Commit Graph

257867 Commits

Author SHA1 Message Date
Kristof Provost
ab5707a5cf libpfctl: Fix u_* counters
struct pf_rule had a few counter_u64_t counters. Those couldn't be
usefully comminicated with userspace, so the fields were doubled up in
uint64_t u_* versions.

Now that we use struct pfctl_rule (i.e. a fully userspace version) we
can safely change the structure and remove this wart.

Reviewed by:	glebius
MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29645
2021-04-10 11:16:03 +02:00
Kristof Provost
e9eb09414a libpfctl: Switch to pfctl_rule
Stop using the kernel's struct pf_rule, switch to libpfctl's pfctl_rule.
Now that we use nvlists to communicate with the kernel these structures
can be fully decoupled.

Reviewed by:	glebius
MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29644
2021-04-10 11:16:02 +02:00
Kristof Provost
a9b338b260 pf: Move prototypes for userspace functions to userspace header
These functions no longer exist in the kernel, so there's no reason to
keep the prototypes in a kernel header. Move them to pfctl where they're
actually implemented.

Reviewed by:	glebius
MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29643
2021-04-10 11:16:02 +02:00
Kristof Provost
956e7d2325 bsnmp: Use libpfctl
Reviewed by:	glebius
MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29642
2021-04-10 11:16:02 +02:00
Kristof Provost
95be9288f0 (t)ftp-proxy: use libpfctl
Reviewed by:	glebius
MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29641
2021-04-10 11:16:02 +02:00
Kristof Provost
0d71f9f36e pfctl: Move ioctl abstraction functions into libpfctl
Introduce a library to wrap the pf ioctl interface.

MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29562
2021-04-10 11:16:02 +02:00
Kristof Provost
0dd13c7743 libnv: Build PIC
Build libnv as position independent code so we can use it from shared
libraries.

MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29561
2021-04-10 11:16:01 +02:00
Kristof Provost
0d6c8174ef pfctl: Use the new DIOCGETRULENV ioctl
Create wrapper functions to handle the parsing of the nvlist and move
that code into pfctl_ioctl.c.
At some point this should be moved into a libpfctl.

MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29560
2021-04-10 11:16:01 +02:00
Kristof Provost
d710367d11 pf: Implement nvlist variant of DIOCGETRULE
MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29559
2021-04-10 11:16:01 +02:00
Kristof Provost
5c11c5a365 pfctl: Move to DIOCADDRULENV
Start using the new nvlist based ioctl to add rules.

MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29558
2021-04-10 11:16:01 +02:00
Kristof Provost
5c62eded5a pf: Introduce nvlist variant of DIOCADDRULE
This will make future extensions of the API much easier.
The intent is to remove support for DIOCADDRULE in FreeBSD 14.

Reviewed by:	markj (previous version), glebius (previous version)
MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29557
2021-04-10 11:16:00 +02:00
Edward Tomasz Napierala
28b475b018 Cross-reference camcontrol(8) and zonectl(8) man pages. 2021-04-10 10:13:29 +01:00
Edward Tomasz Napierala
44f3b1aa98 rc: kldxref only needs to depend on rootfs, not FILESYSTEMS
This makes it run a bit earlier in the startup, which will
be useful for the linux rc script later on.

Reviewed By:	imp (earlier version)
Sponsored By:	EPSRC
Differential Revision:	https://reviews.freebsd.org/D29589
2021-04-10 09:31:12 +01:00
Ed Maste
041c504942 Regen src.conf.5 after 9d178c925f 2021-04-09 22:24:08 -04:00
Ed Maste
9d178c925f Drop 'Set to' from most src.conf(5) knobs
The description is clearly what effect the knob has when set, so the
additional text was unnecessary.

Reviewed by:	jhb, se
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D29583
2021-04-09 22:23:03 -04:00
Konstantin Belousov
94172affa4 amd64: clear debug registers on execing 32bit Linux binary
Reviewed by:	jhb
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29687
2021-04-10 04:25:02 +03:00
Konstantin Belousov
d50adfec9e amd64: clear debug registers on execing 32bit native binary
Reviewed by:	jhb
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29687
2021-04-10 04:25:02 +03:00
Konstantin Belousov
2f15884747 amd64 linux64: use x86_clear_dbregs()
instead of manually inlining it

Reviewed by:	jhb
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29687
2021-04-10 04:25:02 +03:00
Konstantin Belousov
290b0d123a x86: use x86_clear_dbregs() on fork
instead of manual zeroing of the debug registers file in pcb.
This centralizes the cleaning code, but the practical difference is
that PCB_DBREGS flag is cleared, saving some operations on context
switching.

Reviewed by:	jhb
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29687
2021-04-10 04:25:02 +03:00
Konstantin Belousov
a8b75a57c9 x86: add x86_clear_dbregs() helper
Move the code from exec_setregs() to reset debug registers state on exec,
to the x86_clear_dbregs() helper

Reviewed by:	jhb
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29687
2021-04-10 04:25:01 +03:00
John Baldwin
86e352c934 Fix a typo in a comment: frame -> framework.
MFC after:	1 week
Sponsored by:	Chelsio Communications
2021-04-09 16:10:55 -07:00
John Baldwin
6a06b00a0d nlmrsa: Remove this deprecated driver.
Relnotes:	yes
Sponsored by:	Chelsio Communications
2021-04-09 16:10:31 -07:00
Warner Losh
066b096d13 efivar: use bool for booleans
Rather than int flags we ++, use booleans for all command line args.
No functional change intended.

Reviewed by:		markj@
Sponsored by:		Netflix, Inc
Differential Revision:	https://reviews.freebsd.org/D29621
2021-04-09 16:36:44 -06:00
Warner Losh
0292a5c95f efivar: Attempt to fix setting/printing/deleting EFI vars with '-' in their name
Due to how we're parsing UUIDs, we were disallowing setting, printing or
deleting any UEFI variable with a '-' in it when you attempted to do that
operation with the exact name (wildcard reporting was unaffected). Fix the
parser to loop over all the dashes in the name and only give up when all
possible matches are exhausted.

Reviewed by:		markj@
Sponsored by:		Netflix, Inc
Differential Revision:	https://reviews.freebsd.org/D29620
2021-04-09 16:36:40 -06:00
Warner Losh
3c0dcbfc85 efivar: Add --quiet to not report errors
Add -q/--quiet flag to the command line. With it, errors are not reported at
all. Instead nothing is printed and the exit code is non-zero.

Reviewed by:		markj
Sponsored by:		Netflix, Inc
Differential Revision:	https://reviews.freebsd.org/D29619
2021-04-09 16:36:20 -06:00
Gleb Smirnoff
1a7fe55ab8 tcp_hostcache: make THC_LOCK/UNLOCK macros to work with hash head pointer.
Not a functional change.
2021-04-09 14:07:35 -07:00
Gleb Smirnoff
4f49e3382f tcp_hostcache: style(9)
Reviewed by:	rscheff
2021-04-09 14:07:27 -07:00
Gleb Smirnoff
7c71f3bd6a tcp_hostcache: remove extraneous check.
All paths leading here already checked this setting.

Reviewed by:	rscheff
2021-04-09 14:07:19 -07:00
Gleb Smirnoff
0c25bf7e7c tcp_hostcache: implement tcp_hc_updatemtu() via tcp_hc_update.
Locking changes are planned here, and without this change too
much copy-and-paste would be between these two functions.

Reviewed by:	rscheff
2021-04-09 14:06:44 -07:00
Konstantin Belousov
e8b9c508b7 rtld: use _get_tp() in __tls_get_addr()
This eliminates some non-trivial amount of code duplication, where done.
Only x86 and mips are handled right now.

Tested by:      bdragon (powerpc), mhorne (riscv)
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
7cb32a0d03 rtld: avoid recursing on rtld_bind_lock for write
This fixes a regression in d36d681615, where the call to
__tls_get_address() was performed under rtld_bind_lock write-locked.
Instead use tls_get_addr_slow() directly, with locked = true.

Reported by:	jkim, many others
Tested by:	jkim, bdragon (powerpc), mhorne (riscv)
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
8950804842 rtld: allow to use tls_get_addr_slow() from context where rtld_bind_lock is locked
Explicit locked parameter is added

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
85d846b369 rtld: style tls_get_addr_slow
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
dbd2053026 libc dl_iterate_phdr(): dlpi_tls_data is wrong
This is the same change as d36d681615, but for libc static implementaion
of dl_iterate_phdr().

Reported by:	emacsray@gmail.com
PR:	254774
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
ca46b5698e libc: implement __tls_get_addr() for static binaries
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
06d8a116bd libc: add _get_tp() private function
which returns pointer to tcb

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
99c2ce7ef1 rtld: define TLS_DTV_OFFSET on all architectures
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
7f7489eba3 libc: include rtld.h into static implementations of rtld interface
and resolve naming conficts

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
93c14c55ec libc: constify dummy error message string for dlfcn
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:23 +03:00
Konstantin Belousov
34ca6025dd rtld_lock.h: Expand scope for IN_RTLD to avoid some conflicts with libc
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:23 +03:00
Konstantin Belousov
f61ecf60cf rtld/x86/reloc.c: style
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:23 +03:00
Konstantin Belousov
38e0610df7 rtld_lock.h: remove tautological extern's
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:23 +03:00
Konstantin Belousov
2fd1ffefaa Stop arming kqueue timers on knote owner suspend or terminate
This way, even if the process specified very tight reschedule
intervals, it should be stoppable/killable.

Reported and reviewed by:	markj
Tested by:	markj, pho
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D29106
2021-04-09 23:43:51 +03:00
Konstantin Belousov
533e5057ed Add helper for kqueue timers callout scheduling
Reviewed by:	markj
Tested by:	markj, pho
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D29106
2021-04-09 23:42:56 +03:00
Konstantin Belousov
4d27d8d2f3 Stop arming realtime posix process timers on suspend or terminate
Reported and reviewed by:	markj
Tested by:	markj, pho
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D29106
2021-04-09 23:42:51 +03:00
Konstantin Belousov
dc47fdf131 Stop arming periodic process timers on suspend or terminate
Reported and reviewed by:	markj
Tested by:	markj, pho
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D29106
2021-04-09 23:42:44 +03:00
Alexander V. Chernikov
ee2cf2b360 Implement better rebuild-delay fib algo policy.
The intent is to better handle time intervals with large amount of RIB
updates (e.g. BGP peer going up or down), while still keeping low sync
delay for the rest scenarios.

The implementation is the following: updates are bucketed into the
buckets of size 50ms. If the number of updates within a current bucket
 exceeds the threshold of 500 routes/sec (e.g. 10 updates per bucket
interval), the update is delayed for another 50ms. This can be repeated
 until the maximum update delay (1 sec) is reached.

All 3 variables are runtime tunables:

* net.route.algo.fib_max_sync_delay_ms: 1000
* net.route.algo.bucket_change_threshold_rate: 500
* net.route.algo.bucket_time_ms: 50

Differential Review:	https://reviews.freebsd.org/D29588
MFC after:		2 weeks
2021-04-09 21:33:03 +01:00
Vincenzo Maffione
172c5eb272 netmap: vtnet: remove unused variable
Reported by:	bdragon
2021-04-09 19:33:41 +00:00
Gordon Bergling
46c9952807 sysctl.conf(5): Mention sysctl.conf.local in the sysctl.conf(5) manual page
The possibility of using a sysctl.conf.local on a machine that has a shared
sysctl.conf(5) isn't documented. So mention the sysctl.conf.local in the
manual page.

PR:	254901
Submitted by:	Jose Luis Duran <jlduran at gmail dot com>
Reported by:	Jose Luis Duran <jlduran at gmail dot com>
Reviewed by:	markj
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D29673
2021-04-09 17:28:18 +02:00
Dmitry Chagin
f2400e6e83 Removed the reference to the deprecated splx API from ifnet(9).
Reviewed by:		emaste, markj
PR:			254880
MFC After:		1 week
Differential Revision:	https://reviews.freebsd.org/D29666
2021-04-09 17:22:12 +03:00