The option was originally added in r313524, but with incomplete
documentation.
MFC after: 1 week
Reviewed by: karels, gbe (manpages)
Differential Revision: https://reviews.freebsd.org/D35890
Look in _LIB_OBJTOP for all static libraries not just INTERNALLIBs. In
normal operation this is a no-op, but improves the consistency of this
file.
Reviewed by: imp, jhb
Obtained from: CheriBSD
Differential Revision: https://reviews.freebsd.org/D35822
Declarations of variables must be placed before the statements of a
block, by convention. Use 'must' instead of 'may' here and clarify
langauge.
Sponsored by: Netflix
Reviewed by: pstef, rpokala, hselasky
Differential Revision: https://reviews.freebsd.org/D35959
K&R function definitions will soon be obsolete. Work has been underway
to remove all K&R function definitions from the tree for a while now. A
future C version will remove this construct from the language. So
strengthen existing statements about K&R function definitions and
declarations.
While here, remove __P macro reference. It's not been in active use for
almost two decades apart from legacy contrib code.
Sponsored by: Netflix
Reviewed by: pauamma, rpokala, hselasky, kp, brooks, markm, emaste
Differential Revision: https://reviews.freebsd.org/D35945
QAT in-tree driver ported from out-of-tree release available
from 01.org.
The driver exposes complete cryptography and data compression
API in the kernel and integrates with Open Crypto Framework.
Details of supported operations, devices and usage can be found
in man and on 01.org.
Patch co-authored by: Krzysztof Zdziarski <krzysztofx.zdziarski@intel.com>
Patch co-authored by: Michal Jaraczewski <michalx.jaraczewski@intel.com>
Patch co-authored by: Michal Gulbicki <michalx.gulbicki@intel.com>
Patch co-authored by: Julian Grajkowski <julianx.grajkowski@intel.com>
Patch co-authored by: Piotr Kasierski <piotrx.kasierski@intel.com>
Patch co-authored by: Adam Czupryna <adamx.czupryna@intel.com>
Patch co-authored by: Konrad Zelazny <konradx.zelazny@intel.com>
Patch co-authored by: Katarzyna Rucinska <katarzynax.kargol@intel.com>
Patch co-authored by: Lukasz Kolodzinski <lukaszx.kolodzinski@intel.com>
Patch co-authored by: Zbigniew Jedlinski <zbigniewx.jedlinski@intel.com>
Reviewed by: markj, jhb (OCF integration)
Reviewed by: debdrup, pauamma (docs)
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D34632
A replacement QAT driver will be imported, but this replacement does not
support Atom C2xxx hardware. So, the existing driver will be kept
around to provide opencrypto offload support for those chipsets.
Reviewed by: pauamma, emaste
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D35817
ELFCOMPRESS_ZSTD indicates that an ELF section is compressed with zstd.
It is the second compression type, after the existing ELFCOMPRESS_ZLIB.
Zstd generally provides a compelling tradeoff of speed and compression
(other algorithms may compress slightly better but take a lot longer,
or run faster but do not compress nearly as well).
See https://groups.google.com/g/generic-abi/c/satyPkuMisk for details.
ELFCOMPRESS_ZSTD will be supported in a future Clang/LLVM update. ELF
Tool Chain tools also need updating.
Reviewed by: Fangrui Song
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
EMDEDDEDPORTS does not contain devel/subversion anymore.
Fixes: a03128832c In extra_chroot_setup(), use 'uname -U' to determine OSVERSION.
MFC after: 1 week
In preparation for updates including missing variables, sort the
sysctl variables in the MIB variables section alphabetically.
Add a new "hostcache" entry for the hostcache node, containing the
intro text that was previously in hostcache.enable. Also cleanups
per review comments.
Reviewed by: transport(tuexen), manpages(bcr)
Differential Revision: https://reviews.freebsd.org/D35844
MFC after: 1 week
(cherry picked from commit 5cf709ce72c0b6eb4b4d57db015a65f8a84166d5)
Sort the sysctl(3)/sysctl(8) variables in the MIB Variables section
alphabetically. This is in preparation for adding missing variables
(at least in inet.4 and icmp.4). A few other touchups suggested in
review.
Reviewed by: bcr
Differential Revision: https://reviews.freebsd.org/D35843
MFC after: 1 week
(cherry picked from commit 3b656d465127de066511b6ffd02fb9fef85c7a53)
Generally, access to the kernel debugger is considered to be unsafe from
a security perspective since it presents an unrestricted interface to
inspect or modify the system state, including sensitive data such as
signing keys.
However, having some access to debugger functionality on production
systems may be useful in determining the cause of a panic or hang.
Therefore, it is desirable to have an optional policy which allows
limited use of ddb(4) while disabling the functionality which could
reveal system secrets.
This loadable MAC module allows for the use of some ddb(4) commands
while preventing the execution of others. The commands have been broadly
grouped into three categories:
- Those which are 'safe' and will not emit sensitive data (e.g. trace).
Generally, these commands are deterministic and don't accept
arguments.
- Those which are definitively unsafe (e.g. examine <addr>, search
<addr> <value>)
- Commands which may be safe to execute depending on the arguments
provided (e.g. show thread <addr>).
Safe commands have been flagged as such with the DB_CMD_MEMSAFE flag.
Commands requiring extra validation can provide a function to do so.
For example, 'show thread <addr>' can be used as long as addr can be
checked against the system's list of process structures.
The policy also prevents debugger backends other than ddb(4) from
executing, for example gdb(4).
Reviewed by: markj, pauamma_gundo.com (manpages)
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D35371
Our uses of tar rely on BSDisms, and so do not work in environments
where GNU tar is the default tar. Providing a TAR_CMD variable like
some other commands allows it to be overridden to use bsdtar in such
cases.
Reviewed by: brooks, delphij, gjb
Obtained from: CheriBSD
Differential Revision: https://reviews.freebsd.org/D35813
Older sysctls with constant OID macros were identified with those
in inet.4, tcp.4, and udp.4; newer sysctls with automatic numbering
were identified by sysctl names. No one remembers the OID macros,
or knows what they are; sysctls are always done by name now, usually
via sysctl(8).
Replace the OID macro names with sysctl names so that there is one
uniform identifier type; sysctl names were previously in parens.
Make the formatting a little more consistent in this area. In inet.4
and udp.4, move the "ip." or "udp." prefix from each entry into the
top-level name at the start of the section, as they are all the same.
Reviewed by: rpokala
Differential Revision: https://reviews.freebsd.org/D35806
Combined changes to allow experimentation with net 0/8 (network 0),
240/4 (Experimental/"Class E"), and part of the loopback net 127/8
(all but 127.0/16). All changes are disabled by default, and can be
enabled by the following sysctls:
net.inet.ip.allow_net0=1
net.inet.ip.allow_net240=1
net.inet.ip.loopback_prefixlen=16
When enabled, the corresponding addresses can be used as normal
unicast IP addresses, both as endpoints and when forwarding.
Add descriptions of the new sysctls to inet.4.
Add <machine/param.h> to vnet.h, as CACHE_LINE_SIZE is undefined in
various C files when in.h includes vnet.h.
The proposals motivating this experimentation can be found in
https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-0https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-240https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-127
Reviewed by: rgrimes, pauamma_gundo.com; previous versions melifaro, glebius
Differential Revision: https://reviews.freebsd.org/D35741
Apart from improving readability, this commit mentions that
<name>_oomprotect is ignored in a jail environment. Also, replace
${name}_cmd with the correct ${argument}_cmd and point the reader to
rc.subr(8).
MFC after: 1 week
Add an option to enable/disable DTrace without disabling ZFS. New
architectures such as CHERI may support ZFS before they support DTrace
and the old model of WITHOUT_CDDL disabling both wasn't helpful.
For compatiblity, the CDDL option remains and WITHOUT_CDDL implies
WITHOUT_DTRACE. WITHOUT_DTRACE also implies WITHOUT_CTF.
As part of this change, largely convert cddl/*/Makefile to using the
more compact SUBDIR.${MK_<FOO>}+= form rather than using intermediate
variables.
Reviewed by: markj
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D35718
Document the existing alias definitions, and augment the example with
one of these. Also, describe the purpose of the newly added _FLAGS
variations of these command definitions.
Make some small style improvements to appease mandoc -Tlint.
Reviewed by: markj
MFC after: 3 days
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D35664
After some discussion, for now, simply revert the change to split
the driver up into if_rtw88_core.ko and if_rtw88_pci.ko as we do
not have an if_rtw88.ko anymore. We do have code trying to
auto-load modules, e.g. ifconfig, based on if_xxx.ko.
We could, based on Makefile magic or further code, generate a
if_rtw88.ko module with proper dependencies and keep this but for
simplicity stay with the one slightly larger module for now.
Should code appear to do this "properly" we can revisit this once
USB support has landed.
Slightly update the module Makefile to keep the separation of files
between core and pci bits visible and maintainable for the future.
This reverts commit 0f7b9777f8.
Based on an email mhorne@ sent to arch@.
Reviewed by: debdrup, pauamma_gundo.com
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D34565
Now that -m32 is fixed, just install libs in ${WORLDTMP}/lib/lib32
and use the installed headers.
Reviewed by: imp, jhb
Obtained from: CheriBSD
Differential Revision: https://reviews.freebsd.org/D34697
The Hardware currently doesn't support TSO feature and it can be
misleading to mention that in the docs.
All references to the docs were removed from the man pages.
Obtained from: Semihalf
MFC after: 2 weeks
Sponsored by: Amazon, Inc.
Also, update the BUGS section. The example describes an issue, which is
not true anymore thanks to sysctl_lastload. Point readers to rcorder(8)
instead.
MFC after: 2 weeks