[builtins][Mips] Un-break FreeBSD build of __clear_cache
Commit 674a17e9bbe8 ("MIPS/compiler_rt: use synci to flush icache on
r6") completely removed the OS-specific guards under the guise of "For
pre-r6, we can use cacheflush libc function, which is same on Linux and
FreeBSD." However, the code in question had guards for Linux and
OpenBSD, not Linux and FreeBSD, and FreeBSD does not have a cacheflush
libc function as claimed, so this was neither the statement they
intended to make nor was it sufficient justification for making the code
completely unconditional. Whilst the upcoming FreeBSD 14 release has
dropped support for MIPS, FreeBSD 13 has support for it.
Fix this by only calling cacheflush on the OSes where it was previously
called, and not on other OSes where it either definitely isn't available
(FreeBSD) or is unknown (any other OS than the three mentioned in this
commit).
This is only needed for MFC'ing, as mips has been removed from
14-CURRENT.
PR: 271047
MFC after: immediately
While at it, correct the string for 300 series ones, these also are
already xHCI 3.1.
Fixes: d171d2f2 Add AHCI/XHCI device IDs found on AMD Ryzen+B350 system
Neither of the remaining callers to pmap_kremove() warrant inlining.
Those calls rarely occur. In other words, we were optimizing for the
uncommon case.
MFC after: 1 week
pmap_unmapbios() can simply call pmap_kremove_device() rather than
duplicating its code.
While I'm here, add a comment to pmap_kremove_device() explaining its
proper use, and fix a whitespace issue.
MFC after: 1 week
* em(4) obey administrative ifcaps for using hwcsum offload
* em(4) obey administrative ifcaps for hw vlan receive tagging
* em(4) add additional TSO6 ifcap, but disabled by default as is TSO4
* lem(4) obey administrative ifcaps for using hwcsum offload
* lem(4) add support for hw vlan receive tagging
* lem(4) Add ifcaps for TSO offload experimentation, but disabled by
default due to errata and possibly missing txrx code.
* lem(4) disable HWCSUM ifcaps by default on 82547 due to errata around
full duplex links. It may still be administratively enabled.
Reviewed by: markj (previous version)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D30072
I believe that there are two reasons that the missing TAILQ
initialization operations haven't caused a problem. First, the TAILQ
head's first field is being initialized to zeroes elsewhere. Second,
the first access to the TAILQ head's last field is by
TAILQ_INSERT_HEAD(), which assigns to the last field without reading
it when the first field is NULL.
Reviewed by: kib, markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D41118
Ipsec needs access to packet headers to determine if a policy is
applicable. It seems that typically IP headers are mapped, but the code
is arguably needs to check this before blindly accessing them. Then,
operations like m_unshare() and m_makespace() are not yet ready for
unmapped mbufs.
Ensure that the packet is mapped before calling into IPSEC_OUTPUT().
PR: 272616
Reviewed by: jhb, markj
Sponsored by: NVidia networking
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D41112
Just spent a few minutes puzzling out why we do this. Add a comment to
remind my future self (and other intersted folk) why we do the reset
here when we'd set it a few lines above.
Sponsored by: Netflix
Ensure that SCTP connections survive a failover to the backup pf
instance.
MFC after: 3 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D40869
Explicitly test that we cannot change the port number with rdr.
That's not a desireable feature on SCTP, because it could break
multihomed connections.
MFC after: 3 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D40868
Support NAT-ing SCTP connections.
This is mostly similar to UDP and TCP, but we refuse to change ports for
SCTP, to avoid interfering with multihomed connections.
As a result we also never copy the SCTP header back or recalculate
checksums as we'd do for TCP or UDP (because we don't modify the header
for SCTP).
We do use the existing pf_change_ap() function to modify the packet,
because we may still need to update the IPv4 header checksum.
Reviewed by: tuexen
MFC after: 3 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D40866
Ensure that we send a correct abort message for 'block return' rules.
Test this by validating that nc doesn't sit around waiting for a
connection. It should give up immediately when it receives the abort.
MFC after: 3 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D40865
Send an SCTP Abort message if we're refusing a connection, just like we
send a RST for TCP.
MFC after: 3 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D40864
pf can now inspect SCTP. Check that we can set up a connection.
IPv4 and IPv6 tests.
MFC after: 3 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D40863
Basic state tracking for SCTP. This means we scan through the packet to
identify the different chunks (so we can identify state changes).
MFC after: 3 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D40862
This function is always available, even if the SCTP or SCTP_SUPPORT options
are not set.
That lets us remove an ifdef, and also means we improve pf's SCTP handling
when the options are not set.
MFC after: 3 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D40911
As of pytest 7.4 it no longer walks all the way to the root directory
of the file system to find conftest files. As a result we don't find /
usr/tests/conftest.py, and don't load atf_python. That in turn causes
atf_python tests to fail.
Explicitly set the confcutdir, as advised by the pytest changelog.
See also: https://github.com/pytest-dev/pytest/pull/11043
MFC after: 3 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D41064
vcpu_info is crucial for the Xen event channel core. Since both the
data and setup steps are identical between architectures, move them to
the common file. Since there is no cross-architecture method to call
a function on every processor during bring-up, simply leave the setup
function.
The number of vcpu_info structures available on the shared information
page varies by architecture. Instead of hard-coding the count use
nitems(). Add a warning message for this being used.
Switch to XEN_VCPUID() and use Xen's typedefs.
panic() on failure since >32 processors is no longer unusual.
royger: Specify 64-byte alignment for vcpu_info to try to defend
against vcpu_info crossing a page boundary. Add detection for this
limit.
Reviewed by: royger
Add CAM_NVME_STATUS_ERROR error code. Flag all NVME commands that
completed with an error status as CAM_NVME_STATUS_ERROR (a new value)
instaead of CAM_REQ_CMP_ERR. This indicates to the upper layers of CAM
that the 'cpl' field for nvmeio CCBs is valid and can be examined for
error recovery, if desired.
No functional change. nda will still see these as errors, call
ndaerror() to get the error recovery action, etc. cam_periph_error will
select the same case as before (even w/o the change, though the change
makes it explicit).
Sponsored by: Netflix
Reviewed by: chuck, mav, jhb
Differential Revision: https://reviews.freebsd.org/D41085
The NVME SIM does not generate these status values, so remove them.
Sponsored by: Netflix
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D41084
This is normally caught by default:, but no harm in making it explicit
that we'll retry valid periphs.
Sponsored by: Netflix
Reviewed by: mav
Differential Revision: https://reviews.freebsd.org/D41083
0x18/0x8 is another code to indicate that the data was recovered
successfully, so complete the command w/o an error rather than retry the
operation.
Sponsored by: Netflix
Reviewed by: mav, jhb
Differential Revision: https://reviews.freebsd.org/D41082
SS_START and higher actions (currently only SS_TUR) allocate a recovery
CCB to send a command to the periph. Add a quick comment about that here.
Sponsored by: Netflix
Reviewed by: mav
Differential Revision: https://reviews.freebsd.org/D41081
Extrapolate from the context what the intention for the rest of the
comment probably was -- that the C/POSIX (and now C.UTF-8) locales may
avoid an allocation and reuse a global table.
Reviewed by: bapt
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D41087
* em(4) obey administrative ifcaps for using hwcsum offload
* em(4) obey administrative ifcaps for hw vlan receive tagging
* em(4) add additional TSO6 ifcap, but disabled by default as is TSO4
* lem(4) obey administrative ifcaps for using hwcsum offload
* lem(4) add support for hw vlan receive tagging
* lem(4) Add ifcaps for TSO offload experimentation, but disabled by
default due to errata and possibly missing txrx code.
* lem(4) disable HWCSUM ifcaps by default on 82547 due to errata around
full duplex links. It may still be administratively enabled.
Reviewed by: markj (previous version)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D30072
Always set TXD_CMD_IP for 82544
Otherwise set TXD_CMD_IP for IPv4, not IPv6
Reviewed by: markj (previous version)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D30072
lld assumes -znoexecstack by default whereas ld.bfd still defaults to
-zexecstack in the absence of .note.GNU-stack annotations. Adding the
flags centrally avoids having to patch various libraries in the tree
as one-offs (e.g. OpenSSL 3 is the current thing generating new
warnings with ld.bfd).
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D41120
In some cases driver may ask FW about link state before FW finishes
configuration of a (Q)SFP+ transceiver. If first attempt of using Get Link
Status AQC after loading driver or handling a reset fails, then re-try
periodically for 5 seconds.
Signed-off-by: Krzysztof Galazka <krzysztof.galazka@intel.com>
Signed-off-by: Eric Joyner <erj@FreeBSD.org>
Tested by: jeffrey.e.pieper@intel.com
Approved by: erj@
MFC after: 2 days
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D40899
Intentionally or not, but the libwrap was written in such manner that
if your /etc/hosts.allow doesn't have any domain names, neither smart
keywords like LOCAL or KNOWN, then it will not try to resolve the
client address during the hosts check. This was achieved with the
NOT_INADDR() check that matched IPv4 addresses/prefixes. Extend this
to also skip resolve if client list token looks like IPv6.
Reviewed by: philip, emaste
PR: 269456
Differential revision: https://reviews.freebsd.org/D40070
This is a compromise between POLA and practical reasoning. We don't
want to block the main server loop in an attempt to resolve. But we
need to keep the format of the logged message as is, for sake of
sshguard and other scripts. So let's print just the IP address twice,
this is what libwrap's refuse() would do if it failed to resolve.
Reviewed by: philip
PR: 269456
Differential revision: https://reviews.freebsd.org/D40069
This part of ca573c9a17 proved to be unnecessary. As the removed
comment says, we set them merely for logging syntax errors, as we log
refusals ourselves. However, inside the libwrap the parser logs any
syntax errors with tcpd_warn() which has hardcoded LOG_WARNING inside.
Reviewed by: philip, emaste
Differential revision: https://reviews.freebsd.org/D40068
Historically, tftpd disallowed write requests to existing files
that are not publicly writable. Such requirement is questionable at least.
Let us make it possible to run tftpd in chrooted environment
keeping files non-world writable.
New option -S enables write requests to existing files
for chrooted run according to generic file permissions.
It is ignored unless tftpd runs chrooted.
MFC after: 1 month
Requested by: marck
Differential: https://reviews.freebsd.org/D41090 (based on)
The fips.so provider module exposing FIPS-validated algorithms was still
missing a number of symbols.
PR: 272454
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41018
