ip_fw.c I decided to
create a new file, sys/netinet/ip_fw2.c .  Same for the user
interface, which is in sbin/ipfw/ipfw2.c (it still compiles to
/sbin/ipfw).  The old files are still there, and will be removed
in due time.

I have not renamed the header file because it would have required
touching a one-line change to a number of kernel files.

In terms of user interface, the new "ipfw" is supposed to accepts
the old syntax for ipfw rules (and produce the same output with
"ipfw show". Only a couple of the old options (out of some 30 of
them) has not been implemented, but they will be soon.

On the other hand, the new code has some very powerful extensions.
First, you can put "or" connectives between match fields (and soon
also between options), and write things like

ipfw add allow ip from { 1.2.3.4/27 or 5.6.7.8/30 } 10-23,25,1024-3000 to any

This should make rulesets slightly more compact (and lines longer!),
by condensing 2 or more of the old rules into single ones.

Also, as an example of how easy the rules can be extended, I have
implemented an 'address set' match pattern, where you can specify
an IP address in a format like this:

        10.20.30.0/26{18,44,33,22,9}

which will match the set of hosts listed in braces belonging to the
subnet 10.20.30.0/26 . The match is done using a bitmap, so it is
essentially a constant time operation requiring a handful of CPU
instructions (and a very small amount of memmory -- for a full /24
subnet, the instruction only consumes 40 bytes).

Again, in this commit I have focused on functionality and tried
to minimize changes to the other parts of the system. Some performance
improvement can be achieved with minor changes to the interface of
ip_fw_chk_t. This will be done later when this code is settled.

The code is meant to compile unmodified on RELENG_4 (once the
PACKET_TAG_* changes have been merged), for this reason
you will see #ifdef __FreeBSD_version in a couple of places.
This should minimize errors when (hopefully soon) it will be time
to do the MFC.
2002-06-27 23:02:18 +00:00
Kenneth D. Merry
98cb733c67 At long last, commit the zero copy sockets code.
MAKEDEV:	Add MAKEDEV glue for the ti(4) device nodes.

ti.4:		Update the ti(4) man page to include information on the
		TI_JUMBO_HDRSPLIT and TI_PRIVATE_JUMBOS kernel options,
		and also include information about the new character
		device interface and the associated ioctls.

man9/Makefile:	Add jumbo.9 and zero_copy.9 man pages and associated
		links.

jumbo.9:	New man page describing the jumbo buffer allocator
		interface and operation.

zero_copy.9:	New man page describing the general characteristics of
		the zero copy send and receive code, and what an
		application author should do to take advantage of the
		zero copy functionality.

NOTES:		Add entries for ZERO_COPY_SOCKETS, TI_PRIVATE_JUMBOS,
		TI_JUMBO_HDRSPLIT, MSIZE, and MCLSHIFT.

conf/files:	Add uipc_jumbo.c and uipc_cow.c.

conf/options:	Add the 5 options mentioned above.

kern_subr.c:	Receive side zero copy implementation.  This takes
		"disposable" pages attached to an mbuf, gives them to
		a user process, and then recycles the user's page.
		This is only active when ZERO_COPY_SOCKETS is turned on
		and the kern.ipc.zero_copy.receive sysctl variable is
		set to 1.

uipc_cow.c:	Send side zero copy functions.  Takes a page written
		by the user and maps it copy on write and assigns it
		kernel virtual address space.  Removes copy on write
		mapping once the buffer has been freed by the network
		stack.

uipc_jumbo.c:	Jumbo disposable page allocator code.  This allocates
		(optionally) disposable pages for network drivers that
		want to give the user the option of doing zero copy
		receive.

uipc_socket.c:	Add kern.ipc.zero_copy.{send,receive} sysctls that are
		enabled if ZERO_COPY_SOCKETS is turned on.

		Add zero copy send support to sosend() -- pages get
		mapped into the kernel instead of getting copied if
		they meet size and alignment restrictions.

uipc_syscalls.c:Un-staticize some of the sf* functions so that they
		can be used elsewhere.  (uipc_cow.c)

if_media.c:	In the SIOCGIFMEDIA ioctl in ifmedia_ioctl(), avoid
		calling malloc() with M_WAITOK.  Return an error if
		the M_NOWAIT malloc fails.

		The ti(4) driver and the wi(4) driver, at least, call
		this with a mutex held.  This causes witness warnings
		for 'ifconfig -a' with a wi(4) or ti(4) board in the
		system.  (I've only verified for ti(4)).

ip_output.c:	Fragment large datagrams so that each segment contains
		a multiple of PAGE_SIZE amount of data plus headers.
		This allows the receiver to potentially do page
		flipping on receives.

if_ti.c:	Add zero copy receive support to the ti(4) driver.  If
		TI_PRIVATE_JUMBOS is not defined, it now uses the
		jumbo(9) buffer allocator for jumbo receive buffers.

		Add a new character device interface for the ti(4)
		driver for the new debugging interface.  This allows
		(a patched version of) gdb to talk to the Tigon board
		and debug the firmware.  There are also a few additional
		debugging ioctls available through this interface.

		Add header splitting support to the ti(4) driver.

		Tweak some of the default interrupt coalescing
		parameters to more useful defaults.

		Add hooks for supporting transmit flow control, but
		leave it turned off with a comment describing why it
		is turned off.

if_tireg.h:	Change the firmware rev to 12.4.11, since we're really
		at 12.4.11 plus fixes from 12.4.13.

		Add defines needed for debugging.

		Remove the ti_stats structure, it is now defined in
		sys/tiio.h.

ti_fw.h:	12.4.11 firmware.

ti_fw2.h:	12.4.11 firmware, plus selected fixes from 12.4.13,
		and my header splitting patches.  Revision 12.4.13
		doesn't handle 10/100 negotiation properly.  (This
		firmware is the same as what was in the tree previously,
		with the addition of header splitting support.)

sys/jumbo.h:	Jumbo buffer allocator interface.

sys/mbuf.h:	Add a new external mbuf type, EXT_DISPOSABLE, to
		indicate that the payload buffer can be thrown away /
		flipped to a userland process.

socketvar.h:	Add prototype for socow_setup.

tiio.h:		ioctl interface to the character portion of the ti(4)
		driver, plus associated structure/type definitions.

uio.h:		Change prototype for uiomoveco() so that we'll know
		whether the source page is disposable.

ufs_readwrite.c:Update for new prototype of uiomoveco().

vm_fault.c:	In vm_fault(), check to see whether we need to do a page
		based copy on write fault.

vm_object.c:	Add a new function, vm_object_allocate_wait().  This
		does the same thing that vm_object allocate does, except
		that it gives the caller the opportunity to specify whether
		it should wait on the uma_zalloc() of the object structre.

		This allows vm objects to be allocated while holding a
		mutex.  (Without generating WITNESS warnings.)

		vm_object_allocate() is implemented as a call to
		vm_object_allocate_wait() with the malloc flag set to
		M_WAITOK.

vm_object.h:	Add prototype for vm_object_allocate_wait().

vm_page.c:	Add page-based copy on write setup, clear and fault
		routines.

vm_page.h:	Add page based COW function prototypes and variable in
		the vm_page structure.

Many thanks to Drew Gallatin, who wrote the zero copy send and receive
code, and to all the other folks who have tested and reviewed this code
over the years.
2002-06-26 03:37:47 +00:00
Warner Losh
6b891daaa5 Partially back out the "make all interfaces standard" commit. There's
a small chance that it might have broken loading the miibus, so err on
the side of caution until I can figure out what is going on.  This
backs out all but the PCI, PCIB and ISA bus interfaces being
"standard," which have been well tested...
2002-06-24 01:53:26 +00:00
Warner Losh
8c575e95cd plxcard for OLDCARD almost certainly isn't going to happen. 2002-06-23 07:31:29 +00:00
Warner Losh
f24cd27f4f As disclosed to arch@, make more interfaces standard. This allows for
easier loading of modules that might refer to these interfaces.  None
of the code that implements them is standard, just the glue.  This
bloats the kernel a whopping 8k.

Silence on: arch@
2002-06-23 07:27:24 +00:00
Julian Elischer
a835396035 A node that creates a device entry in /dev (yay devfs)
so that /dev/mumble can be the entrypoint to some networking graph,
e.g. a tunnel or a remote tape drive or whatever...

Not fully tested (by me) yet.

Submitted by:	Mark Santcroos <marks@ripe.net>
MFC after:	3 weeks
2002-06-18 21:32:33 +00:00
John Hay
cd669cef39 sppp needs slcompress.c nowadays.
PR:		39369
2002-06-17 05:40:49 +00:00
Robert Watson
a3cce19f7d kern_cap.c no longer needed. 2002-06-13 23:19:34 +00:00
Brooks Davis
22afbb6bb0 Remote pci.h/NPCI usage from i4b code.
Approved by:	hm
2002-06-13 06:04:28 +00:00
Poul-Henning Kamp
11b2dcdbbe Put geom_gpt.c under the GEOM option instead of having a special GEOM_GPT
option for it.
2002-06-10 18:49:41 +00:00
Matthew N. Dodd
26837af419 'device hea' is no longer broken.
Add 'nowerror' to a few 'hea' files to ignore warnings on volatiles.
2002-06-07 02:04:09 +00:00
Justin T. Gibbs
cdd49e97b4 Hook up the ahd driver. 2002-06-06 16:35:58 +00:00
Matthew N. Dodd
26c1165dce Add new 'hea' driver files. 2002-06-03 09:14:12 +00:00
Takanori Watanabe
80f1001813 Make oldcard and newcard kernel module work. 2002-05-30 17:38:00 +00:00
David E. O'Brien
31741f8a9e PHK claims there is a crc32.c now. 2002-05-29 21:58:56 +00:00
David E. O'Brien
22f24d720a Back out revision 1.639. PHK filed to commit the libkern file. 2002-05-29 21:57:27 +00:00
Poul-Henning Kamp
f4258597dc Add one copy of crc32() and crc32_tab[] in libkern, and remove it two other
places.

Comment out crc32 related definitions in zlib.h, we don't seem to have the
corresponding code in our kernel.
2002-05-29 20:24:09 +00:00
Marcel Moolenaar
bcd46c600a Add support to GEOM for GUID Partition Tables (GPTs). The support
is currently conditional on both the GEOM and GEOM_GPT options to
avoid getting GPT by default and having the MBR and GPT classes
clash.
The correct behaviour of the MBR class would be to back-off (reject)
a MBR if it's a Protective MBR (a MBR with a single partition of type
0xEE that spans the whole disk (as far as the MBR is concerned).
The correct behaviour if the GPT class would be to back-off (reject)
a GPT if there's a MBR that's not a Protective MBR.

At this stage it's inconvenient to destroy a good MBR when working
with GPTs that it's more convenient to have the MBR class back-off
when it detects the GPT signature on disk and have the GPT class
ignore the MBR.

In sys/gpt.h UUIDs (GUIDs) for the following FreeBSD partitions
have been defined:

GPT_ENT_TYPE_FREEBSD
	FreeBSD slice with disklabel. This is the equivalent of
	the well-known FreeBSD MBR partition type.
GPT_ENT_TYPE_FREEBSD_{SWAP|UFS|UFS2|VINUM}
	FreeBSD partitions in the context of disklabel. This is
	speculating on the idea to use the GPT to hold partitions
	instead if slices and removing the fixed (and low) limits
	we have on the number of partitions.

This commit lacks a GPT image for the regression suite.
2002-05-28 09:04:48 +00:00
Marcel Moolenaar
52183d0145 Add uuidgen(2) and uuidgen(1).
The uuidgen command, by means of the uuidgen syscall, generates one
or more Universally Unique Identifiers compatible with OSF/DCE 1.1
version 1 UUIDs.

From the Perforce logs (change 11995):

Round of cleanups:
o  Give uuidgen() the correct prototype in syscalls.master
o  Define struct uuid according to DCE 1.1 in sys/uuid.h
o  Use struct uuid instead of uuid_t. The latter is defined
   in sys/uuid.h but should not be used in kernel land.
o  Add snprintf_uuid(), printf_uuid() and sbuf_printf_uuid()
   to kern_uuid.c for use in the kernel (currently geom_gpt.c).
o  Rename the non-standard struct uuid in kern/kern_uuid.c
   to struct uuid_private and give it a slightly better definition
   for better byte-order handling. See below.
o  In sys/gpt.h, fix the broken uuid definitions to match the now
   compliant struct uuid definition. See below.
o  In usr.bin/uuidgen/uuidgen.c catch up with struct uuid change.

A note about byte-order:
        The standard failed to provide a non-conflicting and
unambiguous definition for the binary representation. My initial
implementation always wrote the timestamp as a 64-bit little-endian
(2s-complement) integral. The clock sequence was always written
as a 16-bit big-endian (2s-complement) integral. After a good
nights sleep and couple of Pan Galactic Gargle Blasters (not
necessarily in that order :-) I reread the spec and came to the
conclusion that the time fields are always written in the native
by order, provided the the low, mid and hi chopping still occurs.
The spec mentions that you "might need to swap bytes if you talk
to a machine that has a different byte-order". The clock sequence
is always written in big-endian order (as is the IEEE 802 address)
because its division is resulting in bytes, making the ordering
unambiguous.
2002-05-28 06:16:08 +00:00
Poul-Henning Kamp
291daf5735 Add a proof-of-concept encryption class.
"The only hard problem in cryptography is key-management."

All sectors are encrypted with AES in CBC mode using a constant key,
currently compiled in and all zero.

To activate this module, write the magic header on the partition:

	echo "<<FreeBSD-GEOM-AES>>" | dd conv=sync of=/dev/md98

The encrypted device will be one sector shorter and have ".aes"
appended to its name.

Sponsored by: DARPA & NAI Labs.
2002-05-26 18:14:38 +00:00
Robert Watson
2bab796d96 Remove IFS from 5.0-CURRENT. This facilitates introducing UFS2 as
IFS had its fingers deep in the belly of the UFS/FFS split.  IFS
will be reimplemented by the maintainer at a later date.

Requested by:	adrian (maintainer)
2002-05-19 00:11:08 +00:00
Tom Rhodes
d394511de3 More s/file system/filesystem/g 2002-05-16 21:28:32 +00:00
Ian Dowse
2bf6dd18ba The ufs/ffs files are no longer required by ext2fs. 2002-05-16 20:54:44 +00:00
Ian Dowse
9504abaad7 Complete the separation of ext2fs from ufs by copying the remaining
shared code and converting all ufs references. Originally it may
have made sense to share common features between the two filesystems,
but recently it has only caused problems, the UFS2 work being the
final straw.

All UFS_* indirect calls are now direct calls to ext2_* functions,
and ext2fs-specific mount and inode structures have been introduced.
2002-05-16 19:08:03 +00:00
Bruce Evans
7085e70878 Reconnect db_elf.c to the build (now under "options DDB_NOKLDSYM"). It
doesn't actually build yet.
2002-05-07 10:59:52 +00:00
Jeff Roberson
8efc4eff00 Add a new UMA debugging facility. This will overwrite freed memory with
0xdeadc0de and then check for it just before memory is handed off as part
of a new request.  This will catch any post free/pre alloc modification of
memory, as well as introduce errors for anything that tries to dereference
it as a pointer.

This code takes the form of special init, fini, ctor and dtor routines that
are specificly used by malloc.  It is in a seperate file because additional
debugging aids will want to live here as well.
2002-04-30 07:54:25 +00:00
Eric Anholt
67a2a28fe4 Hook the DRM up to the build and add it to NOTES.
Approved by:	des
2002-04-28 04:58:40 +00:00
Scott Long
fe3cb0e1ec Add a CAM interface to the aac driver. This is useful in case you should
ever connect a SCSI Cdrom/Tape/Jukebox/Scanner/Printer/kitty-litter-scooper
to your high-end RAID controller.  The interface to the arrays is still
via the block interface; this merely provides a way to circumvent the
RAID functionality and access the SCSI buses directly.  Note that for
somewhat obvious reasons, hard drives are not exposed to the da driver
through this interface, though you can still talk to them via the pass
driver.  Be the first on your block to low-level format unsuspecting
drives that are part of an array!

To enable this, add the 'aacp' device to your kernel config.

MFC after:	3 days
2002-04-27 01:31:17 +00:00
Justin T. Gibbs
e905720a60 aic7xxx_freebsd.c -> aic7xxx_osm.c 2002-04-24 16:59:47 +00:00
Semen Ustimenko
9cd64fb3dd Move tx(4) driver to sys/dev/tx. BTW split hardware structures and constants
into if_txreg.h.

MFC after:	1 week
2002-04-19 22:43:57 +00:00
Matthew N. Dodd
906cf7526c - Convert the 'hfa' ATM interface driver to newbus.
- Add stubs for EISA and SBUS cards.
  (VME, FutureBUS, and TurboChannel stubs not provided.)
- Add infrastructure to build driver and bus front-end modules.
2002-04-17 00:26:09 +00:00
Julian Elischer
440d3f4df5 Add entry for the myson ethernet driver
Submitted by:	Myson , Taiwan
2002-04-16 20:23:58 +00:00
Scott Long
df263cbd02 Add a filesystem driver for the Universal Disk Format. For more info,
see http://people.freebsd.org/~scottl/udf

 MFC after:	when asmodai gets the backport done
 Prodded by:	phk asmodai des
2002-04-14 16:36:49 +00:00
Warner Losh
41544fe68c Forgot to commit this when I committed the rest of the hostap stuff. 2002-04-12 06:19:18 +00:00
Jake Burkholder
b1377f8959 Add the se driver. 2002-04-09 00:30:43 +00:00
Thomas Moestl
635435f4f6 Add a driver back end for the Mostek MK48T02, MK48T08 and MK48T59
time-of-day clocks, ported from NetBSD. The front-ends are expected
to be at least partly machine-dependent; the sparc64 EBus and SBus
ones will be commited to MD directories for now (in a subsequent commit).
2002-04-04 23:44:42 +00:00
Thomas Moestl
d7f7792edf Add a generic implementation of inittodr() and resettodr(), as well as
a set of helper routines to deal with real-time clocks. The generic
functions access the clock diver using a kobj interface. This is intended
to reduce code reduplication and make it easy to support more than one
clock model on a single architecture.

This code is currently only used on sparc64, but it is planned to convert
the code of the other architectures to it later.
2002-04-04 23:39:10 +00:00
Warner Losh
1be58af16e Add if_wi_{pccard,pci}.c for pccard and pci bus front ends 2002-04-02 02:50:48 +00:00
Matthew N. Dodd
c2329af77a Don't nowerror for sys/dev/pdq/pdq.c 2002-03-30 17:41:23 +00:00
Poul-Henning Kamp
d93b7c5dcd Add preliminary PC98 class to GEOM.
I have not been able to find very much information about the PC98
extended partition layout so this is gleaned from the source in
our pc98 architecture.  Corrections and patched very welcome.

Sponsored by: DARPA and NAI Labs.
2002-03-28 21:38:38 +00:00
Poul-Henning Kamp
3773a65c0b Be more systematic about conversion of on-disk formats in a endian/width
agnostic way.

Collapse the MBR and MBREXT methods into one file and make them endian/width
agnostic.

Sponsored by:	DARPA & NAI Labs.
2002-03-24 11:21:41 +00:00
Nicolas Souchu
c17d43407f Major rework of the iicbus/smbus framework:
- VIA chipset SMBus controllers added
	- alpm driver updated
	- Support for dynamic modules added
	- bktr FreeBSD smbus updated but not tested
	- cleanup
2002-03-23 15:49:15 +00:00
Jeff Roberson
8355f576a9 This is the first part of the new kernel memory allocator. This replaces
malloc(9) and vm_zone with a slab like allocator.

Reviewed by:	arch@
2002-03-19 09:11:49 +00:00
Josef Karthauser
916e6e02e5 Add a USB comm driver.
Ported from NetBSD by:	akiyama
2002-03-18 18:23:42 +00:00
Poul-Henning Kamp
132f08d017 Teach GEOM about Sun disklabel formats.
The detection code in this method is written so that it should work on
all architectures which means that you can plug a Sun disk into a i386
now and access the partitions.

We still need an endian-agnostic ufs/ffs before this is really
interresting, but the main focus was to get sparc64 onto the GEOM
trail.
2002-03-15 21:44:08 +00:00
Poul-Henning Kamp
e8645018a0 Add GEOM to conf/files. 2002-03-11 08:24:12 +00:00
Seigo Tanimura
5d0451a3ed Add sys/dev/ufm.c.
Forgotten by:	alfred
Spotted by:	LINT
2002-03-05 11:19:23 +00:00
Hajimu UMEMOTO
b5a8f767a6 - Speedup 3DES by using assembly code for i386.
- Sync des/blowfish to more recent openssl.

Obtained from:	KAME/NetBSD
MFC after:	2 weeks
2002-03-05 09:19:02 +00:00
Mitsuru IWASAKI
899ccf541a Add generalized power profile code.
This makes other power-management system (APM for now) to be able to
generate power profile change events (ie. AC-line status changes), and
other kernel components, not only the ACPI components, can be notified
the events.

 - move subroutines in acpi_powerprofile.c (removed) to kern/subr_power.c
 - call power_profile_set_state() also from APM driver when AC-line
   status changes
 - add call-back function for Crusoe LongRun controlling on power
   profile changes for a example
2002-03-04 18:46:13 +00:00
Peter Wemm
654694bf54 Tag if_ie.c, isp.c and isp_pci.c as nowerror (qualifier problems, and third
party code)
2002-02-27 23:55:42 +00:00