In the case of packed stream real size of the buffer does not fit in
Rx descriptor byte count. Real size is specified on Rx queue setup.
Non-zero fake should be used to bypass hardware checks.
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18100
Packed stream Rx datapath requires access to packed stream state
stored in event queue. Number of credits is upstead in event handler
on a new buffer, packets parsing on 64k boundary crossing and
Rx doorbell push to give credits back.
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18099
RxQ type provides more information which may be useful to
setup event queue appropriately.
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18098
Submitted by: Andrew Lee <alee at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18097
fix PreFAST issue, add missing annotation that function return value
should not be ignored. Fix alignment.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D18096
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18095
The checking performed in the ->envo_type_to_partn
internal method make these assertions unnecessary.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18094
Read existing flash content before writing, so the flash write can be
avoided if the existing partition content matches the new image. This
avoids unnecessary write cycles for the flash device, and may also be
faster. If the flash does need to be updated, verify the content after
writing.
Note that reading the flash content after writing but before calling
efx_nvram-rw_finish() avoids firmware bug68170, which can lead to
signed image updates failing on Medford.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18093
If the firmware reports a non-zero write chunk size then nvram writes
may fail if a different granularity is used (e.g. for MUM firmware on
Sorrento).
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18091
Tracking which partition is locked avoids being overly conservative
when EFX_NVRAM_xxx maps to more than one partition (depnding on the
current port number).
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18090
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18089
The existing name confuses support for secure boot with
support for reporting a verify result after an NVRAM update.
As the capability only reports support for returning a verify
result, change the name to be less confusing.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18088
Extend efx_nvram_rw_finish() to return firmware verify result code.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18087
This makes the verify result visible to efx_nvram_rw_finish(), which
can be extended to report it in a later patch.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18086
Simplify verify result handling in NVRAM update finish
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18085
Submitted by: Andrew Jackson <ajackson at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18083
Submitted by: Ivan Malov <ivan.malov at oktetlabs.ru>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18082
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18081
Update efx_rx_scale_mode_set(), efx_rx_scale_key_set()
and efx_rx_scale_tbl_set().
Submitted by: Mark Spender <mspender at solarflare.com>
Submitted by: Ivan Malov <ivan.malov at oktetlabs.ru>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18080
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18079
Rename efx_rx_scale_support_get() to efx_rx_scale_default_support_get(),
and efx_rx_hash_support_get() to efx_rx_hash_default_support_get().
All these really report is whether an exclusive RSS context was
successfully acquired at efx_rx_init().
efx_rx_scale_support_get() sounds like it reports whether the device
supports RSS, and whether exclusive or shared contexts are supported,
but it doesn't do that. Renaming it to
efx_rx_scale_default_support_get() helps to reflect that it reports
what RSS support the client gets without trying to allocate RSS
contexts itself.
Also rename efx_rx_scale_support_t to efx_rx_scale_context_type_t, to
make the enum more suitable for specifying the type of an RSS context
to be allocated.
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18078
The patch adds enc_rx_scale_max_exclusive_contexts member
to nic_cfg_t structure and sets the corresponding values
for Siena, Huntington and Medford
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18077
Default RSS context check is carried out during filter
insertion on Siena and it needs to be fixed
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D18076
Make the existing filter-specific define more general.
This is the same as MC_CMD_RSS_CONTEXT_ALLOC_OUT_RSS_CONTEXT_ID_INVALID.
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18075
On Medford, with full-featured firmware running, encapsulated
packets may not be delivered unless filters are inserted for
them, as ordinary filters are not applied to encapsulated
packets. So filters for encapsulated packets need to be
inserted for each class of encapsulated packet. For simplicity,
catch-all filters are always inserted. These may match more
packets than the OS has asked for, but trying to insert more
precise filters increases complexity for little gain.
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18074
This supports filters which match all unicast or multicast
inner frames in VXLAN, GENEVE, or NVGRE packets.
(Additional fields to match on can be added easily.)
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18073
MC_CMD_FILTER_OP_IN_EXT is needed to set filters for encapsulated
packets.
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18072
VXLAN/NVGRE (and Geneve) support is available on SFN8xxx with
full-feature firmware variant running.
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18071
Tx/Rx queue may be already flushed due to Tx/Rx error on the queue or
MC reboot. Caller needs to know that the queue is already flushed to
avoid waiting for flush done event.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D18070
MCDI results returned in req.emr_rc have already been translated
from MC_CMD_ERR_* to errno names, so using an MC_CMD_ERR_* value
is incorrect.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D18069
Improve error checking to avoid a caller overflowing the MCDI
request buffer if the requested TXQ size was excessively large.
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D18067
Some libefx-based drivers might need this functionality to
indicate DPCPU FW IDs as part of FW version info to assist
experienced users.
Submitted by: Ivan Malov <ivan.malov at oktetlabs.ru>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18065
If a libefx-based driver needs some way to clear port statistics,
then an MCDI agnostic method is required.
Submitted by: Ivan Malov <ivan.malov at oktetlabs.ru>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18064
This unreliably breaks libc handling of vfork where forking succeded,
but execve did not.
vfork code in libc performs waitpid with WNOHANG in case of failed exec.
With the fix exit codepath was waking up the parent before the child
fully transitioned to a zombie. Woken up parent would waitpid, which
could find a not-yet-zombie child and fail to reap it due to the WNOHANG
flag.
While removing the flag fixes the problem, it is not an option due to older
releases which would still suffer from the kernel change.
Revert the fix until a solution can be worked out.
Note that while use-after-free which gets back due to the revert is a real
bug, it's side-effects are limited due to the fact that struct proc memory
is never released by UMA.
The NFS client code (nfsrpc_readdir() and nfsrpc_readdirplus()) wasn't
filling in parts of the readdir reply, such as d_pad[01] and the bytes
at the end of d_name within d_reclen. As such, data left in a buffer cache
block could be leaked to userland in the readdir reply.
This patch makes sure all of the data is filled in.
Reported by: Thomas Barabosch, Fraunhofer FKIE
Reviewed by: kib, markj
MFC after: 2 weeks
The pointer to the child is stored without any reference held. Then it is
blindly used to wait until P_PPWAIT is cleared. However, if the child is
autoreaped it could have exited and get freed before the parent started
waiting.
Use the existing hold mechanism to mitigate the problem. Most common case
of doing exec remains unchanged. The corner case of doing exit performs
wake up before waiting for holds to clear.
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D18295
Various network protocol sysctl handlers were not zero-filling their
output buffers and thus would export uninitialized stack memory to
userland. Fix a number of such handlers.
Reported by: Thomas Barabosch, Fraunhofer FKIE
Reviewed by: tuexen
MFC after: 3 days
Security: kernel memory disclosure
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D18301
segment in the SYN-SENT state as stated in Section 3.9 of RFC 793,
page 66. Ensure this is also done by the TCP RACK stack.
Reviewed by: rrs@
MFC after: 1 week
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D18034
the TCP connection was initiated using the RACK stack, but the
peer does not support the TCP RACK extension.
This ensures that the TCP behaviour on the wire is the same if
the TCP connection is initated using the RACK stack or the default
stack.
Reviewed by: rrs@
MFC after: 1 week
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D18032
zero. This was already done when sending them via tcp_respond().
Reviewed by: rrs@
MFC after: 1 week
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D17949
Mirror the fix for the native i386 implementation from r218327. This
code is compiled only when the non-default COMPAT_43 option is
configured.
Reported by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Reviewed by: kib
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D18298
C Turt reports that the driver is not thread safe and may have
exploitable races.
Note that the proto device is intended for prototyping and development,
and is not for use on production systems. From the man page:
SECURITY CONSIDERATIONS
Because programs have direct access to the hardware, the proto
driver is inherently insecure. It is not advisable to use this
driver on a production machine.
The proto device is not included in any of FreeBSD's kernel config files
(although the module is built).
The issues in the proto device still need to be fixed, and the device is
inherently (and intentionally) insecure, but it might as well be limited
to root only.
admbugs: 782
Reported by: C Turt <ecturt@gmail.com>
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
