It is impossible to compile pfctl with OPT_DEBUG due to integer width mismatch:
/usr/home/kajetan.staszkiewicz/freebsd.git/sbin/pfctl/pfctl_optimize.c:1479:9: error: format specifies type 'unsigned int' but the argument has type 'unsigned long' [-Werror,-Wformat]
i - pf_rule_desc[closest].prf_off--- pfctl_optimize.o ---
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/home/kajetan.staszkiewicz/freebsd.git/sbin/pfctl/pfctl_optimize.c:52:44: note: expanded from macro 'DEBUG'
printf("%s: " str "\n", __FUNCTION__ , ## v)
~~~ ^
1 error generated.
Reviewed by: kp
Obtained from: OpenBSD (pfctl_optimize.c 1.15)
Differential Revision: https://reviews.freebsd.org/D38918
epairs currently shuttle all transmitted packets through a single global
taskqueue thread. To hand packets over to the taskqueue thread, each
epair maintains a pair of ring buffers and a lockless scheme for
notifying the thread of pending work. The implementation can lead to
lost wakeups, causing to-be-transmitted packets to end up stuck in the
queue.
Rather than extending the existing scheme, simply replace it with a
linked list protected by a mutex, and use the mutex to synchronize
wakeups of the taskqueue thread. This appears to give equivalent or
better throughput with >= 16 producer threads and eliminates the lost
wakeups.
Reviewed by: kp
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: Modirum MDPay
Differential Revision: https://reviews.freebsd.org/D38843
The m_flags field of struct mbuf is 24 bits wide and so gets truncated
in a couple of places in the epair code. Instead of preserving the
entire flag set, just remember whether M_BCAST or M_MCAST is set.
MFC after: 1 week
Sponsored by: Klara, Inc.
sender_body() uses OPT_COPY to copy the frame into the destination slot
for the first 100,000 packets. Then it removes OPT_COPY to improve
performance. The function always starts with the first tx ring.
If multiple tx rings are in use, it is possible that the initial 100k
packets will only use the first ring. After OPT_COPY is removed, there
may come a time when the first ring is full and sender_body() will move
to the next ring which was never initialized. As a result it will send
all zero packets. (This was discovered when the receiving NIC reported
rx errors.)
Before any transmissions, step through every tx ring and set
NS_BUF_CHANGED on every slot. That will force send_packets() to
initialize the slot when first used. Since it only copies when
necessary, it performs better than always setting OPT_COPY. With this
change, there is no reason for the "drop copy" code.
Submitted by: Brian Poole <brian90013@gmail.com>
MFC after: 7 days
Summary: IFNET_RLOCK() is not sufficient, the epoch needs entered.
Reviewed by: hselasky
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D38711
When using the --suspend and --checkpoint parameter, bhyvectl will
produce two checkpoint images and the exits. This is slightly ambiguous.
So, permit only one of theses parameters at the same time.
Reviewed by: corvink, markj
MFC after: 1 week
Sponsored by: vStack
Differential Revision: https://reviews.freebsd.org/D38887
init_checkpoint_thread binds to a socket. Bhyve isn't allowed to do that
after caph_enter.
Reviewed by: corvink, markj
MFC after: 1 week
Sponsored by: vStack
Differential Revision: https://reviews.freebsd.org/D38857
This update provides a more detailed description of FFS/UFS snapshots
and adds links to useful man pages.
Requested by: Graham Perrin
Submitted by: darius-dons.net.au
Reviewed by: Ravi Pokala
PR: 266358
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D38817
To allow hardware to work around a broken memory bus where we need to
support the nonposted-mmio flag.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D34333
On arm64 PCI config memory is expected to be mapped with a non-posted
device type. To handle this use the new bus_map_resource support in
arm64 to map memory with the new VM_MEMATTR_DEVICE_NP attribute. This
memory has already been allocated and activated, it just needs to be
mapped.
Reviewed by: kevans, mmel
Differential Revision: https://reviews.freebsd.org/D30079
This fixes an instapanic when restarting wpa_supplicant on my laptop's
iwlwifi device. After this change, iwlwifi enters a nonfunctional
state if wpa_supplicant is restarted, but "service netif restart wlan0"
is enough to get it working again.
releng/13.2 candidate.
Reviewed by: bz
MFC after: 3 days
When the kernel is built without capability mode support, or when
using an emulator like qemu-user-static that does not translate
system calls, these calls will return a negative number and set
the errno to ENOSYS. However, this error does not indicate a
real programming or runtime error and is generally ignored by
base system applications built with capability mode sandboxing.
Match this behavior by making xz(1) to ignore ENOSYS errors
when calling capability mode system calls too.
PR: 269185
Reported by: Dan Kotowski
MFC after: 2 days
netlink(4) and associated features will exist in FreeBSD 14.0 but they
will also exist in 13.2, an older version, from commits such as 02b958b1
and b309249b.
This commit needs merging to stable/13 and releng/13.2.
MFC after: 2days (needs to be in RC2)
Reviewed by: imp,melifaro
Pull Request: https://github.com/freebsd/freebsd-src/pull/651
Many pf tests use identical setup where one jail is a router and
optionally another jail is a server. Add functions to create such jails
for IPv6 and IPv4 and functions to perform tests on such setup.
Add tests using those functions: scrub actions, routing table, tcp
sequence number modulation.
Reviewed by: kp
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D38126
For further use in linux_ioctl_socket add bsd_to_linux_ifflags() which
accepts FreeBSD interface flags and translate it to Linux if flags.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D38873
Split the linux_ioctl_socket() function on two counterparts, where
the linux_ioctl_socket_ifreq() intended to use in a code path which
requires the struct ifreq manipulation, i.e., translating in/out
values of the struct, while the linux_ioctl_socket() function is left
as is, it calls sys_ioctl() without touching in/out values.
Due to structures ifreq, sockaddr difference between FreeBSD and Linux
the linux_ioctl_socket_ifreq() calls kern_ioctl() directly, converting
in and out values to FreeBSD and to Linux accordingly.
Finally, modify the ifname_linux_to_bsd() to return error code, not
an unstable reference to the interface.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D38794
For now we are using mixed names to access struct ifreq members, some
of Linux (ifr_name, ifr_ifindex), others of FreeBSD. To avoid conflicts
switch to use FreeBSD names.
Reviewed by: jhibbits
Differential Revision: https://reviews.freebsd.org/D38792
Enter the net epoch when traversing a list of interfaces. For that
split the ifname_linux_to_bsd() function on two counterparts, where
the ifname_linux_to_ifp() intended to use in epoch, while the
ifname_linux_to_bsd() intended to be a self-contained.
Until the linux_ioctl_coket() function is refactored, the
ifname_linux_to_bsd() temporarily returns interface outside
of the net epoch.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D38790
Migrate linux and linprocfs to use the IfAPI interfaces instead of
direct ifnet accesses.
The code initially writed by jhibbits@, and adapted by me to 3ab3c9c2.
Reviewed by: jhibbits
Differential Revision: https://reviews.freebsd.org/D38735
If there is no source filter entry => block if that's SSM ("exclude"
mode per RFC 3678 clause 3). If there is an entry => check its action &
block if the action is "exclude".
It would be nice if the test case in this PR were converted into an ATF
test case, but not blocking on that.
Reviewed by: imp, melifaro
Pull Request: https://github.com/freebsd/freebsd-src/pull/601
On some hardware, we can't clear HCR_EL2.E2H so accesses to the physical
timer hopelessly trap to EL2. Stash off the value of HCR_EL2 and use it
in has_hyp() to avoid this.
Reviewed by: andrew
Differential Revision: https://reviews.freebsd.org/D38884
